Privacy Policy

Effective Date: June 23, 2026  · Company: SecureFi, Inc.

Overview

While limiting unnecessary data collection and file clutter, SecureFi ensures user privacy and is designed to provide confidence-based risk guidance, source verification support, threat awareness, AI-assisted advisory support, and recovery documentation.

This Privacy Policy explains what information SecureFi collects, how we use it, how we protect you, when we share it, how long we retain it, and how users can request access, correction, or deletion.

Please note that SecureFi is designed around data minimization. Users should submit only the limited information needed to evaluate a concern.

Information We Collect

SecureFi may collect the categories of information described below.

2.1 Account Information

  • Name
  • Email address
  • Phone number, if provided
  • Login information
  • Authentication information
  • Plan or subscription status
  • Billing status
  • Communication preferences
  • Organization or household association, if applicable
  • Account settings
  • Onboarding status

2.2 Check-In Content

Text, descriptions, messages, emails, voicemail transcripts, AI answers, social media content, app store links, website links, phone numbers, source details, financial request descriptions, family concerns, or other information submitted by the user for analysis.

2.3 Context Information

  • Whether the check-in is for the user or someone they help.
  • Whether the item involves money, identity, credentials, urgency, family, AI output, financial requests, minor safety, app installation, data breach, source verification, privacy concern, or other risk categories.
  • User-provided notes or clarifying answers,
  • Situation type selections,
  • Risk category selections, and
  • User profile signals such as state, general household profile, privacy tags, family plan status, or optional interest categories

2.4 AI Advisor Information

  • AI Advisor messages
  • AI Advisor conversation history
  • Current session context
  • Prior check-in summaries used for Advisor context
  • Threat alerts or sources included in the Advisor context
  • Source citations included in Advisor responses
  • AI Advisor usage counts
  • Token usage and cost logs
  • Plan-based Advisor access or entitlement status

2.5 Evidence Pack Information

  • Incident summaries
  • Incident dates
  • Amounts lost or at risk, if provided
  • Payment methods, if provided
  • Phone numbers, emails, URLs, app store links, app names, developer names, wallet addresses, callback numbers, or other contact information related to an incident
  • Report target selections
  • Bank call scripts
  • Report summary language
  • Evidence preservation checklists
  • Export status
  • PDF export links, if enabled
  • User-entered notes

2.6 Threat Intel, Advanced Threats, and Source Verification Usage

  • Alerts viewed
  • Resources opened
  • Sources checked
  • URLs, domains, app store links, phone numbers, email senders, or other source details submitted for verification
  • Data breach cards viewed
  • Data broker opt-out tracking status, if used
  • Minor & Teen panel interactions
  • Advanced Threats panel interactions

2.7 Usage Information

  • Date and time of check-ins
  • Result classifications
  • Confidence levels
  • Signals detected
  • Risk domains
  • Feedback ratings
  • Feature usage
  • Error logs
  • Device and browser information
  • IP address or approximate location data, if needed for security, abuse prevention, localization, fraud prevention, analytics, or service operation
  • Session information
  • Rate-limit information

2.8 Payment and Subscription Information

If paid plans are offered, payment information may be processed by a third-party payment processor such as Stripe. SecureFi DOES NOT store full payment card information.

SecureFi may store subscription status, plan tier, billing period, customer ID, subscription ID, renewal date, trial status, coupon status, founding member status, founder code status, organization account status, and subscription event history.

2.9 Organizational Account Information

If access is provided through an employer, membership organization, financial institution, legal firm, school, association, or other organization, SecureFi may collect organization name, organization type, seat count, seat assignment, billing contact information, account administrator information, plan tier, contract dates, and aggregate account usage.

Unless otherwise stated in a separate written agreement or authorized by the user, organizational sponsors should not receive individual check-in content, AI Advisor conversations, Evidence Packs, or protected personal submitted content.

2.10 Feedback and Beta Information

Feedback, survey answers, interviews, bug reports, testimonials, beta tester comments, helpfulness ratings, outcome feedback, user suggestions, and support communications.

