Privacy Policy

    Last updated: December 10, 2025

    1. Introduction

    CapitalSnapshot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial analytics platform, in compliance with the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.

    2. Data Controller

    CapitalSnapshot acts as the data controller for the personal data we collect. For any questions regarding this policy or your data rights, please contact us at [email protected].

    3. Data We Collect

    We collect the following categories of personal data:

    • Account Information: Name, email address, company name, and password
    • Financial Data: Bank statements, revenue data, and financial metrics you choose to connect
    • Usage Data: How you interact with our platform, features used, and session information
    • Technical Data: IP address, browser type, device information, and cookies
    • Communication Data: Records of correspondence when you contact us

    4. Legal Basis for Processing

    Under GDPR, we process your data based on:

    • Contract Performance: To provide our services as agreed
    • Legitimate Interests: To improve our services and ensure security
    • Legal Obligation: To comply with applicable laws
    • Consent: For marketing communications and optional features

    5. How We Use Your Data

    • Provide and maintain our financial analytics services
    • Generate financial reports, forecasts, and insights
    • Process and analyze your financial data securely
    • Send service-related notifications and updates
    • Respond to your inquiries and provide customer support
    • Improve and personalize your experience
    • Detect and prevent fraud and security issues

    6. Your Rights Under GDPR

    As an EU resident, you have the following rights:

    • Right of Access: Request a copy of your personal data
    • Right to Rectification: Request correction of inaccurate data
    • Right to Erasure: Request deletion of your data ("right to be forgotten")
    • Right to Restriction: Request limitation of data processing
    • Right to Data Portability: Receive your data in a structured, machine-readable format
    • Right to Object: Object to processing based on legitimate interests
    • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

    To exercise these rights, contact us at [email protected]. We will respond within 30 days.

    7. Data Retention

    We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Financial data is retained for the duration of your account plus 7 years for legal compliance. You may request deletion at any time, subject to legal retention requirements.

    8. Data Security

    We implement appropriate technical and organizational measures to protect your personal data, including encryption at rest and in transit, access controls, regular security audits, and secure data centers within the EU. However, no method of transmission over the Internet is 100% secure.

    9. International Transfers

    Your data is primarily stored within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure adequate protection through Standard Contractual Clauses or other approved mechanisms under GDPR.

    10. Third-Party Services

    We may share data with trusted third parties who assist in operating our platform (e.g., cloud hosting, payment processors). These parties are bound by data processing agreements and only process data on our behalf.

    11. Cookies

    We use essential cookies for platform functionality and analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings. For more details, see our cookie banner upon first visit.

    12. Supervisory Authority

    If you believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection authority within the EU.

    13. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our platform. Continued use of our services after changes constitutes acceptance.

    14. Contact Us

    For any questions about this Privacy Policy or to exercise your data rights, please contact:
    Email: support [@] capitalsnapshot.com
    Data Protection Officer: support [@] capitalsnapshot.com