CM
CrizMark AISign In

Privacy Policy

Last updated: March 13, 2026

1. Information We Collect

CrizMark AI LLC ("CrizMark AI," "we," "us," or "our") collects the following categories of information when you use our platform:

Personal Information

Full name, email address, phone number, date of birth, mailing address, Social Security Number (last 4 digits or full, as needed for credit bureau verification), and government-issued identification.

Financial Information

Credit report data (imported via authorized access), credit scores, account histories, payment records, and information related to your financial goals and credit profile.

Documents

Identity verification documents, credit reports, dispute letters, correspondence with credit bureaus, proof of address, and any other documents you upload to the platform.

Usage Data

IP address, browser type, device information, pages visited, features used, AI conversation history, session duration, and interaction patterns with the platform.

2. How We Use Your Information

  • Providing Services: Analyzing your credit reports, generating dispute letters, matching tradeline options, and building commercial credit profiles.
  • AI Processing: Our AI assistant "Criz" processes your credit and financial data to provide personalized recommendations, generate dispute strategies, and answer your questions. AI-generated content is reviewed for accuracy.
  • Communication: Sending service updates, dispute status notifications, billing confirmations, and important account information via email and in-app notifications.
  • Platform Improvement: Analyzing aggregated and anonymized usage patterns to improve our platform, AI models, and user experience. Individual data is never sold or shared for advertising purposes.
  • Legal Compliance: Fulfilling our obligations under CROA, FCRA, FDCPA, and other applicable regulations.

3. Third-Party Service Providers

We share your information with the following trusted third-party providers, solely for the purpose of delivering our services:

ProviderPurposeData Shared
StripePayment processingName, email, payment method details
SupabaseDatabase hosting and file storageAll platform data (encrypted at rest)
ClerkAuthentication and identityName, email, authentication tokens
AnthropicAI assistant processingConversation context, credit data summaries
ResendTransactional emailsName, email address

We do not sell your personal information to third parties. We do not share your data with advertisers or data brokers.

4. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Database hosted on Supabase with row-level security policies
  • Authentication managed by Clerk with multi-factor authentication support
  • Sensitive fields (SSN, financial identifiers) are additionally encrypted at the application level
  • Regular security audits and penetration testing
  • Access to production data restricted to authorized personnel only

While we implement robust security measures, no method of electronic storage or transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

5. Your Rights

As a CrizMark AI user, you have the following rights regarding your personal data:

  • Right to Access: You may request a copy of all personal data we hold about you.
  • Right to Correction: You may request correction of inaccurate or incomplete personal data.
  • Right to Deletion: You may request deletion of your personal data, subject to legal retention requirements. We will delete your data within 30 days of a verified request.
  • Right to Portability: You may request an export of your data in a machine-readable format.
  • Right to Opt Out: You may opt out of non-essential communications at any time.

To exercise any of these rights, contact us at privacy@crizmark.com. We will respond to verified requests within 30 days.

6. Cookies and Tracking

CrizMark AI uses the following types of cookies and tracking:

  • Essential Cookies: Required for authentication, session management, and platform functionality. These cannot be disabled.
  • Analytics Cookies: Used to understand platform usage patterns and improve the user experience. These can be disabled in your browser settings.

We do not use advertising cookies or tracking pixels. We do not participate in cross-site tracking or behavioral advertising networks.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account deletion, we retain certain records as required by law (e.g., financial transaction records for 7 years per IRS requirements, CROA compliance records for 5 years).

AI conversation logs are retained for 90 days after account closure and then permanently deleted.

8. Children's Privacy

CrizMark AI is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will delete that information immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and sending an email notification at least 30 days before changes take effect.

10. Contact Information

For privacy-related questions or to exercise your data rights:

  • Email: privacy@crizmark.com
  • Company: CrizMark AI LLC
  • Location: Miami, FL, United States