Privacy Policy

Last Updated: April 13, 2024

Altitude Software Corporation ("Altitude" or "we") respects the privacy of its users ("you") and is committed to protecting the personal data we collect and process. As a provider of financial automation software for hedge funds, investment banks, and private equity firms, we recognize the importance of data security and privacy. This Privacy Notice explains how we collect, use, disclose, and safeguard your information when you interact with our platform.

  1. Article I: Scope of This Privacy Notice
    1. Applicability
    This Privacy Notice governs the collection, use, and processing of personal data by Altitude Software Corporation ("Altitude") through its financial automation software platform.The scope of this Notice encompasses all personal data processed during interactions with our platform unless explicitly stated otherwise.
    2. ExclusionsAnonymized or Public Data:
    A. This Notice does not apply to data that has been anonymized or is publicly available, as these do not constitute personal data under privacy laws.
    B. Employment-Related Data: Data collected in relation to employment with Altitude is governed by separate privacy policies applicable to employees.
  2. Article II: Clarification of Legal Rights
    1. Rights Under Privacy Laws   
    a. Users of the Altitude platform have specific rights under various data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), Personal Information Protection and Electronic Documents Act (PIPEDA), and California Online Privacy Protection Act (CalOPPA).   
    b. These rights include, but are not limited to, the right to access, correct, delete, and port their personal data.
    2. Exercise of Rights   
    a. Altitude provides mechanisms for users to exercise their rights through user account settings and direct contact with our data protection office.   
    b. Detailed procedures on how to exercise these rights are available on our platform and through user support channels.
  3. Article III: Our Role in Processing Personal Data
    1. Distinction Between Controller and Processor
    Data protection regulations often distinguish between "controllers" and "processors" (also known as "service providers") of personal data.
    Controller: A controller determines the purposes (the 'why') and means (the 'how') of processing personal data. As a controller, Altitude Software Corporation decides how personal data collected from our platform is processed and for what purposes.
    Processor: A processor processes personal data on behalf of the controller, following the controller's instructions. Altitude does not act as a processor in the context of the data collected directly through our platform.
    2. Altitude's Responsibilities as a Controller
    This Privacy Notice articulates our privacy practices specifically in scenarios where we act as a controller of personal data.When operating as a controller, we implement data protection practices and policies that comply with applicable laws, ensuring the privacy and security of personal data under our control.
    3. Exclusions from This Privacy Notice
    This Privacy Notice does not address or cover the ways in which our customers may process personal data utilizing our services, nor how we may process personal data on behalf of our customers when acting as their processor.When Altitude acts as a processor, it is under the direct instructions of the customer who is the controller. Our activities in such capacities are governed by agreements with our customers, which are not covered by this Privacy Notice.We advise individuals whose data is processed by Altitude in the capacity of a processor to consult the privacy notices of the customer (controller) to understand their privacy practices. Altitude, in its role as a processor, is generally not authorized to respond directly to individual requests regarding personal data managed on behalf of customers. Such inquiries should instead be directed to the respective customer who controls the data.
  4. Article IV: Specific Types of Personal Data Collected
    We collect information that supports the provision and improvement of our services, including but not limited to:
    1. Contact Information   
       a. Definition
    : Contact Information refers to any data that would allow direct communication with an individual.
       b. Examples: This includes but is not limited to:
           i. Full legal names.
         ii. Personal and work email addresses.
         iii. Mobile, home, and office phone numbers.
       c. Source: Collected through registration processes, customer support inquiries, and direct contact forms on our platform.
    2. Professional Information
       a. Definition
    : Professional Information consists of details related to the professional status of an individual.
       b. Examples: Job titles, departments, roles within the company, company name, size, and geographic location.
       c. Source: Provided by users during the registration process or through direct entries while using our services.
    3. Account Information
       a. Definition: Account Information pertains to the credentials and settings configured by users within their personal account on the platform.
       b. Examples:
          i.  Usernames.
           ii. Securely hashed passwords.
            iii. User-specific settings and preferences.
       c. Source: Collected directly from users during account creation and configuration.
