FinX Capital Markets
Legal

Privacy Policy

Effective January 1, 2026 · Last updated January 1, 2026

1. Introduction and scope

FinX Capital Markets, LLC, a California limited liability company (“FinX,” “we,” “us,” or “our”), provides a quant-as-a-service platform, including the FinX Asset Modeling Platform (AMP), together with related websites, applications, APIs, SDKs, documentation, and other products and services (collectively, the “Services”). We take the privacy and confidentiality of our users and their data seriously, and this Privacy Policy (this “Policy”) explains how we handle information in connection with the Services.

This Policy applies to information we handle through finx.io, fiteanalytics.com, the AMP platform, and our other Services, and through our sales, marketing, and support activities. It does not apply to the practices of third parties that we do not own or control. This Policy supplements, and is incorporated by reference into, any master services agreement, subscription agreement, order form, data processing agreement, or other written agreement between you and FinX (each, an “Agreement”). In the event of a conflict between this Policy and an Agreement with respect to Customer Content, the Agreement controls.

2. The two categories of information we handle

FinX handles two distinct categories of information, and they are governed differently.

Personal Information. This is information that identifies, relates to, or could reasonably be linked to an individual, such as the name and business email address of a customer’s authorized user, a person who requests a demo, or a visitor to our websites. This Policy governs how we handle Personal Information.

Customer Content. This is the institutional investment, portfolio, instrument, and analytical data that a customer submits to or generates within the Services (also referred to as User Content in our Acceptable Use Policy). Customer Content is the confidential business data of our customers. We process Customer Content only as a service provider and processor on behalf of, and under the instructions of, the customer, and our handling of Customer Content is governed by the applicable Agreement. Section 4 describes how we treat Customer Content.

The Services are designed for the analysis of financial instruments and portfolios. They are not intended to receive, process, or store personally identifiable information, protected health information, payment card data, or other regulated personal data within Customer Content, and customers agree not to submit such data, as set out in our Acceptable Use Policy.

3. Personal Information we collect

Information you provide to us. We collect Personal Information that you choose to provide, including when you register for an account or a free trial, request a demo, contact sales or support, subscribe to communications, or otherwise interact with us. This may include your name, business email address, telephone number, employer or organization, job title, account credentials, and the contents of your communications with us. If you make a purchase, our payment processor collects billing and payment information; we do not store full payment card numbers.

Information we collect automatically. When you access the Services, we and our service providers may automatically collect technical and usage information, including IP address, device and browser type, operating system, referring and exit pages, pages and features accessed, dates and times of access, session duration, and similar log and analytics data. We collect this information using cookies and similar technologies, as described in Section 6.

Information from third parties. We may receive Personal Information from third parties, such as our customers (who may provide the contact details of their authorized users), referral partners, event organizers, and providers of business-contact and marketing data, and we may combine it with other information we hold.

4. Customer Content: institutional and portfolio data

We understand that the institutional investment and portfolio data our customers submit may be highly sensitive and proprietary to them, and we treat it accordingly. As to Customer Content:

  • We process Customer Content solely to provide, maintain, secure, and support the Services for the relevant customer, and only in accordance with the applicable Agreement and the customer’s instructions.
  • We do not sell Customer Content, and we do not use Customer Content for our own commercial purposes, for advertising, or to develop or train products for other customers, except that we may generate and use aggregated and de-identified information that does not identify any customer or individual to operate, secure, analyze, and improve the Services.
  • We restrict access to Customer Content to personnel and service providers who require it to perform their functions, subject to confidentiality obligations and our access controls.
  • We retain and delete or return Customer Content as set out in the applicable Agreement.

Where FinX processes Personal Information that is contained within Customer Content on behalf of a customer, the customer is the controller of that Personal Information and FinX acts as its processor or service provider. Individuals seeking to exercise rights with respect to such Personal Information should contact the relevant customer.

5. How we use Personal Information

We use Personal Information to: provide, operate, maintain, and secure the Services; create and administer accounts and free trials; process transactions and send related information; respond to inquiries and provide customer and technical support; communicate with you about the Services, including service, security, and administrative notices; send marketing and promotional communications, subject to your right to opt out; understand and analyze how the Services are used and improve and develop new features; detect, investigate, and prevent fraud, security incidents, abuse, and violations of our Acceptable Use Policy; and comply with legal, regulatory, audit, and contractual obligations and enforce our agreements.

Where required by applicable law, we rely on one or more of the following legal bases to process Personal Information: performance of a contract with you, our legitimate interests in operating and protecting our business and the Services, your consent, and compliance with legal obligations.

