Back to Home

Privacy Policy

Effective: February 16, 2026
Last Updated: February 16, 2026Version: 1.1

THIS PRIVACY POLICY DESCRIBES HOW PATHIBLE (“WE,” “US,” OR “OUR”) COLLECTS, USES, AND PROTECTS YOUR PERSONAL INFORMATION. PLEASE READ THIS POLICY CAREFULLY.

PATHIBLE IS AN INFORMATIONAL AND EDUCATIONAL TOOL ONLY. WE ARE NOT A FINANCIAL INSTITUTION, FINANCIAL ADVISOR, FINANCIAL PLANNER, LEGAL SERVICE PROVIDER, OR ATTORNEY. THE INSIGHTS, ANALYSIS, AND INFORMATION PROVIDED THROUGH OUR PLATFORM ARE FOR INFORMATIONAL PURPOSES ONLY AND DO NOT CONSTITUTE FINANCIAL ADVICE, LEGAL ADVICE, OR PROFESSIONAL SERVICES OF ANY KIND.

YOU ARE SOLELY RESPONSIBLE FOR VERIFYING ANY INFORMATION PROVIDED BY OUR PLATFORM AND FOR MAKING YOUR OWN INDEPENDENT DECISIONS REGARDING YOUR FINANCIAL AND LEGAL MATTERS. WE STRONGLY RECOMMEND CONSULTING WITH QUALIFIED FINANCIAL ADVISORS, ATTORNEYS, AND OTHER PROFESSIONALS BEFORE MAKING ANY FINANCIAL OR LEGAL DECISIONS.

1. Introduction

Welcome to Pathible. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our web and mobile application (collectively, the “Service” or “Platform”).

By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1.1 Nature of Our Service

Pathible is a document analysis and information organization tool designed to help families understand their financial and legal situations by:

  • Analyzing documents you upload (financial statements, legal documents, etc.)
  • Organizing information about your circumstances
  • Providing visual representations and summaries of your data
  • Offering educational insights about financial and legal concepts

IMPORTANT: Pathible does NOT:

  • Provide financial advice, financial planning services, or investment recommendations
  • Offer legal advice or legal services
  • Act as a fiduciary, financial advisor, attorney, or licensed professional
  • Make decisions on your behalf or recommend specific actions
  • Guarantee the accuracy, completeness, or reliability of any analysis or information

1.2 Your Responsibility

You are solely responsible for:

  • The accuracy of information and documents you provide
  • Verifying any insights, analysis, or information generated by our Platform
  • Consulting with qualified professionals (financial advisors, attorneys, accountants, etc.) before making any decisions
  • Maintaining the confidentiality of your account credentials
  • Complying with all applicable laws in your jurisdiction

2. Information We Collect

We collect various types of information to provide and improve our Service:

2.1 Information You Provide Directly

Account Information

  • Full name
  • Email address
  • Password (encrypted and hashed)
  • Profile information (optional: phone number, address, date of birth)
  • Account preferences and settings

Financial and Document Information

  • Financial documents (bank statements, investment accounts, tax returns, pay stubs, etc.)
  • Legal documents (wills, trusts, powers of attorney, court documents, contracts, etc.)
  • Property records and ownership documents
  • Insurance policies and benefits information
  • Debt and loan documentation
  • Income and expense information
  • Asset and liability details
  • Family structure information (relationships, dependents, beneficiaries)

User-Generated Content

  • Notes, comments, and annotations you create
  • Questions you ask our AI analysis tools
  • Custom categories and tags you create
  • Feedback and communications with our support team

2.2 Information Collected Automatically

Usage Data

  • Device information (device type, operating system, browser type)
  • IP address and general location information (city/country level)
  • Log data (access times, pages viewed, actions taken)
  • Application interaction data (features used, buttons clicked)
  • Session duration and frequency of use
  • Error reports and crash data

Cookies and Similar Technologies

  • Session cookies for authentication
  • Persistent cookies for preferences
  • Analytics cookies for usage statistics
  • Performance cookies for optimization
  • Security cookies for fraud prevention

See Section 9 for detailed cookie information.

