DebtSettle.ai Privacy Policy

1. Introduction

DebtSettle.ai ("DebtSettle," "we," "our," or "us") provides a do-it-yourself debt-settlement tracking platform that helps users organize, monitor, and complete their own creditor negotiations. We value your privacy and are committed to safeguarding the personal information you share with us when you visit debtsettle.ai or use any of our related mobile or web applications (collectively, the "Services"). This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

2. Information We Collect

We do not request or store Social Security numbers, dates of birth, bank-account or routing numbers.

3. How We Use Your Information

1. Provide and improve the Services – personalize dashboards, generate payment reminders, and enhance features based on aggregate usage.
2. Security & fraud prevention – monitor, detect, and respond to suspicious activity and maintain the integrity of our systems.
3. Customer support & communications – respond to inquiries, send transactional notices, and deliver product updates or legal notices.
4. Legal & compliance – comply with applicable laws, regulations, court orders, or enforce our Terms of Service.
5. Analytics & performance – conduct internal research to understand how users interact with the Services (data are de-identified where feasible).
6. Consent-based activities – any other purpose you authorize, such as participating in beta tests or receiving marketing emails (opt-out anytime).

4. Legal Bases for Processing (GDPR / UK GDPR)

Where the European Union, United Kingdom, or similar laws apply, we process personal data on one or more of the following bases:

• Performance of a contract (Art. 6(1)(b)) – to deliver the Services you request.
• Legitimate interests (Art. 6(1)(f)) – to secure and improve the Services, provided such interests are not overridden by your rights.
• Consent (Art. 6(1)(a)) – for optional features such as marketing; you may withdraw consent at any time.
• Legal obligation (Art. 6(1)(c)) – when necessary to comply with applicable law.

5. Disclosure of Information

We never sell your personal data. We share information only:

1. Service Providers & Sub-Processors – cloud hosting, email delivery, analytics, customer-support platforms—strictly under confidentiality agreements.
2. Business Transfers – in connection with mergers, acquisitions, or asset sales (we will provide notice before personal data become subject to a different policy).
3. Legal Requirements – if compelled by subpoena, court order, or to defend our legal rights.
4. With Your Consent – when you integrate a third-party service or expressly ask us to share data.

6. Cookies & Tracking Choices

You can manage cookie preferences through your browser settings or our cookie banner (where required). Disabling cookies may affect certain features.

For interest-based advertising, you can opt out via the Digital Advertising Alliance (U.S.), Digital Advertising Alliance of Canada, or European Interactive Digital Advertising Alliance.

7. Data Security

We employ industry-standard safeguards, including:

• End-to-end TLS encryption in transit
• AES-256 encryption at rest for sensitive fields
• Network firewalls, intrusion detection, access controls, and annual penetration testing
• Strict least-privilege employee access; all staff sign confidentiality agreements
• Regular backups and disaster-recovery procedures

No internet transmission or storage system is 100% secure. We therefore encourage you to use unique, strong passwords and enable multi-factor authentication where available.

8. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Policy, including:

• While your account is active or as needed to provide Services
• For legal, accounting, or reporting obligations (typically up to seven years)
• Until you delete specific data or close your account (subject to backup-system latency)

9. Your Rights & Choices

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Delete your data or restrict its processing
• Port data to another provider
• Object to certain processing activities
• Opt out of "sale" or "sharing" (as defined under the California Consumer Privacy Act, "CCPA")

To exercise any of these rights, email support@debtsettle.ai. We will verify your identity and respond within the timeframe required by applicable law.

10. International Data Transfers

We are headquartered in the United States and may process information in other countries where we or our service providers operate. When transferring personal data outside its country of origin, we rely on:

• Adequacy decisions (where applicable)
• Standard Contractual Clauses or other approved safeguards
• Your explicit consent, when required

11. Children's Privacy

DebtSettle.ai is not directed to children under 18 years of age (or other minimum age defined by local law). We do not knowingly collect personal data from minors. If you believe a minor has provided personal data, please contact us so we can delete it.

12. Changes to This Privacy Policy

We may update this Policy periodically. Material changes will be posted on this page and, if significant, we will notify you via email or an in-app alert. The "Last Updated" date at the top indicates when the latest revisions took effect.

13. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact:

You may also have the right to lodge a complaint with your local supervisory authority or data-protection regulator.