Privacy Policy for Settlemate

Last Updated: May 16, 2025

Settlemate, Inc. ("Settlemate," "we," "our," or "us") values your privacy and is committed to protecting your personal data. This Privacy Policy ("Policy") explains what information we collect, how we use it, what rights you have, and how you can exercise those rights. By using our website (https://settlemate.io) or any product, mobile application, landing page, email‐processing service, or other digital property that links to this Policy (collectively, the "Services"), you acknowledge that you have read and understood this Policy and agree to our Terms of Use. If you do not agree, discontinue use of the Services immediately. Questions? Email us at privacy@settlemate.io.

Index

  1. Types of Personal Information Collected
  2. How We Use Your Information
  3. Disclosures of Your Information
  4. Links to Third-Party Websites
  5. How Long We Keep Your Information
  6. How We Keep Your Information Safe
  7. Your Privacy Choices
  8. Cookies and Other Tracking Technologies
  9. U.S. State-Specific Notice
  10. Children’s Privacy
  11. A Note to Users Outside the United States
  12. Updates to This Notice
  13. Contact Us

1. Types of Personal Information Collected

Information you provide to us directly

Account Registration
Examples: Name, email address, phone number, postal address, date of birth, preferred language, login credentials (OAuth token, social sign-in), organization information
Primary Purpose: Create and maintain your Settlemate account, verify identity for settlement filings, personalize your dashboard

Profile & Demographics
Examples: Age, gender, geographic location, occupation, litigation interests
Primary Purpose: Tailor settlement recommendations and communications

Payment & Subscription Data
Examples: Partial credit-card PAN, expiration date, billing ZIP, Apple/Google in-app purchase identifiers
Primary Purpose: Process subscription fees and distribute settlement proceeds

Communication Content
Examples: Customer-support emails, feedback forms, survey responses
Primary Purpose: Provide support and improve Services

Information obtained with your explicit consent

Email Inbox Data
Examples: Transactional emails, purchase receipts, shipping confirmations, settlement notices, legal claim updates (retrieved via Gmail, Outlook, Yahoo!, or IMAP)
Primary Purpose: Automatically detect class-action eligibility, pre-fill claim forms, monitor status, and email on your behalf to administrators and courts

Send-as Access
Examples: Ability to send email from your address solely to settlement administrators, claims agents, or retailers
Primary Purpose: Submit claims, request documentation, and communicate status updates

Settlemate’s use and transfer of Gmail data adheres to Google API Services User Data Policy—including the Limited Use requirements—and qualifies as reporting and monitoring under Google’s restricted scopes. We never sell or share message-body data.

Information collected automatically

When you interact with the Services we log:

  • IP address, device type, OS and browser metadata
  • Access timestamps, referral URLs, and feature usage
  • Cookie identifiers, session tokens, and crash logs

This data enables fraud detection, security monitoring, analytics, and product improvement.

Information from other sources

We may receive confirmation files from settlement administrators, public court dockets, affiliate networks, data brokers, and social-media platforms to validate eligibility, enrich claim forms, and prevent fraud.

Information collected when you open our emails

Our HTML emails include a tiny pixel that reports when an email is opened and which links are clicked. We use this data to gauge engagement and refine content. You may disable images in your email client to prevent pixel loading.

2. How We Use Your Information

We process your personal data to:

  • Create and manage accounts – authenticate logins and synchronize devices.
  • Identify eligible settlements – parse receipts and legal notices to match you with open claims.
  • Automate claim submission – pre-populate forms, upload documentation, and email administrators from your inbox.
  • Distribute proceeds – calculate payouts, coordinate with payment processors (e.g., Stripe, Plaid) and deposit funds.
  • Provide customer support – respond to inquiries, debug reports, and deliver in-app or email updates.
  • Send marketing or product announcements – only with your opt-in consent.
  • Analyze and improve Services – run A/B tests, measure feature adoption, and develop new functionality.
  • Ensure security and prevent fraud – detect suspicious logins, rate-limit abusive traffic, and comply with legal obligations.
  • Comply with law – respond to subpoenas, court orders, and regulatory requests.
  • Enforce our Terms of Use – investigate violations or protect our rights, users, or the public.
  • Any other purpose disclosed to you and with your consent.

Settlemate does not use fully automated decision-making that produces legal or similarly significant effects without human review.

3. Disclosures of Your Information

We share personal data only under the circumstances below:

Settlement administrators, courts, and claims agents
Submit claim packets, verify eligibility, and receive payout files.

