Privacy Policy

Last updated · May 13, 2026

Introduction

Bridge Capital AI LLC (“Bridge,” “we,” “our”) operates the Pulse financial intelligence platform and a business-funding marketplace at bridgecapital.io. This policy explains what we collect, how we use it, who we share it with, and your rights.

This policy applies to U.S. residents and EU/UK visitors. If you do not agree with this policy, please do not use our services.

Information we collect

  • Account info: your name, business name, email, phone number, and the password hash for sign-in (we never see your password in clear text).
  • Business info: industry, revenue band, employee count, and other context you choose to share.
  • Bank account data via Plaid: read-only access to your transactions, balances, and account names. We never see your bank password, we never receive your card numbers, and we cannot move money.
  • Device data: IP address, browser type, operating system, and approximate (country / state-level) location.
  • Communication data: messages you send us through the contact form, email correspondence, and (where you give explicit consent) phone call recordings for sales calls.
  • Cookies and analytics: see our Cookie Policy.

How we use information

  • To provide Pulse insights, generate forecasts, and run the cash-flow alerts you signed up for.
  • To match merchants to lenders in our network — only with your explicit consent and only when you apply for funding.
  • To communicate via email about your account, our services, and (with TCPA opt-in) phone calls related to a funding application you initiated.
  • To improve the product, develop new features, and prevent fraud.
  • To comply with legal obligations (tax records, regulatory requests, court orders).

How we share information

We share data only with the following categories, and only what is necessary:

  • Plaid — for bank-data aggregation. Plaid’s privacy practices apply to the data they handle.
  • Lenders in our network — only when you apply for funding, only the fields the lender needs to underwrite your application, and only after you give explicit consent.
  • Service providers — Resend (email), Stripe (payments), Vercel + AWS (hosting and storage), Supabase (database), Sentry (error monitoring). Each operates under written contracts.
  • Legal compliance — subpoenas, court orders, regulatory inquiries, fraud investigations.
  • Business transfers — if Bridge is acquired or merges, your data moves under the same protections.

We do not sell your personal information.

Your rights

  • Access — request a copy of the personal information we hold about you.
  • Correct — ask us to fix inaccurate or incomplete data.
  • Delete — request deletion (subject to legal retention obligations).
  • Opt out of marketing — unsubscribe via every email or contact us.
  • Data portability — receive an export of your data in a machine-readable format.

To exercise any of these rights, use our contact form or email submissions@bridgecapital.io. We respond within 30 days (or 45 days under CCPA / GDPR with notice).

Data retention

  • Account data: retained while your account is active, plus 7 years after closure for tax/regulatory compliance.
  • Bank data: retained while you are an active Pulse subscriber, plus 30 days after cancellation.
  • Funding application data: retained 7 years per CFPB recordkeeping requirements.
  • Marketing data: retained until you unsubscribe.
  • Audit logs: retained indefinitely (immutable, used for TCPA defense and security audit).

Security

Encryption in transit (TLS 1.3) and at rest (AES-256). Read-only Plaid connections. Role-based access controls inside Bridge. Audit logging on every staff data access. Annual third-party security review. See our Security overview for more.

Children’s privacy

Bridge is not for anyone under 18. We do not knowingly collect data from minors. If you believe we have, contact us and we will delete it immediately.

California rights (CCPA)

California residents have the right to:

  • Know what categories of personal information we collect and the purposes.
  • Request access to or deletion of specific pieces of personal information.
  • Opt out of any “sale” or “sharing” of personal information — Bridge does not sell or share personal information for cross-context behavioral advertising.
  • Not be discriminated against for exercising these rights.

To make a verifiable consumer request, email submissions@bridgecapital.io with the subject line “CCPA Request.”

EU/UK rights (GDPR)

Residents of the EU and UK have the rights of access, rectification, erasure, restriction of processing, data portability, and the right to object. The legal basis for our processing is your consent (when you sign up), contract (to deliver the services you ordered), and legitimate interest (fraud prevention and product improvement).

You have the right to lodge a complaint with your local data-protection authority. For requests, email submissions@bridgecapital.io.

Updates to this policy

We’ll post the new policy here with an updated “Last updated” date. For material changes, we’ll email registered users at least 30 days in advance.

Contact

Bridge Capital AI LLC
1400 Village Square Blvd, Tallahassee, FL 32312
submissions@bridgecapital.io