2.3 Information from Third-Party Sources

We may receive information from:

  • Authentication providers (if you use social login features)
  • Payment processors (transaction data, billing information)
  • Analytics providers (aggregated usage statistics)
  • Public records (to verify information you provide, if applicable)
  • Data enrichment services (to improve our analysis capabilities)

2.4 Sensitive Personal Information

Due to the nature of our Service, you may upload documents containing sensitive personal information including:

  • Financial account numbers and balances
  • Social Security numbers or tax identification numbers
  • Government-issued identification numbers
  • Health information or insurance details
  • Biometric data (if present in uploaded documents)
  • Genetic information (if present in uploaded documents)
  • Precise geolocation data
  • Personal information about minors
We do not require you to provide sensitive personal information. You should only upload information necessary for the analysis you seek. You may redact sensitive details (account numbers, SSNs, etc.) before uploading documents.

3. How We Use Your Information

We use your information for the following purposes:

3.1 Providing and Improving Our Service

  • Account Management: Creating and maintaining your account, authenticating your identity, and managing your subscription
  • Document Analysis: Processing and analyzing documents you upload using AI and machine learning technologies
  • Insight Generation: Creating summaries, visualizations, and educational insights about your financial and legal situation
  • Personalization: Customizing the Service based on your preferences and usage patterns
  • Customer Support: Responding to your questions, providing technical assistance, and resolving issues
  • Service Improvement: Analyzing usage patterns to improve features, fix bugs, and enhance user experience

3.2 Communication

  • Sending transactional emails (account verification, password resets, subscription confirmations)
  • Providing service updates and important notices
  • Responding to your inquiries and requests
  • Sending optional marketing communications (with your consent)
  • Conducting surveys and research (with your consent)

3.3 Security and Fraud Prevention

  • Detecting and preventing fraudulent activity, unauthorized access, and security threats
  • Monitoring for violations of our Terms of Service
  • Protecting the rights, property, and safety of Pathible, our users, and the public
  • Enforcing our legal rights and complying with legal obligations

3.4 Legal Compliance and Protection

  • Complying with applicable laws, regulations, and legal processes
  • Responding to lawful requests from government authorities
  • Establishing, exercising, or defending legal claims
  • Protecting against legal liability

3.5 Research and Development

  • Developing new features and services
  • Training and improving our AI and machine learning models (using aggregated, de-identified data only)
  • Conducting internal research and analytics
  • Testing new technologies and methodologies

IMPORTANT LIMITATIONS:

  • We do NOT sell your personal information to third parties
  • We do NOT use your information to provide financial or legal advice
  • We do NOT share your documents or sensitive information with third parties except as explicitly described in Section 7
  • We do NOT use your information for automated decision-making that has legal or similarly significant effects on you (except with your explicit consent or as required by law)

5. Data Storage and Security

5.1 Data Storage Infrastructure

We use industry-standard cloud infrastructure providers to store your data, including:

  • Convex: Backend database and real-time data synchronization
  • Cloud Storage Providers: Secure encrypted storage for uploaded documents
  • Content Delivery Networks (CDNs): For fast, secure content delivery

All data is stored in secure data centers with:

  • 24/7 physical security monitoring
  • Redundant power and network systems
  • Regular security audits and compliance certifications
  • Geographic redundancy for disaster recovery

5.2 Security Measures

We implement comprehensive security measures to protect your data:

Technical Security

  • Encryption in Transit: All data transmitted to and from our servers uses TLS 1.3 or higher encryption
  • Encryption at Rest: All stored data, including documents and database records, is encrypted using AES-256 or equivalent encryption
  • Secure Authentication: Passwords are hashed using industry-standard algorithms (bcrypt with salt)
  • Multi-Factor Authentication: Available for additional account security
  • API Security: All API endpoints are authenticated and rate-limited
  • Secure File Upload: Document uploads are scanned for malware and viruses

Organizational Security

  • Access Controls: Strict role-based access controls limit employee access to personal data
  • Background Checks: All employees with access to personal data undergo background checks
  • Security Training: Regular security awareness training for all employees
  • Confidentiality Agreements: All employees and contractors sign confidentiality agreements
  • Incident Response Plan: Documented procedures for responding to security incidents
  • Regular Audits: Periodic security audits and penetration testing

5.3 Security Limitations

NO SYSTEM IS COMPLETELY SECURE. While we implement strong security measures:
  • We cannot guarantee absolute security of your data
  • You are responsible for maintaining the security of your account credentials
  • You should not share your password or account access with others
  • You should enable multi-factor authentication for additional security
  • You are responsible for securing your own devices and internet connection

If you believe your account has been compromised, contact us immediately at security@pathible.com.

