Finvari Privacy Policy

Last Updated: July 1, 2021

You can find Sutton Bank's Privacy Policy here.

This Privacy Policy describes how we collect and use data about individuals. In this Privacy Policy, "we", "our", and "us" refers to Finvari, Inc and "you" refers to the natural person visiting our website or using the Services provided by Finvari. "Personal Data" means data that identifies or could reasonably be used to identify you; other capitalized terms used in this Privacy Policy have the meaning provided below in Section 8. This Privacy Policy describes Finvari’s use of Personal Data that you provide to us. If you have any questions, please contact us.

  1. Data That Finvari Collects
  2. General. We collect Usage Data when you use the Services or visit our website or use our mobile app. Collection of specific Usage Data depends on the manner in which you engage with our website and mobile app and the Services. For example, we collect Usage Data when you visit our website (such as the IP address or browser type), use our mobile app (such as location) or provide Personal Data to us through our website or mobile app (such as providing us your name, email address, or phone number); and we collect transactional information when you access or use, or attempt to access or use the Services (such as using a Card to make a purchase). Usage Data may be personal to you or your Card, while other data may be provided to us by payment networks or other third parties. Collection of Usage Data is described in more detail below.

    Visiting Our Websites or Using Our Mobile App. We collect Usage Data when you visit our website or use our mobile app. This Usage Data may include how much time you spend on particular pages, your preferences or selections on our website, location, mobile hardware, or other data related to your interaction with our websites and mobile app. Usage Data collected through our website and mobile app helps us understand your preferences and improve our Services (including but not limited to preventing fraud). You may limit our collection of this Usage Data through your browser and mobile phone settings, however doing so may affect or limit the features of the Services available to you. If you do not wish us to collect Usage Data through your use of our website, delete Finvari cookies from your computer, remove the mobile app and cease visiting Finvari’s website.

    Using the Services. Our Services are contracted by Companies for use exclusively by Employees. We collect Personal Data from Employees who control or open the Finvari Account for the Company, and on specific Employees who will be using the Services (such as collecting the name, email address, or phone number of an Employee who will be issued a Card). Where you do not provide Personal Data when required—or where if it is inaccurate, out-of-date, or unable to be validated—we may prohibit your or Company’s use of the Services.

  3. How We Use Data
  4. Improving Our Website, Mobile App Products, and Services. We will use Personal Data and Usage Data to improve usability of our website, mobile app and the Services, and to offer other Services we believe may be of interest to you. We may improve usability of the website, mobile app and the Services by analyzing how you interact with each and the Services (such as analyzing how you use tools made available to you or which links you click).

    Providing the Services. We will use Personal Data to provide the Services the Company or its Employees request from us. This may require us to share Personal Data with third parties to complete or evaluate the risk of transactions initiated using products or services we provide. We may also share Personal Data with Third-Party Service Providers as directed by a Company or Employees.

    Understanding Usage of the Services and Fraud Detection. We will use Personal Data and Usage Data to understand how Company or Employees are using the Services, and use this data to improve or change user experience. Usage Data may include location or mobile data used to service legitimate transactions, to detect potentially fraudulent or unauthorized transactions, or for internal reporting or analysis.

    Reporting, Analyzing Performance, and Auditing. We or Third-Party Service Providers acting on our behalf will use Personal Data and Usage Data for reporting, analyzing performance, and performing audits that may be limited to specific Personal Data or Usage Data, or that may be aggregated. This may be done by using Personal Data or Usage Data on its own or in combination with Third-Party Data.

  5. Sharing Data
  6. We share Personal Data with Third-Party Service Providers or as requested by a Company or its Employees. We also share Personal Data with regulators, law enforcement, financial services providers, or other authorized third parties as required by law.

    We may reasonably transform Personal Data into De-identified Data by anonymizing it or by aggregating or combining it with other data to mask its relation to particular individuals. De-Identified Data is no longer Personal Data and we may use De-Identified Data and share it publicly or with third parties without your permission.