    4. Device and Network Information   
       a. Definition
    : Device and Network Information includes any data related to the electronic devices and networks used to access our services.   
      b. Examples:
          i. Device types (smartphone, laptop, tablet).
          ii. Operating system versions.
          iii. Device identifiers (IMEI, MAC address).
          iv. Browser types and versions.
          v. IP addresses, indicating device location, network carrier, and connection type (WiFi 4G).
       c. Source: Automatically collected when users interact with our platform.
    5. Interaction and Usage Data
       a. Definition
    : Interaction and Usage Data refers to information about how users engage with and utilize the platform.
       b. Examples:
          i. Features usage frequency.
          ii. Session lengths.
          iii. Clickstream data.
          iv. Navigation paths.
          v. Times of active usage.
          vi. System logs documenting events such as system errors, access times, and hardware information.
       c. Source: Collected automatically through monitoring tools integrated into our services.
    6. Location Information
       a. Definition: Location Information includes any data indicating the geographic location of a user.
       b. Examples: Derived from IP addresses or other network location identifiers.
       c. Purpose: Used to tailor location-specific content, comply with legal standards, and enhance security by detecting potential fraud.
    7. Personal Data from Third Parties
      a. Definition
    : Personal Data from Third Parties encompasses information obtained from external sources that interact with our users.
       b. Examples:
           i. Information from third-party authentication services (e.g., OAuth providers).
          ii. Publicly accessible information from social media platforms (usernames, profile information, content from posts or comments).
       c. Source: Received when users utilize third-party services to interact with our platform or log in using external OAuth providers.
  5. Article V: Additional Uses of Personal Data
    1. Purpose and RationaleAltitude Software Corporation utilizes personal data collected through its platform not only for operational purposes but also to enhance the overall user experience and to ensure compliance with legal standards.The additional uses of personal data are as follows:
    2. Product EnhancementDefinition: Refers to the use of collected data to improve the functionality and user interface of Altitude's financial automation software.Purpose: To tailor and refine product features to better meet the needs of users, thereby enhancing effectiveness and user satisfaction.
    3. Compliance and EnforcementDefinition: Involves the use of personal data to adhere to legal regulations and enforce company policies and terms.
       a. Purpose:
          i. Legal Compliance: Ensuring all processing and data handling practices conform to relevant data protection laws such as GDPR, CCPA/CPRA, PIPEDA, and CalOPPA.
          ii. Enforcement: Using data to prevent, detect, and investigate potential breaches or misuse of services, including fraud prevention.
  6. Article VI: Our Disclosure of Personal Data
    1. Purpose of DisclosureAltitude Software Corporation may share personal data with various third parties under specific circumstances outlined below. This disclosure is strictly governed by contractual obligations and legal standards to ensure data privacy and security.
    2. To Whom We Disclose Personal Data
    a. Service Providers
          i. Definition: Third-party companies that provide essential services such as cloud hosting and IT support.
          ii. Purpose: To enable the provision of necessary technological infrastructure and support services that are integral to the operation of our platform.
    b. Business Partners 
          i. Definition: Financial institutions and other related entities with whom users interact via our platform.
          ii. Purpose: To facilitate the provision of integrated services and enhance the operational capabilities of our financial software solutions.
    c. Legal and Compliance
          i. Definition: Disclosures made in response to lawful requests from legal authorities or as part of judicial proceedings.
          ii. Purpose: To comply with legal obligations, respond to subpoenas or court orders, and protect the rights, property, or safety of our users and the public.
    d. Business Transfers:
          i. Definition: In scenarios involving mergers, acquisitions, restructurings, or asset sales.
          ii. Purpose: To transfer data as a necessary component of these transactions, ensuring continuity of service and adherence to existing privacy commitments.
    e. With Consent:
          i. Definition: Any sharing of personal data based on explicit consent from the data subject.
          ii. Purpose: To respect user preferences and only share personal data for additional purposes when authorized by the user.
  7. Article VII: Your Privacy Choices
    1. Overview
    Altitude Software Corporation acknowledges that all individuals with whom we interact hold certain rights over their personal data. This section outlines the available choices regarding the management and control of your personal data, with specific mechanisms depending on your geographic location or residency.
    2. Communication Preferences
    a. Email Communications

