Contact us

×︁

Our friendly team will love to hear from you!

Send
Send
Thank you!
Your message has been received!
Oops! Something went wrong while submitting the form.

Privacy Policy

Effective Date: June 1, 2026

1. Introduction

This Privacy Policy (“Policy”) describes how Contiant LLC. (“Contiant”, “Company”, “we”, “us”, or “our”) collects, uses, stores, discloses, and protects personal information and financial data in connection with our website, APIs, integrations, software, bank connectivity, pay-by-bank, financial data access, and related technical services (collectively, the “Services”).

Contiant provides technical infrastructure and connectivity services designed to facilitate communication and integration between merchants, end users, financial institutions, and third-party financial service providers.

Contiant does not provide banking services, money transmission services, or payment processing services and does not receive, hold, or control customer funds.

This Policy applies to information collected from or relating to users and individuals interacting with the Services, including through customer support interactions, business relationships, communications, and use of the website.

Depending on the nature of the Services and the jurisdictions involved, Contiant may process information in accordance with applicable privacy, financial data, cybersecurity, and consumer protection laws, including, where applicable:

  • The California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”);
  • The Gramm-Leach-Bliley Act, 15 U.S.C. §§ 6801–6809, and applicable implementing regulations, including the FTC Safeguards Rule (16 C.F.R. Part 314) and Regulation P (12 C.F.R. Part 1016);
  • Applicable requirements relating to consumer-authorized financial data access under Section 1033 of the Dodd-Frank Act and related implementing regulations;
  • Other applicable U.S. federal and state privacy, cybersecurity, and data protection laws.

By accessing, interacting with, or using the Services, including through partner integrations, you acknowledge that information may be collected, transmitted, disclosed, and processed as described in this Policy.

If you do not agree with this Policy, you should discontinue use of the Services.

2. Definitions

For purposes of this Policy:

“Financial Data” means account-related, transaction-related, authentication-related, or other financial information accessed, transmitted, or processed through the Services pursuant to user authorization.

“Financial Institution” means a bank, credit union, payment provider, or other regulated financial services entity.

“Personal Information” means information that identifies, relates to, describes, or may reasonably be associated with an identified or identifiable individual.

“Services” means the website, APIs, integrations, software, bank connectivity, pay-by-bank functionality, financial data access services, and related technical infrastructure provided by Contiant.

“Third-Party Financial Service Provider” means an independent provider offering banking, payment, financial connectivity, account aggregation, authentication, or related financial services under applicable law.

“User,” “you,” or “your” means any individual, merchant, customer, business representative, or other person accessing or using the Services.

3. Information We Collect

Depending on the nature of the Services, user interactions, and applicable legal or operational requirements, Contiant may collect, receive, access, use, store, disclose, or otherwise process the following categories of information.

User and Financial Information

Subject to user authorization and applicable provider permissions, the Services may access or process Financial Data and other information relating to end users, including:

  • Account-related and transaction-related information;
  • Payment-related and connectivity-related information;
  • Authentication and authorization-related information;
  • Account balances, account identifiers, and financial connectivity information;
  • Information made available through Financial Institutions and Third-Party Financial Service Providers in connection with the Services.

Contiant may also collect or process authentication-related information, transaction and connectivity metadata, fraud prevention and risk-management information, communications data, and publicly available or third-party verification information where reasonably necessary to provide, secure, support, improve, and maintain the Services and comply with applicable legal, operational, security, or compliance requirements.

Information Provided in Connection with the Services

Contiant may receive or process information provided by users, partners, Financial Institutions, Third-Party Financial Service Providers, or other parties in connection with access to or use of the Services, including:

  • Name and contact information;
  • Authentication-related information and user-provided access or authorization information necessary for the operation of the Services;
  • Communications, inquiries, and support requests;
  • Information submitted through the website, integrations, onboarding flows, or customer support interactions.

Technical and Connectivity Information

Contiant may collect limited technical and connectivity-related information reasonably necessary for the operation, security, and functionality of the Services, including:

  • IP address;
  • Browser type and operating system information;
  • Limited device-related information necessary to determine whether the Services are accessed through a browser or mobile device and to support technical compatibility and security;
  • Access timestamps and technical log information relating to the operation and security of the Services.

Contiant does not use cookies or similar tracking technologies for behavioral advertising or unrelated tracking purposes.

Information from Third Parties

Contiant may receive information from Financial Institutions, Third-Party Financial Service Providers, service providers, business partners, identity verification providers, fraud prevention providers, cybersecurity providers, publicly available sources, and other third parties where permitted by applicable law.