Sensitive Information

Users should avoid submitting unnecessary personal and/or sensitive information, including full account numbers, Social Security numbers, passwords, MFA codes, medical details, legal documents, financial account credentials, intimate images, explicit content, child sexual abuse material, or highly sensitive personal information.

SecureFi may analyze user-submitted content that contains sensitive information, but users should submit only what is necessary to evaluate the specific concern.

If a user submits sensitive information, SecureFi may process it to provide the requested service, protect the service, maintain records, or comply with law, subject to this Privacy Policy.

Children and Minor-Related Information

SecureFi is intended for use by adults and is not intended for children under 18.

Users should not submit children's personal information unless they are a parent, guardian, or authorized person and the submission is necessary for the check-in, family safety concern, or minor safety guidance.

SecureFi may provide warning-sign guidance and resources for parents, guardians, or authorized adults. SecureFi does not determine whether abuse, exploitation, grooming, trafficking, sextortion, coercion, or criminal conduct occurred.

Users should not submit explicit images, intimate images, child sexual abuse material, or unlawful content. If such material exists or is suspected, users should contact appropriate official reporting resources rather than uploading or transmitting it through SecureFi.

How We Use Information

SecureFi may use information to:

  • Provide check-in analysis
  • Generate risk guidance
  • Generate AI Advisor responses
  • Identify signals and verification paths
  • Provide confidence-based outputs
  • Save user history
  • Provide Evidence Pack features
  • Generate report summaries and bank call scripts
  • Operate Threat Intel and Advanced Threats features
  • Provide data broker opt-out tracking
  • Operate Self-Certify integrity and safety controls
  • Operate and secure the service
  • Prevent abuse, fraud, or misuse
  • Enforce plan limits and feature gates
  • Manage subscriptions, trials, coupons, founding member plans, and organization accounts
  • Respond to user requests
  • Provide customer support
  • Analyze usage trends
  • Measure product performance
  • Improve product accuracy
  • Develop internal evaluation sets
  • Improve prompts, schemas, taxonomies, source registries, risk patterns, and workflows
  • Prepare anonymized or aggregated insights
  • Comply with law

AI Processing

SecureFi uses AI systems and third-party AI providers to analyze user-submitted content and generate guidance. AI outputs may be incomplete or incorrect. SecureFi uses AI as part of a decision-support process, not as a guarantee of truth, safety, legitimacy, or fraud detection. User-submitted content, check-in summaries, AI Advisor messages, Evidence Pack information, and relevant context may be transmitted to AI service providers for processing.

SecureFi will seek to use provider settings, policies, and configurations that support privacy, security, and appropriate data handling. SecureFi may log AI usage, token usage, model information, cost information, and prompt or output metadata for security, reliability, cost control, debugging, evaluation, and product improvement.

Product Improvement and Evaluation

SecureFi may use check-ins, outputs, feedback, ratings, AI Advisor interactions, Evidence Pack metadata, redacted examples, anonymized examples, aggregated data, user submissions, and usage data to improve the product.

Where feasible, SecureFi will redact personal information, use de-identified examples, aggregate data, or obtain user permission before using specific check-ins for public examples, marketing, training materials, or research.

SecureFi will not sell user-submitted personal check-in content.

SecureFi will not allow user submissions to automatically become active risk patterns without human or internal review.

Data Retention

SecureFi retains information according to its Data Retention Policy and operational needs.

Retention may vary based on whether a user is anonymous, a beta tester, a free user, a paid user, an organizational user, or part of a partner pilot.

SecureFi may retain information for different periods depending on the type of data, including:

  • Account information
  • Check-in history
  • AI Advisor conversations
  • Evidence Packs
  • Billing and subscription records
  • Source verification submissions
  • Data broker tracking records
  • Feedback and support records
  • Security logs
  • Cost logs
  • Admin logs
  • Legal, tax, accounting, and compliance records

Users may request deletion of their account or certain records, subject to legal, security, billing, backup, fraud-prevention, dispute-resolution, and operational requirements.

