(Last revised May 25, 2023)

Bridgeover Privacy and Data Protection Policy

Effective 5/25/2023

At Bridgeover, we are committed to protecting your privacy and personal information. This Privacy and Data Protection Policy describes how we collect, receive, store, use and protect your information in accordance with applicable laws and regulations, in connection with the use of our websites, our mobile apps, programs and partnerships which we offer in connection with the the Bridgeover service (collectively, the “Services”). Unless we link to a different policy or state otherwise, this Privacy Policy applies when you visit or use our Services.

Any details as regards the terms and conditions of the service can be found by accessing the following: https://bridgeover.io/terms-of-use-v2-3/

We at Bridgeover support the following principles:

We are committed to process personal data honestly, ethically, with integrity, and always consistent with applicable law and our values.
We are transparent about the personal data we collect, use, share and store.
Individuals using the service should easily understand how we collect and process their personal data and their rights, with respect to this personal data.

GLBA Consumer Notice

The Bridgeover U.S. Consumer Privacy Notice, pursuant to the Gramm-Leach-Bliley Act and U.S. state financial information laws

FACTS	WHAT DOES BRIDGEOVER INC. DO WITH YOUR PERSONAL INFORMATION?
Why?	Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What?	The types of personal information we collect and share depend on the product or service you have with us. This information can include: Contact and personal information (such as name, email address, phone number, and mailing address) Account balances and bank account information, transaction history Information about interactions with our services (such as bridging history, alerts, customer support inquiries and feedback)
How?	All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information, the reasons Bridgeover chooses to share, and whether you can limit specific data sharing.
Reasons we can share your personal information		Does Bridgeover share?	Can you limit this sharing?
For our everyday business purposes – such as to provide you our services, process your transactions, maintain your account(s), respond to court orders and legal investigations.		Yes	No
For our marketing purposes -to offer our services to you		Yes	No
For joint marketing with other companies		Yes	Yes
For our affiliates’ everyday business purposes – information about your transactions and experiences		No	We don’t share
For our affiliates’ everyday business purposes – information about your creditworthiness		No	We don’t share
For our affiliates to market to you		No	We don’t share
For nonaffiliates to market to you		No	We don’t share
To limit our sharing	Email us at privacy@bridgeover.io Please note: If you are a new customer, we can begin sharing your information immediately from the date we sent this notice. However, you can contact us at any time to limit our sharing.
Questions?	Email us at privacy@bridgeover.io or visit us online: www.bridgeover.io

Who we are
Who is providing this notice?	Bridgeover, Inc.
What we do
How does Bridgeover protect my personal information?	To protect your personal information from unauthorized access and use, we use advanced security measures that comply with federal law. These measures include computer safeguards and secured files.
How does Bridgeover collect my personal information?	We collect your personal information, for example, when you: Sign up for a Bridgeover account Apply for and use the financial services we offer Access to your bank accounts through 3rd party solution providers We also collect your personal information from others, such as your employer, banks, and other financial institutions.
Why can’t I limit all sharing?	Federal law gives you the right to limit only: Sharing for affiliates’ everyday business purposes – information about your creditworthiness, Affiliates from using your information to market to you, and Sharing for nonaffiliates to market to you. State laws and individual companies may give you additional rights to limit sharing.
What happens when I limit sharing for an account I hold jointly with someone else?	Your choices will apply to everyone on your account.
Definitions
Affiliates	Companies related by common ownership or control. They can be financial and nonfinancial companies.
Non Affiliates	Companies not related by common ownership or control. They can be financial and nonfinancial companies.
Joint marketing	A formal agreement between non affiliated companies that together market products or services to you.
Other important information
Nevada: If you are a consumer with a Nevada mailing address, and you prefer not to receive marketing calls from us, you may be placed on our internal Do Not Call List by contacting us at privacy@bridgeover.io You may also contact the Nevada Attorney General’s office: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; telephone number: 1-702-486-3132; email BCPINFO@ag.state.nv.us or AgInfo@ag.nv.gov
Vermont: If you are a consumer with a Vermont mailing address, we will not share information we collect about you with companies outside of Bridgeover, unless the law allows. For example, we may share information with your consent, to service your accounts or under joint marketing agreements with other financial institutions with which we have joint marketing agreements. We will not share information about your creditworthiness within our corporate family except with your consent, but we may share information about our transactions or experiences with you within our corporate family without your consent.
California: If you are a consumer with a California mailing address, we will not share information we collect about you with companies outside of Bridgeover, unless the law allows. For example, we may share information with your consent, to service your accounts, or to provide rewards or benefits to which you are entitled.

Collection of Information

We collect personal data to provide and improve our services. The types of personal data we collect may include:

Contact and personal information (such as SSN – 4 digits), name, email address, phone number, and mailing address)
Financial information, such as your bank account details, transaction history, purchase history, credit card information, and other similar information.
Information about devices and usage (such as IP address, browser type, operating system, and device identifiers), and geolocation data (for security purposes)
Information about interactions with our services (such as bridging history, alerts, customer support inquiries and feedback)
We collect this information directly from you, from your bank, from third-party sources, and through automated technologies such as cookies and other tracking technologies.

