Company logoIconus Tech
legal

Privacy Policy

Last updated: December 1, 2025

Introduction

Iconus Tech, Inc. ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Check Fraud Detection API and related services.

1. Information We Collect

We collect the following types of information:

Account Information

  • Email address
  • Company name
  • API keys and credentials
  • Billing information

Check Data (Hashed)

  • Check number (hashed using SHA-256)
  • Check amount (encrypted)
  • Payee information (hashed)
  • Date issued

Important: We do not store raw check data. All sensitive information is immediately hashed using SHA-256 encryption and cannot be reversed.

Usage Data

  • API request logs
  • Rate limit usage
  • Error logs for debugging
  • Performance metrics

2. How We Use Your Information

We use collected information to:

  • Provide and maintain our fraud detection services
  • Process and verify check authenticity
  • Detect and prevent fraudulent transactions
  • Improve our AI fraud detection algorithms
  • Send service-related communications
  • Comply with legal obligations

3. Data Security

We implement robust security measures to protect your data:

  • Encryption: SHA-256 for check data, TLS 1.3 for transmission
  • Infrastructure: AWS with SOC 2 Type II compliance
  • Access Control: Role-based access with MFA
  • Monitoring: 24/7 security monitoring and alerting
  • Audits: Regular third-party security audits

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: AWS, payment processors, analytics tools
  • Integration Partners: QuickBooks, Xero (only with your consent)
  • Legal Requirements: When required by law or to protect rights

5. Data Retention

We retain data according to the following schedule:

  • Check hashes: 7 years (regulatory compliance)
  • API logs: 90 days
  • Account data: Duration of account + 30 days
  • Fraud detection data: 3 years for pattern analysis

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@iconustech.com.

7. Cookies & Tracking

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. Analytics cookies are used only with your consent.

8. International Transfers

Data may be processed in the United States. We ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses where required.

9. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through a notice on our website.

11. Contact Us

For privacy-related questions or concerns:

Iconus Tech, Inc.
Privacy Officer
Email: privacy@iconustech.com
Website: www.iconustech.com