Last Updated: November 20, 2022

This Privacy Policy explains the best practices that Prysm Financial Technology LLC (“Prism”, “we”, “us”, or “our”) employs regarding the collection, use and disclosure of information that we receive through our website located at https://www.prism.co (the “Website”) and the services accessible via the Website (together, the “Services”). “You” or “your” means an individual who visits or uses the Services. This Privacy Policy explains how we collect, protect, use and share information that identifies, relates to, or could be reasonably linked, directly or indirectly, with a particular identified or identifiable natural person or household (“Personal Information”).

By using, accessing or submitting information through the Services, you agree to be bound by the terms of this Privacy Policy. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

1. PRIVACY POLICY UPDATES

Any information that is collected via our Services is covered under the Privacy Policy in effect at the time that such information was collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services.

2. INFORMATION COLLECTED OR RECEIVED FROM YOU

When you use the Services, we may collect Personal Information and other information from you as further described below.

2.1 Prism Account Information

If you create a Prism user account, we will collect certain information that can be used to identify you, such as your name and email.

2.2 Linked Account Information

When you link a bank account at a third party depository institution (your “Linked Account”) to your Prism account, we will collect certain information from your Linked Account, such as your online login credentials, for the purposes of providing the Services to you. When you give us access to your Linked Account, you acknowledge and agree that we will have access to your transaction and funds information, and any other information that may be available through your Linked Account (“Linked Account Information”).

Prism currently utilizes Plaid Inc. (“Plaid”), a third-party service provider, to retrieve information from your linked Linked Account. Plaid offers a secure method for transmitting banking information, and your bank credentials are never exposed to or stored by Prism. For more information on Plaid’s privacy policy, please visit https://plaid.com/legal/#end-user-privacy-policy.

2.3 Verification Information

For compliance purposes and in order to provide the Services to you, we may obtain information from you or a third party, including the financial institution providing your Linked Account, to help us verify your identity or Linked Account details.

In order to determine your eligibility to access certain Services, we require Linked Account Information and other Personal Information, as required by United States Federal law, such as your residential address and social security number.

2.4 Information Collected by Cookies and Web Beacons

We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Among other things, cookies support the integrity of our registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. We may also collect information using web beacons. Web beacons are electronic images that may be used in our Services or emails. We may use web beacons to deliver cookies, count visits, understand usage, and determine whether an email has been opened and acted upon.

2.5 Information Related to Use of the Services

Our servers automatically record certain data about how our users interact with our Services. This data may include information such as a user’s Internet Protocol (IP) address, browser type, operating system, the pages or features of our Services with which a user interacts, and other statistics. We use this data to improve our Services by tailoring them to our users’ preferences. We may use third party data collection tools such as Amplitude to provide us with analytics data regarding users’ interactions with our Services. You may opt-out of Amplitude’s automatic retention of data collected while using the Services by emailing [email protected]

2.6 Information Sent by Your Device

We collect certain information that your device sends when you use our Services.

2.7 Location Information

When you use our Website, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your device’s GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your device’s browser or system settings.

3. HOW WE USE PERSONAL INFORMATION

Our primary goal in collecting Personal Information is to provide you a secure, efficient, and optimized experience while using our Services.

4. INFORMATION WE SHARE WITH THIRD PARTIES

We will never sell your Personal Information. We will not share any Personal Information that we have collected from you, or regarding you, except as described below:

4.1 Information Shared With Our Services Providers

We may engage third-party services providers to work with us to administer and provide the Services. These third-party services providers have access to your Personal Information and Financial Information only for the purpose of performing services on our behalf.

4.2 Aggregated and Non-Identifying Information Shared with Other Third Parties

We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.

4.3 Information Disclosed in Connection with Company Transactions

Personal Information may be disclosed or transferred in connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture, or dissolution of all or a portion of our business.

4.4 Information Disclosed for Our Protection and the Protection of Others

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

5. CALIFORNIA PRIVACY RIGHTS

Subject to certain limitations and exemptions, California residents may seek disclosures as to the categories or specific pieces of Personal Information Prism collects, processes, and stores about them, and may contact us regarding their rights to access and request deletion of their Personal Information. It’s important to note that the California Consumer Privacy Act (CCPA) does not apply to nonpublic personal information collected by financial institutions, including Prism, in connection with providing a financial product or service. Please refer to the CCPA Privacy Notice for further information.

6. YOUR CHOICES

We offer you choices regarding the collection, use and sharing of your Personal Information and we will respect the choices you make. Please note that if you decide not to provide us with the Personal Information that we request, you may not be able to access all of the features of the Services.

6.1 Communications and Opt-Out

Our main form of communication with you will be via email. We may periodically send you free newsletters, emails, and notifications that promote our Services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (either through the Website or by following the unsubscribe instructions provided in the message). We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications. For example, verifying updates to your account information.

6.2 Modifying Your Information

You can access and modify the Personal Information associated with your Prism Account, including your name, address, and Linked Account details, through your profile settings in the Website.

7. THE SECURITY OF YOUR INFORMATION

We take reasonable administrative, physical, and electronic measures to protect the information that we collect from or about you (including your Personal Information) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies when we we transmit it over the internet. However, no method of transmitting information over the Internet or storing information is completely secure and, accordingly, we cannot guarantee the absolute security of any information.

Additionally, all data in our databases is encrypted at rest with AES-256, block-level storage encryption.

8. LINKS TO OTHER SITES

Our Services may contain links or direct you to websites and services that are owned or operated by third parties. Any information that you provide to a third party or that is collected by a third party is subject to their privacy policy, and not Prism’s. We are not responsible for the content, privacy, or security practices and policies of any third party.

Additionally, we do not have access to any personal information you share with 3rd party services.

9. CONTACTING PRISM

If you have any questions, concerns, or suggestions regarding this Privacy Policy, please contact us via the Website support portal, or by email at [email protected].

;