6. Artificial Intelligence and Automated Processing

6.1 AI-Powered Features

Our Service uses or plans to use artificial intelligence (AI) and machine learning (ML) technologies to analyze your documents and data. As we develop and expand these capabilities, they may include:

  • Document Processing: Optical Character Recognition (OCR) to extract text from uploaded documents
  • Natural Language Processing (NLP): Understanding document content, structure, and meaning
  • Data Extraction: Identifying and extracting financial figures, dates, names, and other relevant information
  • Classification: Categorizing documents and information types
  • Insight Generation: Creating summaries, identifying patterns, and generating educational explanations
  • Question Answering: Responding to your questions about your documents and data

6.2 Accuracy and Limitations

IMPORTANT AI LIMITATIONS:

AI analysis is not perfect and may contain errors, inaccuracies, or omissions:

  • Document Processing Errors: OCR may misread text, especially with poor quality scans or handwriting
  • Extraction Errors: AI may incorrectly identify or extract information from documents
  • Interpretation Errors: AI may misunderstand context, meaning, or relationships in data
  • Hallucinations: AI may generate plausible-sounding but incorrect information
  • Bias: AI models may reflect biases present in their training data
  • Incomplete Analysis: AI may miss important information or nuances

YOU ARE SOLELY RESPONSIBLE FOR:

  • Verifying the accuracy of all AI-generated insights and analysis
  • Reviewing original documents to confirm extracted information
  • Consulting with qualified professionals before making decisions based on our analysis
  • Understanding that AI insights are educational tools only, not professional advice

6.3 Your Rights Regarding AI Processing

You have the right to:

  • Opt out of AI processing (though this may limit Service functionality)
  • Request human review of AI-generated insights
  • Receive explanations of how AI processes your data
  • Challenge AI-generated results you believe are inaccurate

Contact us at support@pathible.com to exercise these rights.

7. Data Sharing and Third-Party Services

7.1 When We Share Your Information

We share your information only in the following limited circumstances:

With Your Consent

  • When you explicitly authorize us to share your information
  • When you use features that inherently involve sharing (e.g., sharing insights with family members)

Service Providers

We share information with trusted third-party service providers who perform services on our behalf. We maintain Data Processing Agreements (DPAs) with all sub-processors that handle personal data, as required by applicable data protection laws:

  • Cloud hosting providers (servers, databases, file storage)
  • AI and machine learning service providers
  • Payment processors and billing systems
  • Customer support and helpdesk platforms
  • Email delivery services
  • Product analytics and usage tracking services
  • Security and fraud prevention services

Legal Requirements

We may disclose your information when required by law:

  • In response to valid subpoenas, court orders, or legal processes
  • To comply with regulatory requirements or government requests
  • To protect against legal liability or defend legal claims
  • When necessary to protect the rights, property, or safety of Pathible, our users, or the public

7.2 Third-Party Services We Use

Below is a list of key third-party services that may process your data:

Service TypeProviderPurposeData Shared
Backend DatabaseConvexData storage and syncAccount info, documents, user data
Authentication & BillingClerkUser authentication and subscription managementEmail, profile info, subscription status
Email DeliveryResendTransactional emailsEmail address, name
Payment ProcessingStripe (via Clerk)Subscription billing and payment processingName, email, payment info
Document StorageBackblaze B2Secure storage for uploaded documentsUploaded documents and associated metadata
Product AnalyticsPostHogUsage analytics and product improvementUsage data, device info, interaction events
AI ProcessingTo be disclosed upon implementationDocument analysis (planned)Document content, queries

7.3 Data Sharing Limitations

WE DO NOT:

  • Sell your personal information to third parties for monetary consideration
  • Share your documents or sensitive financial/legal information except as described above
  • Use your information for purposes incompatible with this Privacy Policy
  • Share your data with advertisers or marketing companies (except aggregated, de-identified data)

8. Your Privacy Rights

You have important rights regarding your personal information. The specific rights available to you depend on your location and applicable privacy laws.

8.1 Rights Available to All Users

Regardless of your location, you have the following rights:

Access Your Information

  • Request a copy of the personal information we hold about you
  • Receive information about how we process your data

Update Your Information

  • Correct inaccurate or incomplete personal information
  • Update your account details and preferences

Delete Your Information

  • Request deletion of your personal information (subject to legal exceptions)
  • Close your account and remove your data from our systems

Export Your Data

  • Download your information in a portable format
  • Transfer your data to another service

8.2 How to Exercise Your Rights

To exercise any of these rights, you may:

Email Us

Send a request to: privacy@pathible.com

Account Settings

Access your account settings and privacy dashboard within the app

Response Timeline: We will acknowledge your request within 5-10 business days and respond substantively within 30-45 days, depending on applicable law.

