Privacy Policy

Ubuntu Solutions Inc., a Delaware corporation doing business as PaySlice, and its affiliates (collectively, "PaySlice," "us," "our," and "we") is committed to protecting your privacy and personal information. This Privacy Policy describes our privacy practices and how we handle information that we collect, use, disclose, and safeguard information when you access our products, services, features, or content through, without limitation, our website, applications, business offerings, application programming interfaces ("APIs"), communications between you and us, services, features, or content (collectively, the "Service"). This Privacy Policy does not apply to information we collect offline or through any other means, including on any other website operated by PaySlice, or any third party, including through any application or content that may link to or be accessible from or through this website. As used herein, the term "you" (including any variant) refers to each individual who enters into this Privacy Policy on such individual's own behalf or any entity on behalf of which an individual enters into this Privacy Policy, in which case you represent and warrant that you have the authority to bind that entity to this Privacy Policy (and in that case, "you" will refer to the individual and that entity).

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, DO NOT TO USE OUR SERVICE. BY ACCESSING, BROWSING OR OTHERWISE USING THE SERVICE, YOU ARE ACCEPTING AND AGREEING TO BE BOUND BY AND ABIDE BY THE TERMS, AND YOU REPRESENT AND WARRANT THAT YOU HAVE THE RIGHT, AUTHORITY AND CAPACITY TO ENTER INTO AND AGREE TO THE TERMS (ON BEHALF OF YOURSELF OR THE ENTITY THAT YOU REPRESENT).

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service or your giving us personal information after the effective date of any modified Privacy Policy indicates your consent to and acceptance of the modified Privacy Policy.

WE DO NOT SELL YOUR PERSONAL INFORMATION FOR MONEY, AND WE DO NOT "SELL" OR "SHARE" YOUR PERSONAL INFORMATION AS THOSE TERMS ARE DEFINED BY APPLICABLE U.S. STATE PRIVACY LAWS.

Eligibility to use the Service

The Service is not directed to or intended for use by individuals under eighteen (18) years of age. No one under the age of eighteen (18) may provide any personal information. We do not knowingly collect personal information from individuals under eighteen (18). If we learn that we have collected personal information through the Service from an individual under eighteen (18) years of age without the consent of the individual's parent or guardian as required by law, we will delete it. If you believe we have collected or received personal information from an individual under eighteen (18) years of age please contact us at the information provided below under "How to contact us".

Notice of personal information we may collect

We collect categories of personal information that you provide to us, either directly or through your use of the Service. This may include information that, alone or in combination with other data we possess, can be used to identify you. If you choose to connect your account on a third-party platform or network to your account through the Service, we may also collect information from that platform or network. We may combine the personal information you provide with information we obtain from third-party sources or through automated means, or through automatic logging by our service providers and business partners. Such information may include, but is not limited to:

• Personal Identification Information: Such as your first and last name, email address, phone number and home mailing addresses (providing mailing address information is optional to use the Service, but failure to provide such information, or failure to provide accurate or complete information, may impact your use of the Service);
• Profile Information: Such as the username and password that you may set to establish an online account with us, and any other information that you add to or is associated with your account;
• Financial Information (including bank and transaction information via Plaid): Such as your bank account, transaction data, last-four digits of your bank account number, routing and account numbers and tokens, debit card numbers and tokens (e.g. as used for Instapay) and payment method for subscription. When you connect a bank account through Plaid, Plaid provides us with account ownership details, account identifiers that may be tokenized), balances, and up to twelve (12) months of transactions. We do not receive or store your bank login credentials. See Plaid's End User Privacy Policy for additional details.;
• Payment Processors and Card Networks Information: Such as payment status, chargeback and return codes, tokenized card identifiers, risk signals, and subscription billing history.
• Workplace, Work History and Pay Frequency Information: Such as the name, email address and phone number of your current and prior employer(s) (providing such information is optional to use the Service, but failure to provide such information, or failure to provide accurate or complete information, may impact your use of the Service);
• Pay Frequency: Such as your next expected pay date, typical payday, payroll provider, compensation type, employment status and pay cadence (e.g. weekly, biweekly, semi-monthly, monthly);
• Commercial Use Information: Such as records of your advance amounts and dates, chosen payout method (ie. Instapay or ACH), subscription or trial status and related billing events;
• Geolocation Information: Such as generalized location inferred from your internet protocol (IP) address (e.g. city or region, country, time zone), coarse device location signals (e.g. Wi-Fi or cell-tower), network country code, approximate ZIP/postal code derived from IP address and approximate location at the time of key events (e.g. sign-in, payout, repayment attempt), and location when you authorize the Service to access your device's location;
• Technical Usage Information: Such as your interactions, use, and visits to the Services, including but not limited to information about your timezone, IP address, dates of access, device data including operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g. phone, tablet), unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, and network information (e.g. Wi-Fi, LTE, 5G), via cookies, analytics programs, software, and other tracking technology
• Device Information: Such as the operating system, browser, name of the device you are using to access the Services;
• Communications Information: Such as communications that we exchange with you, including when you contact us with questions or feedback, through the Service, email, social media, or otherwise; and
• Marketing Information: Such as your preferences for receiving our marketing communications and details about your engagement with them.

