Privacy Policy

Atton Finance LLC ("Atton Finance", "we", "us", or "our") operates the attonfinance.com platform. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use our platform.

Atton Finance is a technology connection platform (lead marketplace). We are not financial advisors, insurance agents, real estate brokers, or tax preparers. We connect people with independent licensed professionals.

1. What data we collect

1.1 Information you provide

• Registration data: name, email address, phone number, password.
• General financial profile: information about your needs (insurance, taxes, real estate, etc.) provided during the assessment or when creating your Master Plan.
• Payment data: processed directly by Stripe. Atton Finance does not store credit card numbers or banking data on our servers.
• Communications: messages you send us through contact forms or email.

1.2 Automatically collected information

• Usage data: pages visited, time on site, actions within the platform.
• Device data: browser type, operating system, IP address, device identifiers.
• Cookies and similar technologies: see section 6 of this policy.

1.3 Information we do NOT collect

Atton Finance does NOT collect or store detailed financial information such as bank account numbers, account statements, tax returns, verified income, or Social Security numbers. This information is collected and handled directly by the independent professional (Associate) under their own regulatory obligations.

2. How we use your data

We use your personal information to:

• Connect you with the most suitable independent professional (Associate) for your needs.
• Generate and personalize your financial Master Plan using artificial intelligence.
• Process subscription payments and Attoms credits.
• Send you communications related to your account and requested services.
• Improve our platform through internal data analysis.
• Comply with legal and regulatory obligations.
• Prevent fraud and protect platform security.

3. Use of artificial intelligence (Sandra AI)

• Sandra processes the general information you provide to identify your needs and generate educational recommendations.
• Sandra does not have access to your detailed financial information (accounts, income, specific debts).
• Sandra's recommendations do not replace advice from a licensed professional. Always consult with a professional before making financial decisions.
• Atton Finance may share general information about your needs with Associates to facilitate connection, but never your complete conversations with Sandra.
• AI-generated results may contain errors. Atton Finance does not guarantee the accuracy of automatically generated information.

4. Who we share your data with

Atton Finance does NOT sell your personal data to third parties under any circumstances.

We only share information in the following cases:

• Associates (independent professionals): When you are connected with a professional, we share exclusively your name, email, phone, and the general needs expressed to facilitate initial contact. The Associate is responsible for handling that information under their own regulatory obligations.
• Technology service providers:
  • Stripe for secure payment processing.
  • Supabase for secure data storage.
  • Resend for transactional email delivery.
  • PostHog for platform usage analytics (see section 6).
  • Vercel for platform hosting and distribution.
  • Pinecone for AI search and memory features.
• Legal obligations: If required by law, we may share information with government authorities, in response to court orders or legal subpoenas.

5. GLBA Privacy Notice

In accordance with the Gramm-Leach-Bliley Act (GLBA), we inform you of the following:

• Atton Finance collects general information for user needs assessment.
• Atton Finance does NOT collect or store nonpublic personal information (NPI) such as account numbers, account statements, detailed tax information, or verified income.
• Detailed financial information is collected and handled directly by the independent Associate under their own regulatory confidentiality and security obligations.
• You have the right to opt out of sharing your information with non-affiliated third parties by contacting us at the address listed at the end of this policy.

6. Cookies and tracking technologies

Our platform uses the following types of cookies:

• Essential cookies: Necessary for platform operation (authentication, language preference, security).
• Analytics cookies (PostHog): We use PostHog to understand how users interact with our platform. PostHog collects anonymized usage data such as pages visited, clicks, and time on site. This information helps us improve the user experience.

We do not use third-party advertising cookies. Atton Finance does not participate in advertising networks or share browsing data with advertisers.

You can configure your browser to reject cookies, although some platform functionality may be affected.

7. Your rights

You have the right to:

• Access: Request a copy of the personal information we have about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your account and personal data, subject to legal retention obligations.
• Portability: Request your data in a structured, commonly used format.
• Opt-out: Opt out of non-essential marketing communications.
• Non-discrimination: You will not be treated differently for exercising your privacy rights.

To exercise any of these rights, contact us at privacy@attonfinance.com. We will respond to your request within the 45 calendar days established by law.

8. State privacy laws (CCPA and others)

If you are a resident of California or other states with consumer privacy laws, you have additional rights:

• Right to know: What personal information we collect, use, and share.
• Right to delete: Request that we delete your personal information.
• Right to opt-out: Atton Finance does not sell personal information. We do not need a "Do Not Sell My Information" link because we do not sell data.
• Right to non-discrimination: You will not be penalized for exercising your rights.

Atton Finance does not engage in the "sale" or "sharing" of personal information as defined by the CCPA/CPRA. Data shared with Associates is done exclusively to provide the service you requested.

9. Data retention

• Active account data: While your account is active and for 30 additional days after closure.
• Consent records (TCPA/FTSA): Minimum 4 years, as required by Florida law.
• Transaction records: 7 years, per tax and accounting requirements.
• Analytics data: Anonymized and retained indefinitely for trend analysis.
• Support communications: 2 years after resolution.

When data is no longer necessary for the purposes described, we will securely delete or irreversibly anonymize it.

10. Data security

We implement technical and organizational security measures to protect your information, including:

• AES-256 encryption for all personally identifiable information (PII) at rest.
• HTTPS/TLS connections for all data transmission.
• Row-level security (RLS) policies on our database.
• Data validation on all inputs.
• Rate limiting on all API routes.
• Audit logging for sensitive operations.
• Multi-factor authentication available for all accounts.

No security measure is 100% infallible. If you discover a vulnerability, contact us immediately at security@attonfinance.com.

11. Children's privacy

Our platform is not directed to individuals under the age of 18. We do not knowingly collect information from minors. If we discover that we have collected information from a minor, we will delete it immediately. If you believe a minor has provided us with personal information, contact us at privacy@attonfinance.com.

12. Changes to this policy

We reserve the right to update this Privacy Policy at any time. Material changes will be notified via email or through a prominent notice on the platform with at least 30 days advance notice. Your continued use of the platform after notification constitutes your acceptance of the changes.