9. Cookies and Tracking Technologies

9.1 What Are Cookies

Cookies are small text files stored on your device when you visit our Service. We use cookies and similar tracking technologies to provide functionality, analyze usage, and improve your experience.

9.2 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the Service to function and cannot be disabled:

  • Authentication: Keeping you logged in to your account
  • Security: Protecting against fraud and unauthorized access
  • Session Management: Maintaining your session as you navigate the Service

Functional Cookies (Optional)

These cookies enhance functionality and personalization:

  • Preferences: Remembering your settings and preferences
  • UI State: Saving your interface customizations
  • Language: Remembering your language selection

Analytics Cookies (Optional)

These cookies help us understand how you use the Service:

  • Usage Statistics: Pages visited, features used, time spent
  • Performance Metrics: Load times, errors, response times
  • User Flow: Navigation patterns and user journeys

9.3 Managing Cookies

Browser Settings: Most browsers allow you to block or delete cookies. Access your browser's privacy settings to manage cookies.

Global Privacy Control (GPC): We honor Global Privacy Control (GPC) signals as required by the California Consumer Privacy Act (CCPA/CPRA) and other applicable laws. When we detect a GPC signal, we treat it as a valid opt-out request for the sale or sharing of personal information.

Do Not Track (DNT): There is currently no industry standard for DNT signal interpretation. We do not currently respond to DNT browser signals, but we do honor GPC signals as described above.

10. Children's Privacy

10.1 Age Requirements

Our Service is NOT intended for children under the age of 18.

  • You must be at least 18 years old to create an account
  • Users under 18 may not use the Service, even with parental consent
  • We do not knowingly collect information from individuals under 18

10.2 If We Discover Underage Users

If we learn that we have collected information from a child under 18:

  • We will immediately delete the account and all associated data
  • We will not use or disclose the information for any purpose
  • We will not knowingly retain any information from the child

10.3 Parental Notification

If you are a parent or guardian and believe your child under 18 has created an account, contact us immediately at privacy@pathible.com. We will promptly delete the account and all data.

11. International Data Transfers

11.1 Data Storage Locations

Your information may be stored and processed in countries other than your country of residence, including the United States of America.

11.2 EEA/UK Data Transfers

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure adequate protection for data transfers through:

  • Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses with service providers outside the EEA
  • Adequacy Decisions: We may transfer data to countries deemed “adequate” by the European Commission
  • Additional Safeguards: Encryption of data in transit and at rest, contractual obligations, and regular audits

12. Data Retention

12.1 Retention Principles

We retain your information only as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

12.2 Retention Periods by Data Type

Data TypeRetention Period
Account InformationDuration of account + 90 days after closure
Uploaded DocumentsUntil you delete them or close your account + 30 days
AI-Generated InsightsUntil you delete them or close your account
Usage and Analytics Data90 days (detailed), indefinitely (aggregated)
Support Communications2 years after resolution
Payment Information7 years for tax and accounting purposes

12.3 Account Closure and Data Deletion

To close your account and request data deletion:

  • Log into your account settings
  • Select "Close Account" or "Delete My Data"
  • Confirm your request via email verification
  • Your account will be closed within 24-48 hours
  • Data will be deleted according to schedules above

13. Security Breach Notification

13.1 Our Commitment to Security

We take data security seriously and implement comprehensive measures to protect your information. Despite our efforts, no system is entirely secure from all threats.

13.2 Notification Timelines

We will notify the relevant supervisory authority within 72 hours of becoming aware of a breach involving personal data of individuals in the European Economic Area, as required by GDPR Article 33. For breaches affecting residents of other jurisdictions, we will comply with applicable state and national breach notification timelines.

13.3 User Notification

We will notify you if a breach:

  • Involves your personal information
  • Creates a risk of identity theft, fraud, or harm
  • Is required to be reported under applicable law

Notification will include:

  • Description of the incident and when it occurred
  • Types of information that were involved
  • Steps we have taken to address the breach
  • Measures you can take to protect yourself
  • Contact information for questions

14. California Privacy Rights (CCPA/CPRA)

This section provides additional information for California residents under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

14.1 Your California Privacy Rights

California residents have the following rights:

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information (subject to exceptions)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt Out: Opt out of “sale” or “sharing” of personal information (Note: We do not sell or share personal information)
  • Right to Non-Discrimination: Equal service and pricing regardless of exercising privacy rights

14.2 Sale and Sharing of Personal Information

We do NOT “sell” or “share” personal information as defined by CCPA. We do not sell personal information to third parties for monetary consideration, and we do not share personal information for cross-context behavioral advertising.

