Log In

Request a Demo

Support Team

hello@soraban.com

Sales Team

sales@soraban.com

Log In

Request a Demo

Responsible Disclosure Policy

Version 1.0 | Latest update: 11/08/2025

At Soraban, protecting customer data, especially the sensitive financial information our customers entrust to us, is a top priority. We conduct regular internal security reviews, testing, and quality checks to identify and address risks before they can impact our customers. We also welcome responsible security research and appreciate reports of potential vulnerabilities in our systems.

If you are a security researcher and have identified a security issue in any Soraban service, please follow this policy when reporting it. Following this process helps us protect our customers, meet our compliance obligations, and recognize your efforts.

We provide Safe Harbor for vulnerability reports submitted in accordance with this policy. This means Soraban will not pursue or support legal action against you for your research, provided you act in good faith.

Rules of Engagement

When conducting security research on Soraban systems:

  • Do not perform actions that could disrupt our services, including denial-of-service (DoS) or brute-force attacks.
  • Do not spam, phish, or use social engineering against Soraban employees or customers.
  • Do not attempt to access, modify, or delete customer data.
  • Limit testing to your own accounts or accounts you have explicit permission to test.
  • Use only methods that avoid harm to Soraban, our customers, or our partners.

How to Report a Vulnerability

Send reports to security@soraban.com with:

  1. A clear description of the vulnerability.
  2. Step-by-step instructions to reproduce it.
  3. Any relevant proof-of-concept code or screenshots.
  4. Your contact information for follow-up.

After You Report

When you report a vulnerability, Soraban will:

  1. Review and acknowledge the report as promptly as possible.
  2. Investigate and attempt to reproduce the reported issue.
  3. Communicate with you during the process if additional details are needed or as progress is made.
  4. Offer credit for your contribution, with your consent, once the issue is addressed.
  5. Where appropriate, consider sharing information about the resolved issue publicly after remediation.

Out of Scope

The following are not considered vulnerabilities under this program:

  • DoS or brute-force attacks.
  • Issues requiring a jailbroken or rooted mobile device.
  • Clickjacking without demonstrated impact.
  • Cookies missing non-critical flags without security impact.
  • Findings that rely on outdated browsers or unsupported client software.

Terms & Conditions

Effective Date: 12/20/24 / Last Updated: 12/20/24

hese Terms of Use and Conditions (“Terms”) govern your use of Soraban, Inc.’s (“Company,” “we,” “our,” or “us”) website, products, and services, including but not limited to the SaaS platform available at www.soraban.com (collectively, the “Services”). By accessing or using the Services, you (“you,” “your,” or the “Customer”) agree to be bound by these Terms, including our Privacy Policy and any other policies or agreements referenced herein. If you do not agree to these Terms, you are prohibited from using the Services.

1. Acceptance of Terms

1.1 Binding Agreement

These Terms, along with any Order Forms and referenced exhibits, constitute a binding agreement between you and Soraban, Inc. Your use of the Services signifies your agreement to these Terms.

1.2 Modifications

Soraban reserves the right to amend these Terms at its sole discretion. Amendments will take effect immediately upon posting to our website. Your continued use of the Services after such amendments constitutes acceptance of the updated Terms.

2. Services and Support

2.1 Provision of Services

Soraban agrees to provide the Services as described in your Order Form. Access credentials for the Services will be issued to your designated administrative users, subject to revocation for misuse.

2.2 Technical Support

Support is available as specified in the applicable support exhibit (e.g., email, chat, phone). Response times are outlined in Exhibit A: Support Terms.

3. Restrictions and Customer Responsibilities

3.1 Restrictions

You may not:

  • • Reverse engineer, decompile, or disassemble any portion of the Services.
  • • Use the Services to develop competing products or for unlawful purposes.
  • • Violate intellectual property rights or data privacy regulations in connection with your use of the Services.

3.2 Customer Obligations

You are responsible for:

  • • Securing all user accounts and devices accessing the Services.
  • • Complying with applicable export controls, data protection laws, and these Terms.