4. How We Use Information

Contiant may collect, use, process, store, disclose, and otherwise handle Personal Information and Financial Data for legitimate business, operational, compliance, security, and service-related purposes in connection with the provision, operation, maintenance, and improvement of the Services.

Such purposes may include:

  • Providing, operating, maintaining, supporting, and improving the Services and related technical infrastructure;
  • Facilitating bank connectivity, consumer-authorized financial data access, pay-by-bank functionality, and related integrations with Financial Institutions and Third-Party Financial Service Providers;
  • Enabling authentication, authorization, connectivity, and communication in connection with the Services;
  • Verifying user identity and conducting fraud prevention, security monitoring, risk-management, and compliance-related activities;
  • Detecting, preventing, investigating, and responding to fraud, unauthorized activity, cybersecurity incidents, abuse, suspicious activity, and other potentially unlawful or harmful conduct;
  • Protecting the security, integrity, availability, reliability, and functionality of the Services, systems, APIs, integrations, and related infrastructure;
  • Monitoring, troubleshooting, analyzing, optimizing, and developing the Services, user experience, technical performance, and operational efficiency;
  • Responding to inquiries, requests, support communications, and customer service matters;
  • Maintaining internal records, audit logs, compliance documentation, and operational reporting;
  • Complying with applicable laws, regulations, legal obligations, governmental requests, court orders, regulatory inquiries, industry standards, and contractual obligations;
  • Enforcing agreements, policies, contractual rights, and security requirements;
  • Conducting analytics, research, testing, auditing, quality assurance, and internal business operations.

Sensitive Personal Information and Financial Data may be used only as reasonably necessary to provide, maintain, secure, support, improve, and comply with legal and operational requirements relating to the Services, including fraud prevention, security monitoring, identity verification, compliance activities, and risk management.

Contiant may also use information in aggregated, anonymized, or de-identified form for operational, analytical, security, statistical, and service improvement purposes, provided that such information does not reasonably identify an individual.

Contiant does not sell Personal Information to third parties and does not use Financial Data for purposes unrelated to the provision, security, support, or improvement of the Services.

5. How We Share and Disclose Information

Contiant may share, disclose, transmit, or make available Personal Information and Financial Data as reasonably necessary to provide, maintain, secure, support, and improve the Services, comply with legal obligations, and protect users, partners, and the Services.

Financial Institutions and Third-Party Financial Service Providers

Information may be shared with Financial Institutions and Third-Party Financial Service Providers in order to facilitate consumer-authorized financial data access, bank connectivity, pay-by-bank functionality, authentication, fraud prevention, account verification, and related Services.

Service Providers and Vendors

Contiant may share information with service providers, contractors, vendors, cloud hosting providers, identity verification providers, fraud prevention providers, cybersecurity providers, and other third parties performing services on Contiant’s behalf or in connection with the operation of the Services.

Such parties are authorized to access and use information only as reasonably necessary to perform services for Contiant and may be subject to contractual, legal, operational, or confidentiality obligations where appropriate.

Legal and Regulatory Disclosures

Information may be disclosed where reasonably necessary to:

  • Comply with applicable law, regulation, legal process, governmental request, subpoena, court order, or regulatory inquiry;
  • Respond to lawful requests from public authorities or law enforcement agencies;
  • Enforce agreements, policies, or contractual rights;
  • Investigate, prevent, detect, or address fraud, unauthorized activity, cybersecurity incidents, security issues, or other unlawful or harmful conduct;
  • Protect the rights, property, security, integrity, or safety of Contiant, users, Financial Institutions, service providers, or third parties.

Corporate Transactions

Information may be disclosed in connection with an actual or proposed merger, acquisition, financing transaction, restructuring, reorganization, sale of assets, bankruptcy, insolvency, or other corporate transaction involving all or part of Contiant’s business.

Aggregated and De-Identified Information

Contiant may share aggregated, anonymized, or de-identified information that does not reasonably identify an individual for analytical, operational, research, security, business, or service improvement purposes.

6. Security Measures

Contiant maintains administrative, technical, organizational, and physical safeguards designed to protect Personal Information and Financial Data against unauthorized access, disclosure, misuse, alteration, destruction, or other unauthorized processing.

Such safeguards may include:

  • Access controls and authentication procedures;
  • Encryption and secure transmission protocols where appropriate;
  • System monitoring, logging, and security testing;
  • Network, infrastructure, and application security measures;
  • Internal policies, training, and operational security procedures;
  • Incident response and cybersecurity management processes.

