Privacy Policy
Transparency for every finance workflow
This page explains how Spectruminvestlab processes Personal Data across marketing, onboarding, the spectruminvestlab.com trading assistant, and the financial dashboard. It applies to visitors, prospects, and workspace users in every region where we operate.
1. Introduction
Spectruminvestlab (“Company”, “we”, “us”, or “our”) develops the spectruminvestlab.com financial dashboard that helps finance teams analyze profitability, orchestrate payments, and collaborate securely. This Privacy Policy describes how we collect, use, disclose, and protect Personal Data when you visit our marketing site, request access, or use any authenticated workspace.
Personal Data means any information linked to an identified or identifiable person, including workspace teammates, billing contacts, and visitors. By accessing our services, you acknowledge that we will process Personal Data as described here and in accordance with applicable privacy legislation.
2. Website; Visitors and Users
We separate the way we handle information about marketing visitors from the data we handle on behalf of subscribed customers. Marketing data is controlled by Spectruminvestlab, while workspace data is primarily processed as a data processor acting on your instructions.
2.1. General
We operate as a business-to-business platform. Most Personal Data is provided in a professional context (work email, job role, treasury files, or task-level comments). When we rely on legitimate interest to process this data, we balance that interest against your rights and document the analysis as part of our governance program.
2.2. Collection and Use
We collect data directly from you, from your employer or teammates, and automatically through device-level telemetry. We also ingest financial files that you upload to calculate KPIs or run profitability simulations.
Personal Data we handle includes:
- Identification details such as name, business email, company name, role, and preferred language.
- Account and authentication data managed through Supabase (hashed passwords, session tokens, multi-factor preferences).
- Financial artifacts supplied by you (cash-flow statements, invoices, routing instructions) that enable dashboards and quick bill pay.
- Usage metrics and diagnostics (feature adoption, clickstream, error logs) gathered via first-party analytics to improve reliability.
- Device data such as IP address, browser type, timezone, and locale to maintain fraud controls and accurate localization.
2.3. Purpose of Processing Personal Data
We process Personal Data solely for clearly defined business objectives and only retain it for as long as needed.
- Provide, customize, and optimize the Spectruminvestlab financial dashboard and companion mobile experiences.
- Authenticate users, enforce access policies, and prevent unauthorized sign-ins or suspicious fund movements.
- Offer onboarding, in-product education, and proactive support through human or automated channels.
- Analyze anonymized or aggregated usage trends to prioritize product improvements and detect performance regressions.
- Send service announcements, regulatory updates, and marketing communications when legally permitted and with required consents.
3. Partners
Spectruminvestlab works with carefully selected partners to deliver bank-grade functionality. Key categories include infrastructure (Supabase, AWS, Vercel), payment orchestration (Stripe, currency clearing partners), analytics (PostHog), messaging (Customer.io), and customer support tooling (Intercom or its local equivalent). Each partner is bound by contractual safeguards, including confidentiality, technical controls, and restrictions on onward transfer.
4. Security
Security is embedded in our product roadmap. We employ encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege access, signed deployments, and automated dependency scanning. Administrative access requires hardware-backed multi-factor authentication.
We monitor for anomalies, maintain an incident response plan, and conduct regular tabletop exercises with engineering, legal, and support teams. If we detect unauthorized access that affects your Personal Data, we will notify you without undue delay together with remediation guidance.
7. Retention and Deletion
We retain account records for the lifespan of the customer agreement plus a configurable archival window (standard: 90 days) to help teams recover workspaces on request. Financial transaction artifacts can be retained for up to seven years where accounting or anti-money laundering rules require it.
When you delete data from within the product, it is queued for removal from active systems within 30 days and from backups within 90 days. If you need an accelerated purge, contact us and we will confirm feasibility together with any regulatory constraints.
8. Your Rights
Depending on your jurisdiction (for example, EEA, UK, Canada, or certain U.S. state laws), you may exercise specific rights over your Personal Data. We verify every request, keep an auditable record, and respond within the timelines defined by the applicable law.
To submit a request, email us at info@spectruminvestlab.com and include your workspace identifier or ticket number so we can verify your identity.
8.1. Right of Access
You may request confirmation of whether we process your Personal Data and receive a copy of the data along with supplementary information about how it's used.
8.2. Right to Rectification
If any account information is inaccurate or incomplete, you can update it directly within settings or ask us to make corrections on your behalf.
8.3. Right to Erasure
In certain cases you may request that we delete your Personal Data. We will honor the request unless we must retain specific records to comply with accounting, tax, or anti-abuse obligations.
8.4. Right of Restriction of Processing
You may request that we restrict processing where accuracy is contested, processing is unlawful, or we no longer need the data but you require us to keep it for legal claims.
8.5. Right to Data Portability
We will provide Personal Data you supplied to us in a structured, commonly used, and machine-readable format so you can reuse it with another service.
8.6. Right to Object
You may object to processing that relies on legitimate interests or to direct marketing. We will stop processing unless we demonstrate compelling legitimate grounds or overriding legal reasons.
8.7. Right to Withdraw Consent
Where we rely on consent (for example, for optional analytics cookies or marketing emails), you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.
10. Acceptance of this Policy
By visiting our website, creating an account, or continuing to use the Spectruminvestlab platform after updates are posted, you accept this Privacy Policy. If you disagree with the terms, you should stop using the services and delete your account.
11. Legal Obligation to Disclose Personal Data
We may disclose Personal Data when required to comply with subpoenas, court orders, supervisory authorities, or other lawful requests. Whenever legally allowed, we will notify affected customers before responding so they can seek protective measures.
11. Legal Obligation to Disclose Personal Data
Financial services regulations sometimes require immediate disclosure without prior notice, such as suspicious activity reports, sanctions screening matches, or urgent fraud escalations. In those cases we will share only what is necessary, document the disclosure, and inform you as soon as confidentiality constraints are lifted.
Need more details?
Reach out to our Data Protection Officer at info@spectruminvestlab.com or submit a ticket through the in-product Support button. We are happy to walk you through our security certifications, subprocessors, or data processing agreements.