PRIVACY POLICY

Last Revised: August 10, 2024

Your privacy is important to us. This Privacy Policy (“Privacy Policy“) describes how Aalto, Inc., dba Titus (“Titus“, “we“, “us“, or “our“) may collect, use, store, disclose, process, and transfer your personal information, through your access to or use of Titus products and services, including those at https://www.gotitus.com as well as any subdomains, website of ours that links to this Privacy Policy, related websites, mobile applications, and other offerings (collectively, the “Services“). By using the Services, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Services. Titus may change this Privacy Policy from time to time by posting changes on this webpage. Your continued use of the Services following the posting of such changes will be deemed your acceptance of those changes, unless additional consent is required.

Privacy Policy Applicability

This Privacy Policy applies when you use or access the Services or share information with Titus. By accessing or using the Services, you consent to this Privacy Policy. Titus may update this Privacy Policy at any time. If you do not consent to this Privacy Policy for any reason, please do not access or use the Services or share your information with us. Please note that this Privacy Policy applies only to the Services and not to any other third-party website linked to or from it, or any third-party website in which Titus‘s content or functionality is embedded. We do not control the privacy policies or practices of others.

Information We Collect from You

In general, we receive and collect all information you provide via the Services, including through website input fields (including advertisements), phone, email (including email campaigns), or other such ways. This includes personal information that can identify or relates to you, including, but not limited to:

Category of Personal Information	Examples of Personal Information We Collect	Categories of Sources from which such Personal Information is Collected	Categories of Third Parties or Services Providers with whom we share such Personal Information
Profile or Contact Data	First and last name Postal address Telephone number Email address	You Titus’s affiliated entities, partners, etc.	Advertising networks Data analytics providers Partners you authorize, access, or authenticate
Demographic Data	Examples may include Birthday Zip code	You Service providers	N/A
Personal Identifiers	Examples may include Birthday Zip code	You Service providers	Partners you authorize, access, or authenticate
Commercial Data	Examples may include Consumer profile Other purchasing histories or tendencies	You Service providers	N/A
Device/IP Data	Examples may include IP address Device ID Domain server Browser type Type of device Information regarding your interaction with the Services or any advertisement Information collected automatically through cookies and similar technology, device type, domain names, and access time/logs	You Service providers	Advertising networks Data analytics providers Third-party vendors
Geolocation Data	Examples may include General physical location IP-address-based location information Cookie ID	You Service providers	Advertising networks Data analytics providers Service providers
Web analytics	Examples may include Web page interactions Referring webpage/source through which you accessed the Services Browsing activity, including the addresses of websites that you visit Non-identifiable request IDs Statistics associated with the interaction between device or browser and the Services	You Service providers	Advertising networks Data analytics providers Service providers Third-party vendors
Professional or Employment-Related Data	Examples may include Employer	Service providers	N/A
Personal Health Information	N/A	N/A	N/A
Biometric Data	N/A	N/A	N/A
Financial and Payment Data	Examples may include Bank account information for ACH purposes	You	Service providers
Social Network Data	N/A	N/A	N/A
Sensory Data	Examples may include Photos	You	Service providers
Inferences Drawn from Other Personal Data Collected	Examples may include Profiles reflecting user attributes	You Service providers Other independent third-party sources	N/A
Other Identifying Information that You Voluntarily Decide to Provide	N/A	N/A	N/A

You have the choice regarding what information to share and the Services you want to engage. You can choose not to provide information to us, but in general, some information about you is required in order for you to access certain functionalities of the Services.

We also may periodically obtain information about you from affiliated entities, partners and other independent third-party sources and will add it to our database of information, including any information that you provide to third parties that are associated or whose products or services are integrated with the Services. For example, if you apply for a Titus loan, you will need to request Verification Services (as such term is defined in the Titus Terms of Use, provided at gotitus.com/terms), and the results of such Verification Services shall be provided to Titus by its Verification Services providers, as applicable.

We may use cookies, heat mapping, log files, device identifiers, and similar tracking technologies, including those from third-party service providers like Google Analytics, Google Tag Manager, HubSpot, Google AdWords and other cloud-based tools, to automatically collect your preferences, performance data, and information about your web usage when you visit the Services. For example, we may collect your IP address, device and Internet service provider information, Web browser details and the address of any referring website. We may also collect information about your online activity, such as pages viewed; this may include collecting geolocation signals from your IP address or device settings to determine your location. By collecting and using this information, we may operate and personalize the Services for you. For more information on how we use cookies, please see the “Cookies” section below.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

The Services are designed to recognize or respond to “do not track” signals received from browsers. You can control the information collected by such tracking technologies or be alerted when cookies are sent by adjusting the settings on your Internet browser or devices, but such adjustments may affect or disable certain functionality of the Services. You can learn more about Google Analytics and your options for opting out of interest-based Google ads at https://adssettings.google.com. You can learn more about targeted ads and your ability to opt out of receiving interest-based ads at optout.aboutads.info and https://www.networkadvertising.org/choices.

