Privacy Policy

Effective Date: May 26, 2026

This Privacy Policy (“Privacy Policy”) describes how Threadline Systems, LLC (“Threadline” or “we” or “us”) processes information collected via our Services (as defined in our Terms of Service, located at meetheddle.com/terms and incorporated herein by this reference; capitalized terms referenced herein have the same meaning as in our Terms of Service unless otherwise noted). In some circumstances, we may provide you with supplemental privacy notices to the extent they apply to you, as some jurisdictions may provide additional privacy rights.

We collect Information so the Services can do for you what you cannot easily do yourself — make your financial picture clearer. The Information is yours, and we collect it and hold it only to do that work for you. Keeping in mind this big-picture purpose, this Policy describes what we do and don’t do with your Information.

By using the Services, you acknowledge that you have read this Privacy Policy and agree to it. If you do not agree to this Privacy Policy, do not access or use the Services.

1. Information We Collect

1.1 Information You Provide

We collect information and data (“Information”) that you provide us including, without limitation, during the following activities, operations, and events: when you create an Account; when you fill out a form; when you submit User Content or other content through the Services; when you make a purchase; when you communicate with us via email; when you communicate with us via third-party platforms; when you request customer support or information about our Services; when you use the chat function on our Services; or when you otherwise communicate with us. The specific information we collect depends on the context in which you provide it, and could include the following, without limitation:

  • Name
  • Email address
  • Postal address
  • Phone number
  • Credentials
  • Location
  • Age and/or date of birth
  • Financial information, such as income, assets, investing information, portfolio information, holdings, transactions, balances, net worth, goals, preferences, and linked account data (if enabled)
  • Billing information
  • Other profile data, including your interests and preferences
  • Any other information you provide

1.2 Information We Automatically Collect

We automatically collect Information through your use of the Services or your interactions with us including, without limitation, the following:

  • Transactional Information: When you make a purchase or complete a transaction, we collect Information about it including, without limitation, product or service details, billing details, date, and location.
  • Device and Usage Information: We collect Information about how you access the Services including, without limitation, the device and network you use (such as hardware model, operating system version, mobile network, IP address, unique device identifiers, device regional and language settings, browser type, and/or app version). We also collect Information about your activity on the Services, (such as access times, pages viewed, links clicked, and the page you visited before navigating to the Services).
  • Content: As you allow through your device or application, we may collect Information stored on your device. You may stop such collection at any time (see Section 7 below for details).
  • Location Information: As you allow through your device or application, we may collect Information about the precise location of your device. You may stop such collection at any time (see Section 7 below for details).
  • Information Collected by Cookies and Similar Tracking Technologies: We use tracking technologies, such as cookies and web beacons, to collect Information about your interaction with the Services.
    • Cookies are small data files stored on your hard drive or device memory that help us do the following, without limitation: improve the Services and your experience; see which areas and features of the Services are frequently used or visited; authenticate users; reconstruct or observe activity relating to a use session or by a user for troubleshooting, issue resolution, or other purposes; conduct analytics; and count visits to our Website.
    • Web beacons (also known as “pixel tags” or “clear GIFs”) are electronic images that we use in the Services and in emails to help deliver cookies, count visits, and understand usage effectiveness.
    • Cookie Management. You may choose to turn off non-essential cookies and can update your cookie preferences at any time. Disabling cookies may affect your access to some features or functions of the Services or your experience with the Services. You can manage cookie settings directly within your browser.

1.3 Information We Collect from Other Sources

We obtain Information from third-party sources in certain situations including, without limitation, from payment processors, financial aggregators, and hosting or infrastructure providers. Our Services also may allow or require you to integrate or connect your Account with third-party services through third-party service providers, which allows you to more easily use the Services or complete a transaction with us by importing certain Information including, without limitation, bank account data, directly to us rather than you having to upload it manually.

The Information we receive from such third parties varies depending on the Information made available to and by those entities. Examples of the types of Information we may receive include, without limitation, financial account Information, credit account Information, investment account Information, billing Information, and identifiers and Information about owners of and transactions involving the foregoing accounts.

