Join waitlist

Privacy Policy

KreditIQ, Inc. (“KreditIQ,” “we,” “our,” or “us”) values your trust and is committed to protecting the privacy and security of your information. Our platform and services are business-to-business (B2B) solutions designed to help banks, credit unions, and financial institutions modernize their credit decisioning processes through AI-driven intelligence and automation.

This Privacy Policy describes how KreditIQ collects, uses, and discloses information through our website www.KreditIQ.ai and our SaaS-based applications (collectively, “Digital Property”).

By using our Digital Property, you agree to this Privacy Policy and consent to the collection and use of your information as described below.

1. Information We Collect

We collect both personally identifiable information (“PII”) and non-personally identifiable information (“Non-PII”) in connection with the operation of our Digital Property and delivery of services.

Non-PII

Non-PII refers to data that cannot identify an individual directly, such as:

  • Aggregated usage statistics (e.g., number of users, session length)
  • Browser type, device type, and operating system
  • IP address (masked or partial)
  • Referring/exit pages and URLs
  • Cookie data and analytics logs

We use this data to improve performance, security, and the user experience.

PII

PII refers to information that identifies, relates to, or could reasonably be linked to an individual, such as:

  • Name, email address, phone number, business title, or employer
  • Login credentials for KreditIQ accounts
  • Financial data submitted for analysis through our platform (e.g., borrower data, documents, financial statements)
  • Device identifiers or metadata associated with your use of the platform

PII is collected from our business clients and their authorized users (“Business Affiliates”) to enable credit analysis, decisioning, and compliance reporting in accordance with applicable data protection laws.

2. How We Collect Information

We use the information we collect to:

  • Platform Activity Logs: Automatically capture session details (IP, access time, actions) for audit and security purposes.
  • Cookies and Web Beacons: Used to authenticate sessions, measure engagement, and improve experience. You can manage preferences through your browser settings.
  • API and Document Uploads: When clients upload documents or connect via API, KreditIQ extracts structured data using Optical Character Recognition (OCR) and Natural Language Processing (NLP) to perform credit analytics.
  • Service Applications: If you apply to partner with KreditIQ (as a vendor, client, or employee), we may collect additional details (e.g., W-9s, resumes, business licenses).

3. How We Use Information

We use the information we collect to:

  • Deliver and improve our SaaS decisioning services
  • Authenticate users and secure accounts
  • Generate credit memos, risk scores, and audit trails
  • Communicate updates, support requests, and product notices
  • Fulfill legal, contractual, and regulatory obligations (OCC, FDIC, CFPB, GLBA)
  • Enhance model accuracy through anonymized data feedback loops
  • Monitor and ensure compliance with fair lending and model governance standards

KreditIQ does not sell or rent personal data to third parties.

4. Disclosure of Information

We may share limited information under the following circumstances:

  • With Clients and Their Authorized Users: PII may be shared internally within the same client organization or with authorized service providers as needed to perform credit analysis and reporting.
  • With Third-Party Processors: Trusted vendors providing hosting, analytics, or authentication (e.g., cloud infrastructure, e-sign providers). All vendors are bound by confidentiality and data security agreements.
  • For Legal or Regulatory Requirements: To comply with applicable law, subpoena, or government request.
  • During a Merger or Acquisition: If KreditIQ is involved in a corporate transaction, data may be transferred as part of that process under confidentiality safeguards.

5. Security and Zero-Trust Framework

Security is foundational to KreditIQ’s platform design. We employ a Zero-Trust Architecture, meaning no user, system, or device is trusted by default. Measures include:

  • Multi-Factor Authentication (MFA)
  • Role-Based Access Control (RBAC)
  • End-to-End Encryption (AES-256 at rest, TLS 1.3 in transit)
  • Continuous monitoring and anomaly detection
  • Segregated data environments per tenant (single-tenant option for financial institutions)
  • SOC 2-compliant infrastructure
  • Model risk governance aligned with SR 11-7, OCC, and CFPB frameworks

We maintain detailed audit trails and log all data access, edits, and exports.

6. Retention and Data Rights

KreditIQ retains PII only as long as necessary to fulfill contractual and regulatory obligations or as required by law.
Upon termination of service, clients may request secure deletion or anonymization of stored data.

Depending on jurisdiction, you may have the right to:

  • Access or request copies of your data
  • Request correction or deletion
  • Restrict or object to certain processing
  • Request data portability

To exercise rights, contact privacy@KreditIQ.ai.

7. Cookies and Tracking

We use cookies and analytics tools to:

  • Maintain session security
  • Measure system performance
  • Support personalization

You can adjust cookie preferences in your browser. Essential cookies are required for system functionality and cannot be disabled.

8. Children’s Privacy

KreditIQ’s services are not directed to individuals under 16 years of age. We do not knowingly collect information from minors. If you believe a child has provided us data, please contact us immediately at privacy@KreditIQ.ai for removal.

8. Children’s Privacy

KreditIQ’s systems and data centers are located in the United States.
For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data-protection laws, KreditIQ processes personal data under legitimate business interests or contractual necessity and implements Standard Contractual Clauses where required.

10. California Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents may request to:

  • Access, correct, or delete personal data collected by KreditIQ
  • Opt out of sharing data for marketing (KreditIQ does not sell personal data)

Submit requests to privacy@KreditIQ.ai.

11. Third-Party Sites and Integrations

KreditIQ may integrate with third-party systems (e.g., LOS, CRM, or document services). We are not responsible for the privacy practices or content of external websites. Review their policies before use.

12. Updates to This Policy

This Privacy Policy may be updated periodically. Revisions will be posted with an updated “Last Modified” date. Your continued use of our Digital Property constitutes acceptance of those changes.

Last Modified: October 4, 2025

11. Third-Party Sites and Integrations

KreditIQ, LLC.
Attn: Privacy Office
Email: privacy@KreditIQ.ai
Website: www.KreditIQ.ai