Evidence Pack Retention and Exports

The Evidence Pack may contain sensitive incident information. Users should include only the information and/or data necessary to document the incident.

If PDF export, shareable links, or storage features are enabled, SecureFi may store export files in private storage and may use expiring or signed links where appropriate.

Users may be able to delete Evidence Packs or request deletion, subject to legal, security, billing, backup, fraud-prevention, dispute-resolution, and operational requirements.

SecureFi does not submit Evidence Packs to banks, law enforcement, government agencies, hotlines, attorneys, or other third parties on behalf of users unless a separate written agreement expressly says otherwise.

Data Broker Opt-Out Tracking

SecureFi may provide data broker education, opt-out links, and user-reported tracking of opt-out progress. SecureFi does not automatically submit data broker opt-out requests on behalf of users unless a future feature and separate terms expressly provide otherwise. User-reported opt-out status may be stored so the user can track progress, renewal reminders, or follow-up steps.

Sharing Information

SecureFi may share information with:

  • Hosting providers
  • Database providers
  • AI processing providers
  • Analytics providers
  • Payment processors
  • Email or communication providers
  • Storage providers
  • Security and abuse-prevention providers
  • Source data providers or verification providers
  • Legal, accounting, tax, or professional advisors
  • Business partners only as authorized, aggregated, de-identified, required, or permitted for a specific program
  • Authorities, emergency resources, or legal recipients if required by law, legal process, safety obligations, or to protect rights, safety, users, or the service

Please be aware that SecureFi does not sell, or otherwise share, user personal information as part of its core business model.

Organizational and Partner Sharing

For organizational accounts, SecureFi may share account administration information, seat status, billing status, aggregate usage, and service-level information with the organization or partner sponsoring access.

Unless otherwise stated in a separate written agreement or authorized by the user, SecureFi should not share individual check-in content, AI Advisor conversations, Evidence Packs, or personal content with an organizational sponsor.

Subprocessors

SecureFi may maintain a list of third-party providers that process data on its behalf. This list may be made available, or provided upon request, as the product matures. Subprocessors may include providers for hosting, cloud infrastructure, database services, AI processing, payments, analytics, email, security, storage, transcription if enabled, logging, and customer support.

Security

SecureFi uses reasonable administrative, technical, and organizational measures designed to protect information. These may include access controls, authentication, encryption in transit, encryption at rest where appropriate, least-privilege access, logging, vendor review, rate limits, abuse detection, integrity checks, and internal policies.

SecureFi may use Self-Certification or integrity-checking features to help monitor source integrity, content integrity, deployment integrity, and system integrity. These controls are designed to improve security and trust, but no system is perfectly secure.

Again, users should avoid submitting unnecessarily sensitive or personal information.

User Choices and Rights

Depending on applicable law and user location, users may have rights to:

  • Access information
  • Correct information
  • Delete information
  • Request a copy of information
  • Opt out of certain communications
  • Limit certain uses
  • Withdraw consent where applicable
  • Appeal certain decisions where applicable

Requests can be sent to: info@securefi.ai

SecureFi may need to verify a user's identity before responding to certain requests.

Communications

SecureFi may send service-related communications, account notices, security notices, billing notices, subscription notices, trial notices, support messages, and feature updates.

Users may opt out of marketing communications where required or offered, but may still receive transactional, service, billing, legal, security, or account-related messages.

Family and Assisted Use

If a user submits content about another person, the user is responsible for ensuring they have permission, authority, or a lawful basis to do so. SecureFi should not be used or expected to monitor, control, impersonate, harass, exploit, stalk, or manipulate another person.

Changes to This Policy

SecureFi may update, modify and/or delete this Privacy Policy at will. We will provide notice of material changes as appropriate. SecureFi will not materially change how it uses previously collected personal information without appropriate notice or consent where required.

Contact

Questions or privacy requests may be sent to:

info@securefi.ai

SecureFi, Inc. 13 Cricket Corner Rd, Amherst, NH 03031

© 2026 SecureFi, Inc. All rights reserved. SecureFi is a product of SecureFi, Inc.

Terms of UseSubscription Terms← Home