Gramm-Leach-Bliley Act (GLBA) Financial Privacy Notice and Carve-Out.

Certain information we collect and process in providing you the Service (including "nonpublic personal information" (NPI) such as bank and bank account identifiers and tokens, balances and transactions received via Plaid, advance, repayment and subscription billing records, and information you provide in your application or during servicing) is governed by the federal law under GLBA and its implementing regulations. To the extent any conflict exists, GLBA controls how we collect, use, and share NPI and such data is exempt from state privacy rights (e.g. access, deletion, sale and sharing opt-outs) that would otherwise apply to non-GLBA data. We do not "sell" or "share" NPI for cross-context behavioral advertising. We may share NPI as permitted by GLBA (e.g. with service providers, payment partners, affiliates, fraud/risk and compliance vendors, or as required by law). We provide a separate GLBA Financial Privacy Notice to customers that explains our GLBA practices and your GLBA opt-out choices (if applicable); that notice governs for NPI. State privacy rights described herein apply to non-GLBA data (for example, general account and profile information). To request our GLBA notice or ask whether specific data is GLBA-covered, contact support@payslice.com.

Cookies, Software Development Kits (SDKs) and Similar Technologies.

We and our partners, as with many online service providers, use or may use the following technologies to operate the Service, remember preferences, analyze traffic and personalize content. You can manage non-essential technologies via in-product Cookie Settings and browser or device controls. Blocking cookies may impair some features. Where required, we honor Global Privacy Control (GPC) signals. Technologies we use include, but are not limited to:

• Cookies: small files stored in your browser to keep you signed in, remember preferences, enable features, measure usage, and support security and fraud prevention;
• Local Storage (e.g. HTML5): browser or app storage that can hold data similar to cookies (often in larger amounts) for settings and offline caching;
• Web Beacons: code that confirms a page/email was opened or specific content was viewed/clicked, used for performance, deliverability, and campaign measurement;
• Mobile and App SDKs & IDs: software embedded in our apps that collects app events and diagnostics and may use mobile advertising identifiers for analytics and, when permitted, advertising measurement; and
• Log Files & Telemetry: IP address, user-agent, timestamps, referrer, crash/error logs, and similar data used for security, debugging and analytics.

How we may use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

• create and secure your account, including establishing and maintaining your user profile on the Service, enabling security features (e.g. verification codes, remembered devices);
• determine eligibility and underwrite advances, including conducting Know Your Customer (KYC), sanctions and other compliance checks permitted by law and supporting automated decision-making for eligibility and fraud (with human review as required);
• fund payouts and process ACH repayments (including chargebacks and returns);
• process your payments (e.g. subscription billing) and complete transactions with you;
• provide and support the Service, including providing support and responses to your requests, questions, and feedback;
• manage risk and perform analytics, including conducting research and development to operate, improve, and personalize the Service and our business;
• prevent, detect, and investigate fraud, security incidents, and misuse (including harmful, unauthorized, unethical, or illegal activity) and deter such activity from occurring
• comply with laws and regulations, including auditing our internal processes for legal and policy compliance, enforcing the terms governing the Service; protecting our, your, or others' rights, privacy, safety and property, and making or defending legal claims.
• comply with legal and regulatory obligations;
• improve features and functionality, including operating, maintaining and enhancing the Service, and performing diagnostics and performance monitoring to ensure reliability and quality;
• conduct limited advertising and communications, including communicating about the Service (e.g. announcements, updates, security alerts, administrative messages) and, as permitted, sending or measuring marketing; and
• support automated decisioning for eligibility and fraud.

Aggregated or de-identified information for research and development.

We may use personal information for research and development to analyze, improve and enhance the Service and our business. In doing so, we may create aggregated and/or de-identified data by removing information that reasonably identifies you (the "Aggregated Data"). We will not attempt to re-identify Aggregated Data, and we contractually prohibit our service providers and partners from doing so. We may use, disclose, publish, or make Aggregated Data available to third parties for lawful business purposes (including analyzing and improving the Service and promoting our business) all in accordance with applicable law.