4. Data Privacy and Security

4.1 Ownership and Usage of Data

You retain ownership of all data uploaded or entered into the Services (“Customer Data”). Soraban will not monetize, sell, or profit from your Customer Data and will only process it to provide the Services or as otherwise permitted under these Terms.

4.2 De-identified Data

Soraban reserves the right to use aggregated, de-identified data for internal improvements, diagnostics, and statistical analysis, provided that such data cannot identify you or your customers.

4.3 Data Protection Measures

Soraban implements industry-standard security protocols to protect Customer Data, adhering to AICPA SOC 2 standards.

4.4 Deletion Requests

You may request deletion of Customer Data by submitting a formal written request. Soraban will delete such data within 30 days unless otherwise required by law.

4.5 AI Data Use Policy

    • • Customer or user-generated data will not be used to train commercial third-party AI models.
    • ª Internal AI models may use anonymized and fully redacted data exclusively for accuracy improvements.
    • ª Where OpenAI or similar platforms are used, no data will be used for external model training without explicit customer consent.

5. Fees and Payment Terms

5.1 Fees

All fees are outlined in your Order Form. Soraban reserves the right to charge additional fees for usage exceeding agreed-upon limits.

5.2 Payment Terms

Invoices are due within 30 days of issuance. Failure to pay may result in suspension of Services. Disputed invoices must be brought to Soraban’s attention within 60 days.

6. Confidentiality and Proprietary Rights

6.1 Definition

Confidential Information includes any non-public information shared under these Terms, including business processes, pricing, and software architecture.

6.2 Obligations

Both parties agree to protect Confidential Information using reasonable care and only use it for purposes expressly permitted under these Terms.

6.3 Exceptions

Confidentiality obligations do not apply to information that:

  • • Is publicly available without breach of these Terms.
  • • Is lawfully disclosed by a third party without restrictions.
  • • Is disclosed under legal compulsion.

7. Term and Termination

7.1 Term

These Terms remain in effect for the duration specified in your Order Form and renew automatically unless terminated by either party.

7.2 Termination

Either party may terminate these Terms for material breach upon 30 days’ notice and an opportunity to cure. Upon termination, Soraban will retain Customer Data for two (2) years unless an earlier deletion is requested.

8. Warranties and Disclaimers

8.1 Limited Warranty

Soraban warrants that the Services will be provided in a professional manner consistent with industry standards.

8.2 Disclaimer

THE SERVICES ARE PROVIDED “AS IS,” AND ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED.

9. Limitation of Liability

9.1 Cap on Liability

Soraban’s total liability is limited to the amount of fees paid by you in the twelve (12) months preceding the claim.

9.2 Exclusion of Damages

SORABAN IS NOT LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS OR DATA.

10. Indemnification

10.1 By Soraban

Soraban will indemnify you against third-party claims of intellectual property infringement arising from your use of the Services, provided you promptly notify Soraban and allow it to control the defense.

10.2 By Customer

You agree to indemnify Soraban against claims resulting from your misuse of the Services or violation of these Terms.

11. Governing Law and Dispute Resolution

11.1 Governing Law

These Terms are governed by the laws of the State of California, without regard to conflict of laws principles.

11.2 Arbitration

All disputes shall be resolved through binding arbitration under the rules of JAMS in San Francisco, California.

12. Miscellaneous

12.1 Assignment

You may not assign these Terms without Soraban’s prior written consent.

12.2 Entire Agreement

These Terms, along with any applicable Order Forms and policies, constitute the entire agreement between the parties.

12.3 Notices

All notices must be sent in writing to hello@soraban.com or your registered email address.

Exhibit A: Support Terms

  • Support Hours: Monday–Friday, 6:00 am to 6:00 pm Pacific Time.
  • Response Times: Support requests are addressed within one (1) business day.
  • Contact Information: Email: hello@soraban.com; In-app chat.