6. Cookies and similar technologies

We and our service providers use cookies, pixels, and similar technologies to operate and secure the Services, remember your preferences, authenticate sessions, and measure and analyze usage and performance. You can control cookies through your browser settings and, where offered, our cookie preferences tools. Some features of the Services may not function properly if certain cookies are disabled.

7. How we disclose information

We do not sell Personal Information, and we do not share Personal Information for cross-context behavioral advertising. We disclose Personal Information only as follows:

  • Service providers and subprocessors. We engage vendors to perform functions on our behalf, such as cloud hosting, infrastructure, analytics, payment processing, communications, and support. They are permitted to use the information only to provide services to us and are bound by confidentiality and data-protection obligations.
  • Within FinX. We may share information among FinX and any affiliates for the purposes described in this Policy.
  • Legal and protective disclosures. We may disclose information where we believe it is reasonably necessary to comply with applicable law, regulation, legal process, or a governmental or regulatory request; to enforce our agreements and policies; or to protect the rights, property, safety, and security of FinX, our users, or others, and to detect, prevent, or address fraud, security, or technical issues.
  • Business transfers. In connection with a merger, acquisition, financing, reorganization, or sale of assets, information may be disclosed or transferred as part of that transaction, subject to standard confidentiality protections.
  • With your direction or consent. We may disclose information at your direction or with your consent.

8. How we protect user information and usage

Protecting our users’ information and their usage of the Services is a priority for FinX at all times. We maintain an information-security program with administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of Personal Information, Customer Content, and usage data against unauthorized access, disclosure, alteration, and destruction.

FinX is SOC 2 Type II audited and SOC 1 Type II audited. Our safeguards include encryption of data in transit and at rest, role-based access controls and the principle of least privilege, network and infrastructure security controls, logging and monitoring, and confidentiality obligations for personnel and service providers. We treat information about our users and their usage of the Services as confidential and disclose it only as described in this Policy or as authorized by the customer.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for safeguarding your credentials and for promptly notifying us of any suspected unauthorized use of your account.

9. Data retention

We retain Personal Information for as long as necessary to provide the Services, maintain your account, fulfill the purposes described in this Policy, comply with our legal, regulatory, audit, and contractual obligations, resolve disputes, and enforce our agreements. We retain and dispose of Customer Content as set out in the applicable Agreement. When information is no longer needed, we take reasonable steps to delete, de-identify, or securely retain it.

10. International data transfers

FinX is based in the United States, and we and our service providers may process information in the United States and in other countries. Where we transfer Personal Information across borders, we implement appropriate safeguards as required by applicable law. If you access the Services from outside the United States, you understand that your information may be processed in the United States and other jurisdictions, which may have data-protection laws that differ from those in your jurisdiction.

11. Your privacy rights

Depending on where you reside and applicable law, you may have certain rights regarding your Personal Information. To exercise a right, contact us using the details in Section 15. We will verify and respond to your request as required by applicable law, and we will not discriminate against you for exercising your rights.

California residents. Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), California residents may have the right to know the categories and specific pieces of Personal Information we collect, use, and disclose; to request deletion or correction of their Personal Information; and to opt out of the sale or sharing of Personal Information. FinX does not sell Personal Information and does not share Personal Information for cross-context behavioral advertising.

EEA, UK, and other jurisdictions. Where the EU or UK General Data Protection Regulation or similar laws apply, you may have rights to access, correct, delete, restrict, or object to the processing of your Personal Information, to data portability, and to withdraw consent where processing is based on consent. You may also have the right to lodge a complaint with a supervisory authority. Where FinX processes Personal Information on behalf of a customer, please direct your request to that customer.

12. Children’s privacy

The Services are intended for businesses and their authorized personnel and are not directed to individuals under the age of 18. We do not knowingly collect Personal Information from children. If we learn that we have collected such information, we will take steps to delete it.

13. Third-party links and services

The Services may contain links to, or integrations with, third-party websites and services that we do not control. This Policy does not apply to those third parties, and we encourage you to review their privacy policies.

14. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the “Last Updated” date above and may provide additional notice as appropriate. Your continued use of the Services after an updated Policy takes effect constitutes your acceptance of the changes.

15. Contact us

If you have questions, requests, or concerns about this Policy or our privacy practices, contact us at:

FinX Capital Markets, LLC
3868 West Carson Street, Suite 105
Torrance, CA 90503
info@finx.io
finx.io · fiteanalytics.com