Marketing.

We may use your personal information to send PaySlice-related marketing (as permitted by law). You can opt out as described in Opt-out of Marketing Communications. We do not sell personal information for money, and we do not "sell" or "share" personal information for cross-context behavioral or interest-based advertising under applicable state laws. We may still perform non-targeted (contextual) advertising and measurement using Aggregated Data. We honor Global Privacy Control (GPC) where required.

With your consent.

In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

How we disclose and share your information

We disclose personal information only as described below to operate the Service (including instant, no-interest advances), comply with law, prevent fraud, and provide support. We do not sell your personal information for money and we do not share sensitive financial data for advertising. As required, we contractually restrict vendors to use personal information solely to perform services for us. We may disclose information as otherwise described in this Privacy Policy or at the time of collection, without further notice unless required by law.

• Service Providers and Vendors: third parties that provide services on our behalf or help us operate the Service or our business, including hosting and cloud infrastructure, security, information technology, customer support, communications delivery, analytics and metrics, fraud and risk tools, and identity verification;
• Payment Partners (e.g. Plaid): to connect and verify your accounts (e.g. via Plaid), process payouts (Instapay or ACH) and process automatic ACH repayment, and handle returns, chargebacks, gateways, card networks, and related partners;
• Affiliates: our corporate parent, subsidiaries, and affiliates, for purposes and uses and in a manner consistent with this Privacy Policy and applicable financial-privacy law.
• Professional Advisors: professional advisors, such as lawyers, auditors, bankers, and insurers under confidentiality obligations and when necessary in the course of the professional services that they render to us;
• Authorities and Other Legal Disclosures: to comply with law, legal process, or lawful requests; to protect the rights, property, or safety of you, us, our users, or the public; and to detect, prevent, or address fraud, security, or technical issues, in each case as we believe in good faith to be necessary or appropriate for compliance and protection purposes described in this Privacy Policy;
• Advertising partners: limited identifiers and usage data to run or measure advertising and improve our marketing (we do not disclose bank-login credentials or transaction-level financial data to ad networks);
• Business Transfers: in connection with (or during negotiations for) a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business, personal information may be transferred to a successor or affiliate as part of such a transaction;
• At Your Direction (e.g. third-party connections): when you enable a connection or integration (e.g. linking the Service to Plaid), we disclose the information you authorize and the third party's use is governed by its own policies; and
• Other Users and the Public: only when you choose to make information visible to others (e.g. public forums or profiles). You should not share financial or sensitive data in public areas of the Service.

Your choices and rights

You have the following choices with respect to your personal information and, depending on location, you may have certain statutory rights to:

