Privacy Policy

colunrnn collects information that you provide directly to us, as well as information that is collected automatically when you use our services. Directly provided information includes your name, email address, company name, job title, phone number, and billing information when you create an account, request a demo, or subscribe to our services. We also collect information you provide when you contact our support team, participate in surveys, or engage with our content. Automatically collected information includes your IP address, browser type and version, operating system, device identifiers, referring URLs, pages visited on our website, time spent on pages, and clickstream data. When you use our API Observer or Column Bank platforms, we collect usage telemetry including feature usage patterns, query volumes, and platform performance metrics. This telemetry data helps us improve our services and provide better support. We do not collect, access, or store the actual content of your API responses or banking data. Our monitoring agents collect metadata and statistical summaries only. Your business data remains in your infrastructure at all times.

We use the information we collect for the following purposes: to provide, maintain, and improve our API Observer and Column Bank services; to process transactions and send related information including purchase confirmations and invoices; to send technical notices, updates, security alerts, and support messages; to respond to your comments, questions, and customer service requests; to communicate with you about products, services, offers, and events offered by colunrnn that we believe may be of interest to you. We also use collected data to monitor and analyze trends, usage patterns, and activities in connection with our services; to detect, investigate, and prevent fraudulent transactions and other illegal activities; to personalize and improve your experience on our platform; to develop new products, services, and features; and to comply with legal obligations and enforce our terms of service. We process usage telemetry data in aggregate to generate platform performance benchmarks and industry insights. These aggregated insights never contain information that could identify individual users or organizations.

colunrnn stores your personal information on secure servers located in the United States and the European Union, depending on your geographic location and service configuration. We use industry-leading cloud infrastructure providers that maintain SOC 2 Type II, ISO 27001, and other relevant security certifications. All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Database backups are encrypted and stored in geographically separate locations to ensure business continuity. Access to stored data is restricted to authorized personnel on a need-to-know basis, with all access logged and audited. We retain your personal information for as long as your account is active or as needed to provide you services. If you close your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law or for legitimate business purposes such as resolving disputes or enforcing our agreements. Usage telemetry data is retained in aggregate form for up to 24 months for service improvement purposes.

Depending on your jurisdiction, you may have certain rights regarding your personal information. These rights may include: the right to access the personal information we hold about you; the right to request correction of inaccurate or incomplete personal information; the right to request deletion of your personal information; the right to restrict or object to the processing of your personal information; the right to data portability, allowing you to receive your data in a structured, commonly used format; and the right to withdraw consent where processing is based on consent. To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days, as required by applicable law. We may ask you to verify your identity before processing your request to protect your privacy and security. If you are a resident of the European Economic Area, you also have the right to lodge a complaint with your local data protection authority. If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to opt out of the sale of personal information, and the right to non-discrimination for exercising your privacy rights.

colunrnn uses certain third-party services to operate our business and provide our platform. These third-party services may have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. Our third-party service providers include: cloud infrastructure providers for hosting and data storage; payment processors for handling subscription billing; email service providers for transactional and marketing communications; analytics providers for understanding website usage patterns; customer support platforms for managing support tickets; and identity verification services for account security. We carefully evaluate the privacy and security practices of all third-party service providers before engaging them, and we require contractual commitments to protect your data in accordance with this privacy policy and applicable law. We do not sell your personal information to third parties. We do not share your personal information with third parties for their own marketing purposes without your explicit consent. Our platform may contain links to third-party websites or services that are not operated by colunrnn. We are not responsible for the privacy practices of these third-party sites and encourage you to review their privacy policies independently.

colunrnn implements comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security program is designed to meet the rigorous standards expected by financial services organizations and is independently audited annually. Technical security measures include: AES-256 encryption for all data at rest; TLS 1.3 encryption for all data in transit; multi-factor authentication for all platform access; role-based access controls with principle of least privilege; regular vulnerability scanning and penetration testing; intrusion detection and prevention systems; automated security patching and update management; and comprehensive logging and monitoring of all system access. Organizational security measures include: mandatory security awareness training for all employees; background checks for all personnel with access to customer data; incident response procedures with defined escalation paths; regular security reviews and risk assessments; vendor security assessment program; and a dedicated security team that monitors our infrastructure 24/7. colunrnn maintains SOC 2 Type II certification, demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy. Despite our best efforts, no method of transmission over the Internet or method of electronic storage is completely secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at [email protected].

colunrnn's services are designed for business use and are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If we become aware that we have inadvertently collected personal information from a child under 16, we will take immediate steps to delete that information from our servers. If you are a parent or guardian and you believe that your child has provided us with personal information without your consent, please contact us at [email protected]. We will work with you to ensure that any such information is promptly removed from our systems. Our platform requires users to be at least 18 years of age or the age of majority in their jurisdiction to create an account. By creating an account, you represent and warrant that you meet these age requirements.

colunrnn may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this policy, we will notify you by posting the updated policy on our website with a new effective date and, where appropriate, by sending you a notification via email or through our platform. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated policy. For significant changes that materially affect how we use or share your personal information, we will provide at least 30 days advance notice before the changes take effect. During this notice period, you may contact us with questions or concerns, or choose to close your account if you do not agree with the updated terms. The date at the top of this policy indicates when it was last updated. If you have any questions about changes to this policy or our privacy practices in general, please contact us at [email protected] or write to us at 350 Fifth Avenue, Suite 4200, New York, NY 10118.