1.4 Information We Derive

We may derive Information or draw inferences about you based on the Information we collect. For example, we may make inferences about your location based on your IP address or city or postal code or infer that you are looking to purchase certain products or services based on Information you provide to us and your browsing behavior and past purchases. We may incorporate products and services that use artificial intelligence, including large language models and machine learning, to derive this Information and draw these inferences; however, any such use, and any use of Information in training LLMs will occur only at the categorical (i.e., “US large-cap technology”) or aggregate level and will not identify any specific ticker or your relationship with specific stocks, merchants, employers, or financial institutions. As such, any Information used in this way will not be identifiable or associated with a specific user.

2. How We Use Your Information

2.1 Primary Uses of Your Information

We use the Information we collect from you as follows:

  • To fulfill, deliver, provide, operate, and improve the Services
  • To process payments and subscriptions
  • For AI training, analytics, and optimization within the Services
  • To authenticate users and secure Accounts

2.2 Other Ways We May Use Your Information

We may also use your Information to:

  • Develop new products, services, features, and functions
  • Debug or repair errors in the Services
  • Personalize your experience with the Services
  • Send you technical notices, security alerts, support messages, and other transactional messages including, without limitation, responding to your inquiries and comments
  • Communicate with you about products, services, or news that we may offer and that we think will interest you (see Section 7.1 below for information about how to opt out of these communications at any time)
  • Monitor and analyze trends, usage, and activities in connection with the Services; we may incorporate products and services that use artificial intelligence, including large language models and machine learning, to help us with these processes
  • Detect, investigate, and help prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity, and help protect the rights and property of Threadline and others
  • Comply with our legal and financial obligations
  • Create de-identified, anonymized, or aggregated information
  • Create derivative works as permitted in our Terms of Service
  • Fulfill any other purpose at your direction

3. How We Share Your Information

3.1 Our Commitments:

  • We do not sell your Information
  • We do not share your Information with third parties for commercial purposes
  • We do not otherwise monetize your Information apart from its use in the Services
  • We do not share your Information for advertising, marketing, or promotional purposes

3.2 Sharing Information with Third Parties

  • Who we share Information with:
    • Service providers (including, without limitation, hosting services, payment services, analytics services, support services)
    • Financial integrations that you authorize
    • Professional advisors
    • Authorities when required by law
    • Corporate transactions (parties to an actual or potential merger/acquisition)
  • We require service providers to use Information only to provide services to us and to protect it appropriately.
  • We may share your Information with the above-listed parties for the following reasons:
    • With our service providers that require access to the Information in order to assist us in the provision, operation, maintenance, or improvement of the Services, or for regulatory reporting purposes or capturing performance metrics; our service providers may use Information and process data on our behalf under contract, but they may not do so for their own commercial purposes.
    • With your consent or at your direction with third-party financial integrations you choose to enable.
    • With professional advisors and/or authorities if we reasonably believe that you have violated applicable laws or regulations.
    • With professional advisors and/or authorities as necessary to protect the rights, property, or safety of Threadline, our users, the public, or others.
    • With professional advisors to obtain advice and reasonably protect and manage our business interests.
    • With professional advisors and/or parties to an actual or potential corporate transaction in connection with or during negotiations concerning any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
    • With a third party if we have your written consent or you have directed us in writing to do so.

3.3 Other Sharing of Information

We also share aggregated or de-identified information that cannot reasonably be used to identify you.

4. Children’s Privacy

The Services are not intended for individuals under 18 years of age. We don’t direct our Services to children under 18 or knowingly attempt to solicit or receive Information from children under 18. As set forth in our Terms of Use, by accessing or using the Services and/or creating an Account with us, you represent and warrant that you are 18 years of age or older.

5. California

California law permits residents of California to request certain details about how their information is shared with third parties for direct marketing purposes. We do not share your Information with third parties for direct marketing purposes; however, if you are a California resident and would like to make such a request, please contact us using the contact information provided below.