    We may add or change how or when we use affiliates or third parties to process Personal Data without notifying you, except that any use of Personal Data will be consistent with this Privacy Policy.

  7. Consent
  8. Your use of the Services, the website or the mobile app constitutes your consent to the uses of Personal Data described in this Privacy Policy. If you wish to revoke your consent, please do not visit our website and delete any cookies you may have on your devices, delete the mobile app and cease all use of the Services. Employee Personal Data provided by a Company or its Employees will be maintained by Finvari consistent with our practices and as required by law or the agreements we maintain with third-party service providers. When using certain products or services, the Company will need to formally close its Finvari Account and satisfy any outstanding obligations owed to us before an Employee can fully revoke consent to our use of Personal Data. Finvari, its affiliates, and its service providers may retain Personal Data to comply with governmental reporting obligations and other legal or regulatory requirements.

  9. International Users and Personal Data Export
  10. Our Services are operated from and directed toward Companies in the United States, for exclusive use by Employees. Any Personal Data we collect may be transferred to, processed, used, handled, and stored in the United States or other countries through our service providers. Personal Data protection laws in the United States may differ from those of the country you are located in and your Personal Data may be subject to government requests or subpoenas, court orders, or law enforcement according to United States law.

    By using the Services or visiting our website, you are consenting to the transfer, processing, use of, handling, and storage of Personal Data in the United States and as described in this Privacy Policy and in other agreements between Finvari and you.

  11. Other Important Information About Data Usage
  12. Security. We use organizational, technical, and administrative measures to protect Personal Data and Usage Data; however, no data security program is entirely secure. Please contact us immediately if you believe that your Personal Data, Usage Data or any other data provided to us is not secure or has been lost or stolen.

    Advertising. We may use third parties to send advertisements on our behalf. These third parties may have access to limited Personal Data for the purposes of acting on our behalf. They may also use cookies or similar tracking technologies to identify you through your browser usage. While you may disable some of these through blocking cookies in your browser, you may still be provided advertising as part of a broader marketing campaign. If you wish to not receive advertising emails from us, please contact us.

    Use by Minors. We do not direct any of our Services to children under 13 years of age. Please do not provide any children’s Personal Data to us.

    Changes to this Privacy Policy. We may change this Privacy Policy at any time by posting an updated version to our website. If we have an existing relationship with you or if you are an Employee, we may provide you or Company notices through our website, the mobile app or your Finvari Account; or provide notices directly to you using contact information provided to us. If we do not have an existing relationship with you—for instance, if you only visit our website—any notices we provide will be posted to our website. Any privacy notices we provide to you are effective 24 hours after we post them publicly or provide them to you.

  13. Contacting Us
  14. If you have any questions about how Finvari uses Personal Data or Usage Data, please contact us by emailing If you prefer physical mail you can reach us at:

    Finvari, Inc, 1100 NE Campus Parkway, Suite 200, Seattle, WA 98195.

  15. Defined Terms
  16. Capitalized terms used in this Privacy Policy are defined as follows:

    • Finvari Account means the corporate account maintained by Company to use Services and manage Cards.
    • Cards means physical or virtual payment cards issued by a bank issuer and managed through your Finvari Account.
    • Company means a company that applies for the Services, opens a Finvari Account, and that authorizes Users to access and use Services.
    • De-Identified Data means data derived from Personal Data that has been anonymized or aggregated with other data and that can no longer be used to identify a specific individual.
    • Employees means the employees, contractors, and agents of a Company.
    • Services means the expense and corporate card management services, Cards and other services provided through your Finvari Account.
    • Third-Party Data means data provided by financial services providers, identity verification services, data aggregators, or other Third-Party Service Providers.
    • Third-Party Services means services provided by Third-Party Service Provider.
    • Third-Party Service Provider means an affiliate or other third party that assists us in providing the Services to you, that supports our internal operations, or that provides other services related or connected to, or provided through the Services and a Finvari Account.
    • Usage Data means information we collect when you visit our website, use the mobile app and use the Services, and may contain Personal Data.