• Access, Delete, Transfer or Update Your Information: If you have registered for an account with us through the Service, you may access, delete, transfer or update certain account information by logging into the account. For security reasons, changes to bank account information must be requested through our support team via the account page, and we may require additional identity verification before processing such requests.
• Opt-Out of Marketing Communications: You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, as applicable, or by contacting us at: support@payslice.com. Please note that if you choose to opt-out of marketing-related communications, you may continue to receive service-related and other non-marketing communication.
• Cookie Restrictions: We and our service providers use cookies and similar technologies (including web beacons/pixels, local storage, and SDKs) to operate the Service, remember your preferences, analyze traffic, and personalize content and ads. You can manage or withdraw your consent for non-essential technologies at any time via our [COOKIE SETTING HYPERLINK] control in the Service. Most browsers also let you block and delete cookies and other storage (e.g. HTML5 local storage) and limit tracking (e.g. by using private browsing or tracking-prevention settings). If you block or delete cookies, some features of the Service may not function properly. We honor the Global Privacy Control (GPC) signal where required by law. For interest-based advertising controls, you can also use your device's reset/limit-ad-tracking settings and applicable industry opt-outs.
• Do Not Track: Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit www.allaboutdnt.com.
• Declining to Provide Information: You may choose not to provide certain personal information. However, we may need to collect specific information to provide certain Services (for example, to create and maintain an account, verify your identity, or process payments). If you do not provide information we identify as required or mandatory, we may be unable to provide or continue providing the relevant Services. Where permitted by law, we may still process limited information necessary for security, fraud prevention, or to comply with legal obligations.
• Third-Party Platforms (e.g. Plaid): If you choose to connect the Service to a third-party platform (e.g. Plaid as a bank-connection service) you may be able to use that platform's settings to limit the information we receive. If you revoke our access on the third-party platform, that choice will not affect information we have already received from that platform. We may continue to process previously received information as permitted by law and our agreements; to delete it, please submit a privacy request through the methods described herein. For clarity, when connecting through Plaid or similar providers, we do not receive your bank login credentials; instead, we receive account and transaction information made available via the provider's APIs.
• Advertising choices: You can opt-out of or limit use of your information for interest-based advertising in several ways. Please note that opt-outs are browser and device-specific and may not persist if you clear cookies or switch devices. These tools reduce targeted ads but do not eliminate all advertising, and some partners do not participate in industry opt-outs—so using multiple controls provides broader coverage.:
  • In-product controls: Use our [COOKIE SETTING HYPERLINK] to turn off non-essential cookies/SDKs.
  • Global Privacy Control (GPC): If your browser sends a valid GPC signal, we treat it as an opt-out of "sale" or "sharing" and targeted ads for that browser where required by law.
  • Browser settings: Block or clear third-party cookies and other storage in your browser. Note that clearing cookies may also clear your opt-outs, so you may need to reapply them.
  • Privacy browsers/plug-ins: By using privacy browsers or ad-blocking browser plug-ins that let you block tracking technologies.
  • Platform settings: Major ad platforms such as Google and Facebook offer opt-out features that let you opt-out of use of your information for interest-based advertising:
    • Google: https://adssettings.google.com/
    • Facebook: https://www.facebook.com/about/ads
  • Device settings (ie. mobile ad IDs):
    • for iOS, go to Settings → Privacy & Security → Tracking (limit/deny tracking); you can also reset your Advertising Identifier.
    • for Android, go to Settings → Google → Ads → "Delete advertising ID" / "Opt out of Ads Personalization."
  • Industry opt-out tools (participants only): Ad industry opt-out tools. Opting out of interest-based ads from companies participating in the following industry opt-out programs:
    • Network Advertising Initiative: www.networkadvertising.org/managing/opt_out.asp
    • Digital Advertising Alliance: optout.aboutads.info
    • AppChoices mobile app, available at www.youradchoices.com/appchoices, which will allow you to opt-out of interest-based ads in mobile apps served by participating members of the Digital Advertising Alliance.

You will need to apply these opt-out settings on each device from which you wish to opt-out. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked to above.

Other sites and services

The Service may contain links to third-party operated services and business offerings such as websites, mobile applications, and other online services. In addition, our content may be integrated into web pages or other online services that are not associated with or controlled by us. The information you share with such third-party services are governed by policies and practices of the third-parties and not governed by this Privacy Policy. These links and integrations are not an endorsement by us of or representation that we are affiliated with or have reviewed any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies and practices of the other websites and mobile applications and online services you use, and please contact such third parties directly for additional information on their privacy policies and practices.

Security

We implement commercially reasonable, technical, administrative organizational and physical safeguards designed to protect the personal information we collect both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or description. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information. Therefore, you should take special care in deciding what information you send to us or any third-parties. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service or third party services and business offerings.

Retention of your personal information

We retain personal information only as long as necessary to provide the Service and for other legitimate business purposes (e.g. fraud prevention, chargeback and return windows, audits, tax and accounting, and legal or regulatory compliance) and then delete or de-identify it. How long we keep information depends on factors including the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process it and applicable legal requirements. By way of example, we typically retain subscription and transaction records for about seven (7) years (primarily for tax, audit and compliance purposes), fraud, risk and eligibility logs for up to five (5) years (or longer if required by law), and support communications for up to one (1) year after account closure. We may also create and use Aggregated Data for analytics, research, and product improvement and will not attempt to re-identify it; we may retain such Aggregated Data indefinitely.

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

Your Privacy Rights

You may have additional rights under the laws of your state in which you reside.

For example, if you are a California resident, you may have certain rights under the California Consumer Privacy Act ("CCPA") with respect to information collected by us during the twelve (12) months preceding your request to exercise such rights. These include the right to (i) request access to, details regarding, and a copy of the personal information we have collected about you and/or shared with third parties; (ii) request deletion of the personal information that we have collected about you; and (iii) the right to opt-out of sale of your personal information. As the terms are defined under the CCPA, we do not "sell" your "personal information."

California residents may also request the following information (to the extent we share your personal information in this way): (i) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year and (ii) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.

To exercise your privacy rights as a resident of California or another state please contact us at support@payslice.com. In your request, you must provide your first and last name, your mailing address, and certify that you are a resident of California or the state under which you are exercising your privacy rights. We reserve the right to require additional information to confirm your identity and residency. Please note that we will not accept requests via telephone, mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.

Notwithstanding the above, we cannot edit or delete any information that is stored on a blockchain or other technologies involving immutable records.

How to contact us

PaySlice Inc.

Email: support@payslice.com