Payment processors (Stripe, Apple, Google, Plaid)
Collect subscription fees, issue refunds, and disburse settlements.

Infrastructure & analytics providers
Host servers (AWS, Supabase, Vercel), store databases, and compute analytics.

Identity-verification vendors
Perform "Know Your Customer" (KYC) or anti-fraud checks when required.

Professional advisors & auditors
Obtain legal, tax, accounting, or compliance guidance.

Successors in a business transaction
Transfer assets in a merger, acquisition, or bankruptcy (subject to confidentiality).

Law enforcement or regulators
Satisfy legal obligations, court orders, or protect vital interests.

With your explicit direction
For any purpose you authorize via granular consent.

We never sell or “share” inbox contents for advertising purposes.

4. Links to Third-Party Websites

Our Services may contain links to external sites, offer walls, or widgets not operated by Settlemate. We do not control, endorse, or assume responsibility for their content or privacy practices. Review the privacy policies of any third-party site you visit.

5. How Long We Keep Your Information

We retain data only as long as necessary:

  • Account data & inbox tokens – deleted or anonymized within three (3) months after you close your account or withdraw email consent.
  • Accounting & payout records – retained for five (5) years after the end of the fiscal year, to satisfy tax and bookkeeping laws.
  • Marketing-consent logs – kept for two (2) years from the date you opt out.
  • Backup archives – encrypted, access-restricted, and purged on a rolling 35-day cycle.
  • Anonymized or aggregated data – stored indefinitely.

When deletion is infeasible (e.g., database backup), we isolate and secure the data from further processing until removal is possible.

6. How We Keep Your Information Safe

  • All traffic is encrypted in transit via TLS 1.2+.
  • Sensitive fields (tokens, payout details) are encrypted at rest using AES-256.
  • Access to production systems is gated by hardware security keys and mandatory 2FA.
  • Infrastructure runs on SOC 2 Type II-certified providers (AWS, Supabase, Vercel).
  • We conduct annual penetration tests and quarterly vulnerability scans.
  • Role-based access control limits employee access; only vetted claims specialists may view limited email excerpts required for manual filings.

Despite our efforts, no system is 100% secure. Use the Services at your own risk and maintain strong, unique passwords.

7. Your Privacy Choices

You may exercise the following rights:

Access / Portability
Request a copy of the personal data we hold about you.

Rectification
Correct inaccurate or incomplete information.

Deletion
Permanently erase your account and inbox data (subject to legal holds).

Withdraw Consent
Disable inbox access and stop further automated analysis.

Marketing Opt-Out
Click "unsubscribe" in emails or email privacy@settlemate.io.

Non-Discrimination
You will not receive discriminatory treatment for exercising your rights.

Submit requests by emailing privacy@settlemate.io. We will verify your identity and respond within the timeframe required by law.

8. Cookies and Other Tracking Technologies

Settlemate and our analytics or advertising partners use cookies, SDKs, and pixel tags to:

  • Remember login sessions and user preferences.
  • Measure traffic patterns and feature usage.
  • Deliver or limit promotional messages (only if you have opted in).

You can block cookies in your browser, use industry opt-out tools (e.g., optout.aboutads.info), or adjust mobile-OS ad-tracking settings. Blocking cookies may degrade some functionality.

9. U.S. State-Specific Notice

Residents of California, Virginia, Colorado, Connecticut, Utah, Oregon, Texas, and Montana may have additional rights under their respective privacy statutes, including the right to opt out of “sale” or “share” of personal data for cross-context behavioral advertising. Settlemate does not engage in such practices; however, you can submit state-specific requests at privacy@settlemate.io.

Settlemate acts as a Controller (“Business” under CCPA).

10. Children’s Privacy

The Services are not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children. If you believe a minor has provided data, email privacy@settlemate.io and we will delete it promptly.

11. A Note to Users Outside the United States

Settlemate is based in the United States. Your personal data may be transferred to—and processed in—countries other than your own, which may have different data-protection laws. By using the Services, you consent to this transfer, subject to appropriate safeguards such as Standard Contractual Clauses where required.

12. Updates to This Notice

We may revise this Policy from time to time. The updated version will be posted with a new “Last Updated” date. Material changes may be highlighted via email or in-app notification. Continued use of the Services after the effective date constitutes acceptance of the revised Policy.

13. Contact Us

If you have questions, concerns, or complaints about privacy at Settlemate, contact us at:

Settlemate, Inc.
Attn: Privacy Team
111 Main Street, Suite 500
San Francisco, CA 94105, USA
Email: privacy@settlemate.io