6. Processing Of Information in the United States and Other Countries

Threadline is headquartered in the United States and offers the Services to consumers in the United States. We may have service providers in other countries, however, that may transfer your Information to, or store or access it in, jurisdictions that may not provide levels of data protection that are equivalent to those of your home jurisdiction.

7. Your Options

7.1 Communication Options

You may opt-out of non-essential informational emails or text messages by following the unsubscribe link in such email messages or by updating your preferences with us.

7.2 Right to Correct Account Information

You may update and correct certain Account information by signing in to your Account or contacting us using the contact information below. Please note that we may retain certain Information as required by law or for our legitimate business purposes.

7.3 Location Information

When you first launch our mobile app that collects precise location information or when you use or visit features of the Services that collect precise location information, you’ll be asked to consent to the collection of this information. If you initially consent to our collection of such location information, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. It is important to note that some Services may not function without precise location information. You may also stop a mobile app’s collection of location information by following the standard uninstall process to remove the app from your device.

7.4 Right to Export.

You may request a portable copy of your User Content at any time during your use of the Services and prior to Account closure or termination, by contacting us via the contact information set forth in Section 13 below.

8. Security

We use reasonable and industry-standard measures to protect the confidentiality and security of the Information that you provide to us or that we otherwise collect and process, including the following:

  • Encryption in transit for communications between users and the Services
  • Encryption at rest for stored User Content and stored Account Data
  • Identity and authentication management
  • Row-level security and least-privilege access controls
  • Infrastructure hosted with providers that maintain SOC 2 or equivalent security certifications
  • Secret and credential management with environment-based access controls and routine rotation
  • Rate limiting and abuse-detection on API endpoints
  • Dependency vulnerability scanning and routine security review
  • Incident response program (referenced in Section 9)

Notwithstanding our security measures, you acknowledge and agree that no systems or measures are completely secure. Please direct inquiries concerning the security of information to security@threadlinesystems.com.

9. Incident Response and Breach Notification

We maintain an incident response program. Where required by law, we will notify affected users and/or regulators of a data breach within applicable timeframes.

10. U.S. Privacy Rights (CCPA/CPRA and Similar Laws)

Depending on your state, you may have rights to:

  • Know/access categories and specific pieces of personal data
  • Request deletion of personal data
  • Correct inaccurate data
  • Opt out of “sale” or “sharing” of data (we do not sell/share data as defined by these laws)
  • Limit use of sensitive personal information (where applicable)

You can submit requests concerning the above to us via the contact information provided below. We will verify requests using reasonable methods, such as email confirmation or Account authentication. You may designate an authorized agent where permitted by law. We will not discriminate against you for exercising your rights.

11. Data Retention

We will destroy data and documents upon Account closure or termination, except for

(1) Data and documents that require retention for legal reasons, for the duration and reasons set forth as follows:

  • Account Data — for 3 years after Account closure, we keep certain records (but not an active Account) for legal, audit, and dispute resolution purposes
  • Billing Records — for 7 years, for tax and accounting purposes
  • User Content — until deletion by User, or until 30 days after Account closure, for Services functionality and recovery purposes, as set forth in our Terms of Use
  • Logs/Analytics — for 24 months, for security and performance purposes
  • Support Communications — for 2 years, for quality and dispute resolution purposes

We may retain data longer where required by law or to resolve disputes and enforce agreements.

and

(2) Data and documents that require retention for operational backups.

12. Changes To This Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes, we will notify you by posting the updated Privacy Policy at meetheddle.com/privacy with a new “Last Updated” date; or by sending you an email notification to the email address associated with your Account; or by displaying a prominent notice in the Services themselves. We may make non-material changes to this Privacy Policy at any time in our sole discretion without notice to you. Material changes will take effect 30 days after we provide notice. Non-material changes will take effect immediately upon posting. Your continued use of the Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated Privacy Policy, you must stop accessing and using the Services and cancel your Account.

13. Contact Information

If you have questions regarding this Privacy Policy please contact us using the following email address: privacy@threadlinesystems.com.