Privacy Policy

Version 1.5. Latest update: 06/01/2023

The purpose of this page is to explain our practices regarding   the collection, use and disclosure of information that we receive from the person  or entity  accessing our Site or using our Services (“you” or “your”), including in particular information which may be used to identify you as a natural person (“Personal Information”). This Privacy Policy sets forth the privacy practices of Soraban, Inc. (“Soraban” or “we” or “us” or “our”) for (1) our website located at  www.soraban.com  (the “Site”) and (2) all Soraban software and applications (including, without limitation, mobile software and applications) (the “Software”) and all other Soraban products or services provided  otherwise made  accessible on or through the Software or the Site   (collectively the“Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

What information do we collect?

We may collect the following types of Personal Information from you:

- Your name and email address

- Your or your company’s name and physical address and phone number

- Information about your business such as company name, company size, industry

- Unique identifiers such as user name, account number, and password

- Date of birth

- Demographic information such as region, job title, interests and zip code

- Information you choose to provide us through our forums or our services

- Information that you provide in connection with your purchase or license of Services, including credit card number, credit card expiration date, credit card verification code, bank or brokerage account number, bank account title, bank name, branch location, and routing number

- When necessary to determine suitable products and services, may we collect financial information such as bank or brokerage account numbers, types of investments, income, revenue, assets, credits, deductions, expenses, and bank account information financial information such as bank or brokerage account numbers, types of investments, shareholder information such as cap table, income, revenue, assets, credits, deductions, expenses, and bank account information

- Information required for us to fulfill our contractual obligation to deliver accounting and tax products and services, including potentially your social security number, bank account information, business financial information (such as profit and loss statements or balance sheets) or other information required by our tax professional clients in order to properly process tax filings.

- Preferences information such as email subscription type preferences and communication preferences

- We may retain server logs which include the IP address of every request to our server

We may collect certain information about you from third parties, including from social networks (for example, Facebook or Twitter) if used in connection with our Site or our Services.

If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. An example of this is when you refer a friend or colleague to Soraban. By providing Soraban with a friend or colleague’s personal information, you act as the authorized party to disclose that information to Soraban so that we may collect, use, and disclose such information for the purposes described in this Privacy Policy. This means that you must take reasonable steps to ensure the individual concerned is aware of and/or consents to topics in this Privacy Policy, including the collection of their personal information, the purposes for which that information is being collected, the intended recipients of that information, the individual's right to obtain access to that information, Soraban’s identity, and how to contact Soraban. Where requested to do so by Soraban, you must also assist Soraban with any requests by the individual to access or update the personal information you have collected from them.

We may also collect and aggregate information about the use of our Site and our Services. That information could include information such as your Internet Protocol (IP) address (an IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet), browser type, operating system, the web page that you were visiting before accessing our Site, the pages or features of our Site which you browsed and the time spent on those pages or features, search terms, the links on our Site that you clicked on and other statistics. If you access our Site using a mobile device, we collect information such as a  device  identifier,   user  settings   and   the  operating   system of   your   device,  as   well  asinformation about your use of our Services.

What do we use your Personal Information for?

We will use your Personal Information, in compliance with this Privacy Policy to help us deliver the Services to you. Any of the information we collect from you may be used to:

- Establish your identity

- Assess the needs of your business to determine suitable products and services

- Provide requested financial services and administer your account

- Respond to customer service requests

- Send you requested product or service information and product updates

- Conduct research and analysis, and to compile statistics and analysis about your andother customers’ use of our Site and our services

- Personalize your experience, including displaying content based on your interests —your Personal Information helps us to better respond to your individual needs.

- Improve our Site and our Services  —  we continually strive to improve our site offerings based on the information and feedback we receive from you.

- Improve customer service — your Personal Information helps us to more effectively respond to your customer service requests and support needs.

- Send periodic emails — the email address you provide may be used to send you information, notifications that you request about changes to topics or in response to your username, respond to inquiries and/or other requests or questions, or to alertyou of updates to protect your system from new types of online attacks and to send periodic emails containing information relevant to your account and the products you use.