Sensitive Information. Titus does not collect any sensitive personal information through our Services. Sensitive personal information, as defined by applicable data protection laws, includes information relating to your race, ethnicity, religious beliefs, moral beliefs, philosophical beliefs, sex life, sexual orientation, gender identity, political opinions, trade union membership, medical information (including mental health), genetic data, biometric data, or financial information (such as account numbers). We also do not collect any information about criminal convictions or offenses.

Cookies.
Cookies, also known as tracking cookies or browser cookies, and similar technologies such as web beacons, clear GIFs, pixel tags, and JavaScript (collectively, “Cookies”) are small pieces of data, usually text files, placed on a computer, tablet, phone, or similar device when you use that device to access the Services. We use the following types of Cookies:

Essential Cookies. Essential Cookies are necessary for providing you with the Services and features that you requested. For example, these Cookies allow you to log into and stay logged into secure areas of the Services, save language preferences, and more. These Cookies are required to make the Services available to you, so they cannot be disabled.

Functional Cookies. Functional Cookies are utilized to record your choices and settings, maintain your preferences over time, and recognize you when you return to our Services. These Cookies help us personalize our content for you, greet you by name, and remember your preferences. Some examples include updating user preferences and more.

Performance/Analytical CookiesPerformance/Analytical Cookies allow us to understand how visitors (like you) use the Services. These Cookies accomplish this by collecting information about the number of visitors to the Services, what pages visitors view the most, and how long visitors view specific pages. These Cookies also help us measure and manage the performance of our advertising campaigns in order to help us improve the campaigns and the Services’ content. For example, Google LLC (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of Cookies by visiting the Google advertising opt-out page at http://www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.

You have the option to decide through your internet browser’s settings whether or not to accept Cookies. Most browsers allow users to choose whether to turn off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the browser) allow you to toggle whether to accept each new Cookie. You can also clear all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit the Services, and some functionalities may not work. To explore what Cookie settings are available to you, look in the “settings”, “preferences” or “options” section of your browser’s menu.

To find out more information about Cookies, including information about how to manage and delete Cookies generally, please visit http://www.allaboutcookies.org/.

How We Use Your Information

We process your personal information with your consent or as needed to provide you the Services. We may also use your personal information to comply with legal obligations, operate our business, protect the vital interests of you, our customers, or the public, or for other legitimate interests of Titus as described in this Privacy Policy.

More specifically, we may use your personal information to:

Optimize and improve the Services. We continually try to improve the Services based on the information and feedback we receive from you and our other users, including by optimizing the content on or functionalities of the Services.

Personalize the user experience.We may use your information to measure engagement with the Services and to understand how you and our other users interact with and use the Services and other resources we provide.

Improve customer service.Your information helps us to more effectively develop the Services and respond to your support needs.

Process transactions.We may use the information you provide to fulfill your requests. We do not share this information with outside parties except to the extent necessary to provide the Services and related activities.

To send periodic communications.The communication methods you provide through our contact forms will be used to send information and updates pertaining to the Services. It may also be used to respond to your inquiries or other requests. If you opt into our mailing list, you may receive emails that include Titus news, updates, product offerings and service information, and marketing material. If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or you may contact us via the contact information below. Please note that if you unsubscribe from promotional emails, you may still receive communications related to your subscription, your purchase, or other necessary functionalities of the Services.

To send periodic SMS messages.We may occasionally send you SMS messages through the number you provided to us. The messages will be sent based on Titus’s legitimate business needs, and in furtherance of us providing the Services, and for promotional reasons. If at any time you would like to unsubscribe from receiving future SMS messages, we include detailed unsubscribe instructions for how to do so or you may contact us via the contact information below.

Carry out other legitimate business interests.We may use the information you provide to carry out other legitimate business purposes, as well as other lawful purposes.

We may use any aggregated information (as described below) for any purpose.

How we Share Your Information

We share your information with our partners, service providers, contractors, agents, and third-party vendors as needed to fulfill Services. Please note that our partners may contact you as necessary to obtain additional information about you, facilitate any use of the Services, or respond to a request you submit.

Third-party vendors who provide products, services or functions on our behalf may include business analytics companies, customer service vendors, communications service vendors, marketing vendors, and security vendors. We may also authorize third-party vendors to collect information on our behalf, including as necessary to operate features of the Services. Third-party vendors have access to and may collect personal information only as needed to perform their functions, may only use personal information consistent with this Privacy Policy and other appropriate confidentiality and security measures, and are not permitted to share or use the information for any other purpose.

We also may share your information:

In response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us.

When we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, interests, or safety of our company or the Services, our customers, or others; or in connection with our other terms and agreements with which you may be affiliated.