15. European Union Privacy Rights (GDPR)

This section provides additional information for individuals in the European Economic Area (EEA), United Kingdom, and Switzerland under the General Data Protection Regulation (GDPR).

15.1 Your GDPR Rights

You have the following rights under GDPR:

  • Right of Access (Article 15): Obtain confirmation that we process your data and access your personal data
  • Right to Rectification (Article 16): Correct inaccurate personal data
  • Right to Erasure (Article 17): Request deletion of your personal data (“right to be forgotten”)
  • Right to Restriction (Article 18): Restrict processing in certain circumstances
  • Right to Data Portability (Article 20): Receive your data in a structured, commonly used format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent (Article 7): Withdraw consent at any time
  • Right to Lodge a Complaint (Article 77): File a complaint with your supervisory authority

15.2 Data Protection Authority

EEA Supervisory Authorities: Find your local authority at edpb.europa.eu

UK Information Commissioner's Office (ICO): ico.org.uk

16. Other Jurisdictions

We comply with data protection laws in jurisdictions where we operate or have users, including:

  • Canada (PIPEDA)
  • Brazil (LGPD)
  • Australia (Privacy Act)
  • Japan (APPI)
  • Singapore (PDPA)
  • Other jurisdictions as applicable

If you have questions about how we comply with your local data protection laws, contact us at privacy@pathible.com and specify your country/jurisdiction.

17. Changes to This Privacy Policy

17.1 Updates and Modifications

We may update this Privacy Policy from time to time to reflect:

  • Changes in our data practices
  • New features or services
  • Changes in applicable laws and regulations
  • Feedback from users and regulators
  • Changes in technology or security practices

17.2 Material Changes

For material changes that significantly affect your privacy rights, we will:

  • Provide prominent notice on our Service (banner, popup, etc.)
  • Send email notification to registered users
  • Provide at least 30 days' notice before changes take effect
  • Give you the opportunity to review changes and make decisions about your account

17.3 Your Options After Changes

If you disagree with changes to this Privacy Policy:

  • You may close your account (see Section 12)
  • You may exercise your privacy rights (see Section 8)
  • You may contact us with concerns at privacy@pathible.com

Continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

18. Contact Information

Privacy Inquiries

privacy@pathible.com

Security Issues

security@pathible.com

Customer Support

support@pathible.com

Legal Department

legal@pathible.com

18.1 Data Protection Officer

Our designated Data Protection Officer (DPO) can be reached at privacy@pathible.com. The DPO is responsible for overseeing our data protection strategy and ensuring compliance with applicable privacy laws including GDPR, CCPA/CPRA, and other data protection regulations.

Mailing Address:
Pathible, Inc.
Attn: Data Protection Officer
390 NE 191st St
STE 18899
Miami, FL 33179
United States

19. Dispute Resolution

19.1 Informal Resolution

We encourage you to contact us first. Many privacy concerns can be resolved through direct communication. Email privacy@pathible.com with your concerns, and we will work with you in good faith to resolve issues.

19.2 Regulatory Complaints

You have the right to file complaints with regulatory authorities:

  • European Union: European Data Protection Board (EDPB)
  • United Kingdom: Information Commissioner's Office (ICO)
  • United States: Federal Trade Commission (FTC), California Attorney General
  • Canada: Office of the Privacy Commissioner

Summary of Key Points

This summary is for convenience only. Please read the full Privacy Policy above.

  • We collect: Account information, documents you upload, usage data, and cookies
  • We use your data to: Provide our Service, analyze documents with AI, improve our platform, and communicate with you
  • We share data with: Service providers (cloud hosting, AI, payment processors) and as required by law
  • We do NOT: Sell your personal information or use it to provide financial/legal advice
  • Your rights: Access, correct, delete, export your data; opt out of marketing; file complaints with regulators
  • Security: We encrypt data, use secure infrastructure, and implement comprehensive security measures
  • Contact: privacy@pathible.com for any privacy questions or to exercise your rights

Effective Date: February 16, 2026 | Last Updated: February 16, 2026 | Version: 1.1

© 2026 Pathible, Inc. All rights reserved.

View Terms of Service

Questions about this document? Contact us at legal@pathible.com