Privacy Policy

Effective Date: September 10, 2025

SerraFi is a financial technology company building a next-generation digital banking platform. This Privacy Policy explains how we collect, use, share, and protect your personal information when you interact with our website or services.

We are committed to safeguarding your privacy and complying with applicable data protection laws in the United States, including the California Consumer Privacy Act (CCPA) and the Children's Online Privacy Protection Act (COPPA).

1. Who We Are

SerraFi, Inc.
4235 Hillsboro Pike, Suite 300
Nashville, TN 37215
Email: privacy@serrafi.com

We are not yet a licensed bank and are currently in the development phase of our product. No banking services are offered at this time.

2. Scope of This Policy

This policy applies to:

  • Visitors to our website
  • Individuals who contact us via forms, email, or other communication channels

This policy does not cover future banking services or mobile applications, which will have their own terms and privacy policy.

3. Information We Collect

A. Information You Provide

When you fill out contact forms or interact with us directly, we may collect:

  • Name
  • Email address
  • Company name and job title (optional)
  • Any message or inquiry details

We do not collect financial data, Social Security numbers, health data, or other sensitive information on this site.

B. Information Collected Automatically

When you use our website, we collect limited technical data for analytics and security:

  • IP address
  • Browser and device type
  • Referring URL
  • Pages visited and session duration
  • Cookie data (see Section 6)

This data is anonymized or aggregated and not linked to any individual unless you submit a form.

4. How We Use Your Information

We use your information for the following purposes:

  • To respond to inquiries or messages you send us
  • To improve website functionality and user experience
  • To analyze visitor interactions (aggregated form only)
  • To maintain the security and integrity of our systems

We do not use your data for:

  • Behavioral advertising
  • Automated decision-making
  • Selling or renting to third parties

5. How We Share Information

We do not sell your personal data.

We may share your data only in these limited circumstances:

Purpose With Whom
Website hosting and infrastructure U.S.-based cloud platforms and secure providers
Analytics Tools like Google Analytics (aggregated only)
Legal compliance Government agencies, if required by law
Technical and security operations Contractors under NDA and access control

6. Cookies and Tracking

We use cookies and tracking technologies for:

  • Site performance
  • Analytics
  • Security

Your Choices

You can disable cookies via your browser settings. If required by law in your state, we will provide a cookie preferences banner.

We do not use cookies for cross-site tracking or targeted advertising.

7. How We Protect Your Information

We implement administrative, technical, and physical safeguards to protect your data:

  • Encrypted connections (TLS)
  • Encrypted data at rest (AES-256)
  • Access control and authentication
  • Security monitoring and audit logging
  • Data minimization principles

While no system is 100% secure, we follow industry best practices to reduce risk.

8. Data Retention

We retain personal information only as long as necessary:

  • Form submissions: up to 12 months
  • Email communications: as needed for support or compliance
  • Analytics data: anonymized and stored in aggregate

You can request deletion at any time (see Section 10).

9. Children's Privacy

We do not knowingly collect data from children under 13. Our website is intended for users aged 18 and older.

If you believe a child has submitted personal data to us, contact privacy@serrafi.com and we will delete the information.

10. Your Privacy Rights (CCPA and Similar Laws)

If you reside in California or another U.S. state with similar privacy laws, you may have the following rights:

Right Description
Right to Know Request details about the data we collect and how we use it
Right to Delete Ask us to delete your personal data (with legal exceptions)
Right to Opt-Out Opt out of the sale of personal data (we do not sell data)
Right to Non-Discrimination You will not be treated unfairly for exercising your rights

To exercise your rights, email privacy@serrafi.com with the subject line: Privacy Rights Request. We may need to verify your identity before processing.

11. Data Storage and Transfers

All personal data is stored and processed on secure servers located in the United States. We do not transfer your data internationally.

12. Policy Updates

We may update this Privacy Policy periodically. If the changes are significant, we will:

  • Update the effective date at the top of this page
  • Notify users by email if we have your contact information

Please review this policy regularly to stay informed about how we handle your data.

13. Contact Us

For questions or privacy-related requests:

SerraFi, Inc.
4235 Hillsboro Pike, Suite 300
Nashville, TN 37215
Email: privacy@serrafi.com

Summary Table

Category Practice
Data sales Not sold
Behavioral tracking Not used
Use of cookies Minimal, optional
Children's data Not collected
Encryption In transit and at rest
Privacy rights support CCPA-ready
Third-party sharing Essential providers only
International data transfers None (U.S.-only)