Your Privacy is Our Priority
TransactIQ is built for finance professionals who demand institutional-grade security and confidentiality. This policy explains how we collect, use, and protect your information.
⚡Key Highlights
- •We never sell your data to third parties or use it for advertising
- •Bank-level encryption (AES-256) protects all stored data
- •You control your data with full access, export, and deletion rights
- •SOC 2 Type II certified infrastructure with annual audits
Information We Collect
We collect information necessary to provide our merger-arbitrage intelligence services: (1) Account Information including name, email address, organization name, and billing details; (2) Document Data including SEC filings you upload or analyze, press releases, and merger agreements; (3) Usage Data including API requests, feature utilization, search queries, and interaction analytics; (4) Technical Data including IP addresses, browser type, device identifiers, and system configuration for security and performance optimization.
How We Use Your Information
Your data powers our AI-driven analysis platform: (1) Service Delivery – generating filing summaries, deal spread calculations, and merger probability analysis; (2) Platform Improvement – training machine learning models, improving summary accuracy, and optimizing performance; (3) Security – detecting fraudulent activity, preventing unauthorized access, and ensuring data integrity; (4) Communication – sending transaction confirmations, product updates, and critical security notifications. We never sell, rent, or share your data with third parties for marketing purposes.
Data Storage & Retention
Your data is stored in secure, SOC 2 compliant data centers with redundancy and disaster recovery capabilities. Active account data is retained for the duration of your subscription plus 90 days. Inactive accounts are archived after 12 months of non-use. Upon deletion request, all personally identifiable information is purged within 30 days, except where retention is required by law (e.g., financial records for 7 years per IRS regulations).
Security Measures
We employ enterprise-grade security controls: (1) Encryption – AES-256 encryption at rest, TLS 1.3 in transit; (2) Access Controls – role-based access with least privilege principles, multi-factor authentication for all administrative functions; (3) Monitoring – 24/7 intrusion detection, automated threat intelligence, and quarterly security audits; (4) Compliance – GDPR, CCPA, and SOC 2 Type II certified infrastructure. All employees undergo background checks and sign confidentiality agreements.
Your Privacy Rights
You maintain full control over your data: (1) Access – request a complete copy of your data at any time; (2) Correction – update inaccurate information through your account settings; (3) Deletion – request permanent removal of your data (subject to legal retention requirements); (4) Portability – export your filings, summaries, and analysis in machine-readable format; (5) Opt-Out – unsubscribe from marketing communications while maintaining service notifications. To exercise these rights, contact arbitragedge@proton.me with your request.
Cookies & Tracking
We use essential cookies for authentication, session management, and security. Optional analytics cookies (Google Analytics, PostHog) help us understand feature usage and identify performance bottlenecks. You can disable non-essential cookies through your browser settings without impacting core functionality. We do not use cookies for advertising or cross-site tracking.
Third-Party Services
We integrate with carefully vetted service providers for essential functions: (1) Leading AI providers for document analysis (data is not used to train their models); (2) PCI-compliant payment processors (we never store full credit card numbers); (3) Enterprise cloud infrastructure providers for secure hosting; (4) Transactional email services for account notifications. All third parties are contractually bound to protect your data and maintain industry-standard security certifications.
International Data Transfers
Your data may be processed in the United States and other jurisdictions where our service providers operate. We ensure adequate safeguards through Standard Contractual Clauses (SCCs) approved by the European Commission. For EU/UK users, we comply with GDPR requirements including data protection impact assessments and transfer mechanisms.
Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will delete it immediately.
Policy Updates
We may update this privacy policy to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated via email 30 days in advance and prominently displayed in the application. Continued use of our services after the effective date constitutes acceptance of the updated policy. The current version and revision history are always available at this URL.