Legal

Privacy Policy

Last updated June 12, 2026

This policy explains what data MetrikData collects when you use our underwriting platform, how we use and store it, and the choices you have. We built MetrikData for MCA brokers, ISOs, and funders who handle sensitive financial documents, so data protection is core to the product.

1. Data we collect

We collect three categories of data:

  • Account data — your name, email address, organization name, and authentication credentials managed through our identity provider.
  • Statement data — the bank statement PDFs you upload and the structured data extracted from them (transactions, balances, business names, and derived underwriting metrics).
  • Usage data — log events, request identifiers, export history, and audit records used to operate, secure, and improve the service.

2. How we use data

We use your data only to provide and operate the service: parsing uploaded statements, generating underwriting reports, enforcing plan limits, billing, and maintaining an audit trail. We do not sell your data, and we do not use uploaded statement content to train third-party models.

3. Storage and security

Uploaded PDFs are stored in private, per-workspace object storage buckets. Access is gated by workspace authentication and row-level security so that one organization cannot read another’s documents. Data is encrypted in transit (TLS) and at rest (AES-256). Administrative access is restricted and logged.

4. Third-party processors

We rely on a small set of vetted subprocessors to run the service, including our cloud database and storage provider, our document-parsing provider, and our payments provider. Each processes data solely to deliver their function and is bound by contractual confidentiality and security obligations.

5. Data retention

Statement data is retained for as long as your workspace remains active, up to the retention window associated with your plan. You may delete individual cases, merchants, or your entire workspace at any time. Deleted records are removed from active systems promptly and purged from backups on a rolling schedule.

6. Your rights

You can access, correct, export, or delete your data from within the application. Depending on your jurisdiction, you may have additional rights to request information about how your data is processed. To exercise any of these rights, contact us at the address below.

7. Changes to this policy

We may update this policy as the product evolves. Material changes will be reflected in the “last updated” date above and, where appropriate, communicated to workspace owners.

8. Contact

Questions about this policy or your data? Email hello@metrikdata.com.