          i. You may opt out of receiving promotional email communications by utilizing the "unsubscribe" link provided in any promotional email from us.
          ii. Note: Unsubscribing from promotional communications does not affect your receipt of service-related communications such as account verification, transaction confirmations, or service updates which are necessary for the ongoing use of our platform.
    b. Direct Mailing Preferences
          i. To discontinue receiving promotional direct mail, you may contact us at privacy@altitudesoftware.com.
          ii. Note: Opting out from our direct mailing list will not cease mailings from third parties that may include mentions of our services, as these are managed outside our direct control.
    3. Automatic Data Collection Preferences
    In cases where Altitude does not provide a specific preference manager or privacy setting, third-party tools and features may be utilized to manage preferences regarding automatic data collection:
          i. Web browsers typically allow modifications to settings to restrict or block cookies and other tracking technologies.
          ii. Email platforms often provide settings to prevent the automatic download of images, which may include tracking technologies.
          iii. Mobile devices generally offer settings to restrict the collection of data by applications.Note: Restricting or blocking certain automatic data collection technologies may impact the functionality and user experience of our services.
    4. Targeted Advertising Preferences
    We partner with third-party entities to deliver advertising that may be aligned with your interests, which is based on both the data we collect and that collected by our partners across various platforms.
       a. Opt-Out Opportunities:
          i. Device-Specific Options: Some devices offer settings to disable targeted advertising at the device level.
          ii. Digital Advertising Alliance: You can opt out of interest-based advertising from participating companies through the DAA's WebChoices tool at https://optout.aboutads.info.
          iii. Network Advertising Initiative: Opt out of targeted advertising from participating companies at https://optout.networkadvertising.org.
          iv. Platform-Specific Preferences: Certain platforms may provide their own mechanisms to refuse targeted advertising.
       b. Note: Opting out of interest-based advertising does not prevent all advertising but ensures that such ads are not based on your particular interests.
    5. Partner-Specific Preferences
    Device and Platform Settings: The devices and platforms you utilize may provide additional settings that affect how your personal data is used.
    Google Analytics: Information regarding your interaction with our services may be collected via Google Analytics, for which opt-out options are available, including the Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout.
  8. Article VIII: Additional Information on Privacy for Specific Groups
    1. Children’s Personal Data
    Our services do not target nor intentionally collect personal data from children under the age of 18.
    If a child under 18 has provided personal data, we encourage the child's parent or guardian to contact us to request the removal of this data from our systems.
    2. Investor Personal Data
    We collect data from investors such as share purchasing history and shareholder details for the purpose of managing investor relations.This data may be used in accordance with the practices set forth in the "Additional Uses of Personal Data" and disclosed as described in the "Our Disclosure of Personal Data" sections, consistent with legal requirements.
  9. Article IX: Security of Personal Data
    1. General Commitment: Altitude Software Corporation is dedicated to safeguarding the personal data of its users. We commit to implementing robust security measures to protect data against unauthorized access, alteration, disclosure, or destruction.
    2. Safeguards Implemented: Encryption: Use of strong encryption protocols to secure data during transmission and while at rest.
    3. Secure Server Environments: Deployment of data in secure server environments that use modern security practices to prevent unauthorized access.
    4. Access Controls: Implementation of strict access controls and authentication measures to ensure only authorized personnel have access to personal data.
    5. Regular Audits: Conducting regular security audits and vulnerability assessments to identify and mitigate risks.
    6. Security Training: Providing ongoing security training to employees to ensure they are aware of and comply with our security standards.
  10. Article X: Retention of Personal Data
    1. Retention Policy
    Altitude Software Corporation adheres to a data retention policy that complies with legal obligations and reflects the purposes for which the data was collected.Personal data is retained only for as long as necessary to fulfill the identified purposes of processing, support business operations, or as otherwise required by law.
    2. Duration of Retention
    The specific retention period depends on several factors including the nature of the data, the purpose of its use, and relevant legal or operational retention needs.Examples of retention periods include:
          i. Account information is retained as long as the user's account is active plus a period of 7 years for compliance with tax and accounting requirements.
          ii. Interaction and usage data are typically retained for a period of up to 3 years from the date of collection to support product development and analysis.
    3. Post-Retention Measures
       a. Data Deletion: Upon the expiration of the retention period, personal data is securely deleted from all systems in accordance with our data destruction policies.
       b. Data Anonymization: In cases where the data is not deleted, it is anonymized to ensure that the personal information cannot be reconstructed or read. 
      c. Audit and Compliance: Regular audits are conducted to ensure compliance with our retention policies and any applicable legal obligations.

Third-Party Websites and Services: This Privacy Notice does not apply to third-party platforms or services accessed via our software. We advise reviewing the privacy policies of any third-party providers you interact with.
Updates to This Privacy NoticeNotification Procedures:  We may update this notice from time to time. Significant changes will be communicated through our platform and via email to registered users.
Contact Us: For further information or to exercise your privacy rights, please contact us at privacy@thealttiude.app.