In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

Other than as set out above, we will attempt to notify you when your personal information will be shared with third parties.

Personal Information You Post in Public Areas. When you post a message in a Titus review or customer feedback, the information you post may be accessible to other users of the Services and the public. If you post personal information anywhere on the Services that is accessible to other users or the public, you are advised that such personal information can be read, collected, used, or disseminated by others and could be used to send you unsolicited information or for other purposes. Accordingly, you assume full risk and responsibility for posting such information and agree that Titus is not responsible in any way for personal information you choose to post in these public areas.

Aggregated Information. We may use, publish, share, distribute, or disclose personal information that has been aggregated with information from other users or otherwise anonymized and de-identified data in a manner that does not allow third parties, including Titus partners, sponsors, and advisers, to de-aggregate the data or identify it as originating from you. Such information may help Titus identify and analyze training, demographic, and psychographic trends and information and report to third parties how many people saw, visited, or clicked on certain content, areas of the Services, or other materials. We may also use such data for research purposes and optimizing the Services’ functionality.

How we Store and Secure Your Information

Personal information collected by Titus may be stored and processed in your region, in the United States of America, and in any other country where Titus or its affiliates, subsidiaries, or service providers operate facilities. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.

Titus takes technological and organizational measures designed to protect your personal information against loss, theft, and unauthorized access, use, disclosure, or modification. For example:

we transmit data over secured communication channels using SSL Login credentials;

all personal information is stored by trusted third party providers (e.g., HubSpot and Google Cloud Platform (GCP));

all systems used to provide the Services are password protected;

all Services usage is restricted on a per-user basis on the principle of least privilege; and

all data is encrypted during transfer and while at rest.

We rely on HubSpot’s and GCP’s security programs to protect personal information while stored in their respective controlled facilities. For more information on HubSpot’s security practices and processes, please see https://legal.hubspot.com/security. For more information on GCP’s security practices and processes, please see https://cloud.google.com/security.

Titus currently uses Stripe for payment, analytics, and other business services. Stripe, Inc. (“Stripe”) collects identifying information about the devices that connect to each of their services. Stripe uses this information to operate and improve the services they provide to Titus, including for fraud detection. You can learn more about Stripe and read its privacy policy at https://stripe.com/legal/privacy-center. As with all third-party providers, Titus is not a party to any agreement between you and Stripe and does not control Stripe’s privacy and data security policies. Titus reserves the right to change payment processors at any time.

Titus complies with applicable data protection laws, including applicable security breach notification requirements.

Data Retention

Titus will retain your information as long as necessary for the purposes outlined in this Privacy Policy, in a manner consistent with our data retention policy discussed below, and for a commercially reasonable time thereafter for backup, archival, fraud prevention or detection or audit purposes or as permitted by applicable law. Titus will retain your personal information consistent with the original purpose of collection or as long as necessary to comply with our legal obligations; maintain accurate accounting, financial and other operational records; resolve disputes; and enforce our agreements. We will never retain your information for a period longer than permitted by law.

We determine the appropriate retention period for personal information on the basis of the amount, nature, and sensitivity of the personal information being processed; the potential risk of harm from unauthorized use or disclosure of the personal information; whether we can achieve the purposes of the processing through other means; and on the basis of applicable legal requirements.

After expiration of the applicable retention periods, your personal information will be deleted.

Accessing and Updating Your Information

To the extent provided by the law of your jurisdiction, you may:

i. Have the right to access certain personal information we maintain about you and request details about how we process it
ii. Request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes
iii. Request that we update or correct inaccuracies regarding your personal information
iv. Object to our use of your personal information
v. Ask us to block or delete your personal information from our database
vi. Request to download the information you have shared on the Services
vii. Confirm whether Titus stores your data in the United States of America

You may make these requests and any other inquiries about this Privacy Policy by emailing support@gotitus.com. Any such requests are subject to the protection of other individuals‘ rights and applicable law. Additionally, to help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the requested information.

Additional Privacy Information

Data Transfer. Our databases are currently located in the United States of America. Titus makes no claim that its Services are appropriate or lawful for use or access outside the United States of America. If you access the Services from outside the United States of America, you are consenting to the transfer of your personal information from your location to the United States of America. You are solely responsible for complying with all local laws, rules and regulations regarding online conduct and access to the Services. By providing us your information, you further consent to its storage within the United States of America.

Collection of Data from Children. The Services are not directed to children, and you may not use the Services or provide any personal information to Titus if you are under the age of 18 (or the lowest age permitted by applicable law) or if you are not old enough to consent to the processing of your personal information in your country. We do not collect or process personal information of individuals under the age of 18 or the lowest age permitted by applicable law unless we receive all necessary consents from the individual‘s parent or guardian.

Click to download a copy of this Privacy Policy