Log Files

We make use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us. We may use such information to administer our Services, analyze trends, track users’ movement within our Services, and gather demographic information.

Cookies and Tracking Technologies

Our website and mobile app may utilize cookies and other tracking technologies in order for us to provide our Services, and to advertise it.

What is a cookie? A cookie is a small text file that may be used, for example, to collect information about website and Service activity. Certain cookies and other technologies may serve to recall information, such as an IP address, previously indicated by a user. We may allow selected third parties to place cookies through the Site to provide us with better insights into the use of the Site or user demographics or to provide relevant advertising to you. These third parties may collect information about a consumer’s online activities over time and across different websites when he or she uses our website. We do not control the use of such third party cookies or the resulting information and we are not responsible for any actions or policies of such third parties. Browsers let you control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies by your browser.

We do not use technology that recognizes a “do-not-track” signal from your web browser.

Use of Information

We may use your personal information for the following purposes:

To provide you with our products and services.
To process your transactions and payments.
To improve our products and services.
To communicate with you about your account, our products and services, and other related matters.
To analyze and improve the performance and functionality of our services
To comply with legal and regulatory requirements.
We may also use your information for other purposes that are compatible with the above purposes or as authorized by law.

Use of Anonymous Information

We may create anonymous data from personal information by excluding information that makes the data personally identifiable, and use that anonymous data for our lawful business purposes, including to provide workforce insights to employers.

Sharing of Information

Information We Disclose

We do not disclose any nonpublic personal information about our customers or former customers to anyone, except as permitted by law. For example, we may share information with our affiliates and service providers to process transactions, service accounts, and maintain our accounts and records.

We may share personal data with third parties for the following purposes:

Processing transactions and payments
Providing customer support and resolving issues
Analyzing and improving the performance and functionality of our services
Complying with legal obligations and enforcing our policies
We require third parties to comply with data protection laws and regulations and to use personal data only for the purposes for which it was shared.

We may share your personal information with third parties, including:

Service providers, such as payment processors, IT service providers, and other vendors who help us provide our products and services.
The employer, for the purpose of billing or checking employment status
Affiliates, such as companies that we own or control or that are under common control with us.
Business partners, such as companies that we work with to offer joint products or services.
Legal and regulatory authorities, such as government agencies, courts, and other entities as required by law.
If the disclosure is done as part of a purchase, transfer or sale of services or assets (e.g., in the event that substantially all of our assets are acquired by another party, customer information may be one of the transferred assets); otherwise we do not sell personal data for monetary consideration.

We do not disclose personal information to others for their direct marketing use. Accessing your information and your choices.

You can update, amend or delete your information at any time by contacting us by email at privacy@bridgeover.io

You can choose not to receive emails from us by “unsubscribing” using the instructions in any email you receive from us. This will not stop us from sending emails about your account or your transactions with us.

You can choose to delete or block cookies by setting your browser to either reject all cookies or to allow cookies only from selected sites. If you block cookies performance of the Site may be impaired and certain features may not function at all.

Children’s Privacy

This Site is not designed nor intended to be attractive to use by children under the age of 18 We do not knowingly collect information from children under the age of 18. If you are under 18 please do not submit any information to us.

Record Retention

Our Site is maintained on servers located in the United States, and personal information submitted is stored on our servers in the United States. If you are visiting our Site from outside the United States, please be advised that your information is transferred to our U.S. servers. We retain personal information as long as reasonably necessary to achieve the use purposes disclosed in this Policy. The criteria determining retention period are based on legal obligations, information sensitivity, security, product research and development, technical functionality, and experience improvement considerations. We specifically retain personal information:

To respond to or comply with court orders, subpoenas, or regulator inquiries
As required by applicable state and federal law or regulation, including the Gramm-Leach-Bliley Act, the Electronic Fund Transfer Act, the Telephone Consumer Protection Act, and the Bank Secrecy Act
In response to or anticipation of litigation

Notice to California, Colorado, Connecticut, Virginia and Utah Residents

We are currently not subject to the California Consumer Privacy Act as amended, the Colorado Privacy Act, the Connecticut Personal Data Privacy Act, the Utah Consumer Privacy Act, or the Virginia Consumer Data Protection Act. If we become subject to any of these laws in the future we will update this Privacy Policy accordingly.

Data Security

The security of personal information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the personal information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security or confidentiality.

We take appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, and misuse. These measures include:

Limiting access to personal data to authorized personnel only
Encrypting sensitive data during transmission and storage
Regularly monitoring and testing our systems and processes for vulnerabilities
Implementing access controls and authentication mechanisms

Links to other sites

We may permit others to link to this Site or to post a link to their site on ours. We do not endorse these sites and are not responsible for other sites or their privacy practices. Please read their privacy policies before submitting information.

Changes to this Policy

We may update this Privacy and Data Protection Policy from time to time. If we make any material changes, we will notify you by posting a notice on our website with an updated Effective Date, or by other means as required by law. The binding policy is the most updated one. During your registration process, your consent/approval will be required.

Contacting Us

This Site is owned and operated by Bridgeover, Inc. You can contact us at privacy@bridgeover.io