Legal · Privacy Policy v1.2026-05-15

Privacy Policy

Effective: May 15, 2026

FundingSourced operates a B2B marketplace for business-funding leads. This Policy describes what information we collect, why, and how we share it with our commercial buyers under the safeguards required by the Gramm-Leach-Bliley Act and applicable state law.

1. What We Collect

We collect the following categories of information:

• Business contact details — name, phone, email, business name, and address.
• Underwriting attributes — revenue, FICO range, time in business, existing position stack, requested amount, and urgency.
• Submission metadata — IP address, user agent, timestamp, consent text version, and source URL.
• Phone metadata — carrier name and line type obtained via carrier lookup at time of submission.

2. Why We Collect It

We collect this information to deliver funding requests to matching commercial buyers, to validate submissions against fraud and TCPA requirements, and to maintain auditable exclusivity and consent records for every lead delivered.

3. Who We Share It With

Lead data is shared only with commercial buyers under the following tiers:

• Exclusive — one buyer receives the lead.
• Shared — up to three matching buyers receive the lead.
• Bulk — the purchaser of a filtered data slice, subject to the same Buyer Agreement terms.

We do not sell or share lead data with consumer marketers or list resellers.

4. Buyer Obligations

Buyers may not resell lead data, as set forth in the Buyer Agreement §3. All CSV exports include per-row HMAC watermarks that uniquely identify the purchasing account.

5. Security

Lead data is stored in an encrypted database hosted in the US-East region. All connections are TLS-only. User passwords are hashed with bcrypt at cost 10. Session cookies are HTTP-only and Secure-flagged. API keys are random 256-bit values.

6. Your Rights

Merchants whose information appears in our system may request deletion within 30 days of submission. Residents of California, Virginia, Colorado, and Connecticut may exercise additional state-specific privacy rights. To make a request, email privacy@fundingsourced.com.

7. Retention

Contact and underwriting fields are retained for 24 months, after which they are anonymized. Consent signatures and metadata are retained for 7 years to satisfy regulatory and audit requirements.

8. Contact

For questions about this Privacy Policy or to exercise your rights, email privacy@fundingsourced.com.

Questions? leads@fundingsourced.com