Access to information is limited to authorized personnel, service providers, and partners with a legitimate business or operational need for such access.

Contiant regularly reviews and updates its security practices in light of operational, technological, legal, and regulatory developments.

While safeguards and security measures are implemented to protect Personal Information and Financial Data, no method of transmission, storage, or electronic processing, and no system or service, can be guaranteed to be completely secure, uninterrupted, or error-free.

In the event of a suspected or confirmed security incident affecting Personal Information or Financial Data, appropriate investigative, containment, remediation, notification, and protective measures may be taken as reasonably necessary under the circumstances and applicable law.

7. Data Retention

Personal Information and Financial Data may be retained for as long as reasonably necessary to:

  • Provide, operate, maintain, support, and improve the Services;
  • Comply with applicable legal, regulatory, tax, accounting, compliance, security, audit, and reporting obligations;
  • Maintain business, operational, and security-related records;
  • Detect, prevent, investigate, or address fraud, cybersecurity incidents, unauthorized activity, disputes, or other potentially unlawful conduct;
  • Enforce agreements, policies, contractual rights, and legal obligations.

Retention periods are determined based on applicable legal requirements, contractual obligations, operational needs, security considerations, risk management requirements, and the nature of the Services provided.

When Personal Information or Financial Data is no longer reasonably necessary for the purposes described in this Policy, reasonable measures may be taken to delete, anonymize, de-identify, or securely dispose of such information, subject to applicable legal, regulatory, operational, backup, archival, or recordkeeping requirements.

Certain information may continue to be retained where reasonably necessary to comply with legal obligations, resolve disputes, enforce agreements, protect rights and security interests, support investigations, or comply with applicable regulatory expectations.

8. Cookies and Similar Technologies

Contiant does not use cookies or similar tracking technologies for behavioral advertising or unrelated tracking purposes.

Limited technical or session-related technologies may be used where reasonably necessary for the operation, security, functionality, and technical performance of the Services.

9. Privacy Rights

Depending on applicable U.S. federal or state law, users may have certain privacy rights regarding their Personal Information, subject to applicable limitations, exceptions, verification requirements, and legal obligations.

Such rights may include:

  • The right to request access to certain Personal Information;
  • The right to request correction of inaccurate Personal Information;
  • The right to request deletion of certain Personal Information;
  • The right to request information regarding categories of information collected, used, disclosed, or shared;
  • The right to opt out of certain data sharing or processing activities where required by applicable law;
  • The right not to receive discriminatory treatment for exercising applicable privacy rights.

Certain information may be exempt from such requests where retention or processing is necessary to:

  • Comply with applicable law or regulatory obligations;
  • Complete transactions or provide requested Services;
  • Detect, investigate, prevent, or address fraud, security incidents, unauthorized activity, or illegal conduct;
  • Enforce agreements, policies, or legal rights;
  • Maintain internal business, operational, security, audit, or compliance records.

Requests relating to privacy rights may be submitted using the contact information provided in this Policy.

Contiant may take reasonable steps to verify the identity and authority of any person submitting a privacy rights request before responding to such request.

Additional state-specific privacy disclosures, rights, or supplemental notices may apply depending on the user’s state of residence and applicable law.

10. Children's Privacy

The Services are intended only for individuals who are at least 18 years old. Contiant does not knowingly collect Personal Information directly from children under the age of 18.

If Contiant becomes aware that Personal Information has been collected from a child in violation of applicable law, reasonable measures may be taken to delete such information.

11. Changes to This Policy

Contiant may update, modify, or revise this Privacy Policy from time to time to reflect changes in the Services, business operations, legal requirements, regulatory expectations, security practices, or other operational considerations.

Updated versions of this Policy may be published through the website or otherwise made available through the Services. The “Last Updated” date indicates when the Policy was most recently revised.

Where required by applicable law or where changes materially affect privacy practices, additional notice or consent mechanisms may be provided.

12. Contact Information

Questions, requests, concerns, or inquiries regarding this Privacy Policy or Contiant’s privacy, security, or information handling practices may be submitted using the contact details below:

Contiant LLC
2810 N Church St #807559
Wilmington, Delaware 19802
privacy@contiant.com

Privacy-related requests submitted under applicable law may require verification of identity and authority before a response can be provided.

Users may also have the right to contact applicable regulatory or consumer protection authorities regarding concerns relating to privacy practices or applicable law.