We may also use your Personal Information where necessary for us to comply with a legal obligation, including to share information with government and regulatory authorities when required by law or in response to legal process, obligation or request.

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose your Personal Information to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

In addition, we may collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services  (“Performance Data”), and to use such Performance Data to improve and enhance our Services and for other development, diagnostic, and corrective purposes; provided, however, that all Performance Data shall be used solely in aggregate or other de-identified form and in a manner in which neither you nor any individual can be personally identified.

Account Information from Third-Party Sites


Through the service, you may direct us to retrieve certain information maintained online by third-party financial institutions or providers with which you have a customer relationship, maintain accounts or engage in financial transactions (“account information”). You agree to provide your username, password, pin and other log-in information and credentials necessary to access your account with such institutions or providers (“access information”), and you hereby grant  company  permission to use the access information  and account information for the purposes of us providing our Services. By using our Services, you expressly authorize us to access, store and use your account information maintained by identified third parties, on your behalf as your agent. You hereby authorize us to store and use your access information to accomplish the foregoing and to configure the Service so that it is compatible with the third-party sites for which you submit account information. This may include, without limitation, monitoring your usage (including the location of relevant clicks and links) of such third-party sites (when accessed through the service) solely to facilitate   such   compatibility   and   our   contemplated   access   to   your   relevant   account information in connection with the service. You represent and warrant that neither the foregoing nor your use of our Services will violate any agreement or terms to which you are subject, including without limitation, those with respect to any third-party site or service.

Do we use cookies?

Yes. Cookies are small  files that   a site or  its service provider  transfers  to  your computer’s hard drive through your Web browser (if you allow). These cookies enable the site to recognize your browser and, if you have a registered account, associate it with your registered  account. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Site. We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Site or the Services.

- Essential cookies: These cookies help run our site and make your experience better. These include cookies that allow you access to a members-only part of the site or help the content of our site load quickly. These cookies are only used to provide you with these services.

- Functionality cookies: These cookies allow the site to remember preferences you have selected such as login details or other selections you may have made. These are designed to make it easier to use our site and not have to set the same preferences every time.

- Social Media cookies: We may use social media tools on our site; these cookies allow the social media network to record when you have liked or engaged with a social media tool on our site. In some situations, the social network may send us data that you have set to share. If you do not want the social media network to share information with us, please check your privacy settings with the social media network.

- Advertising cookies: These cookies allow us to track browsing habits as you visit the site. Based on your browsing history and with your permission, we may use third-party advertising partners who can then display to you a relevant ad when you are on a third-party site such as a social media platform. Within these cookies, we may also know your precise location such as latitude, longitude, GeoIP, and other location-specific information. Please see below for your choices on cookies and the use of advertising.

We may also collect information via standard server logs or clear GIFs (also known as “Web beacons”). Web beacons and pixel tags are images embedded in a webpage or email for the purpose of measuring and analyzing usage and activity. We, or third-party service providers acting on our behalf, may use web beacons and pixel tags to help us analyze usage and improve our functionality. Social media tools, like widgets and plug-ins, may be offered so you can share information on other sites such Facebook and Twitter. These interactive mini-programs collect your IP address, record the pages you visit on our Site, and set cookies that will enable the widget to function properly.   Your interactions with these widgets are governed by the privacy policy of the company providing them, not by this Privacy Policy. If we link or associate any information gathered through passive means with Personal Information, we treat the combined information as Personal Information under this Privacy Policy. Otherwise, we use information collected by passive means in non-personally identifiable form only.

We use the following third-party  advertising cookies and analytics  to present you with opportunities to access Services on our Site: We use Google Analytics cookies to allow us to see how you use our Services so that we can improve your experience. We encourage you to read the Google Privacy Policy. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add-on. Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Personal Information collected to track and examine the use of our Services, to prepare reports on its activities and share them with other Google services. Google may use the Personal Information collected to contextualize and personalize the ads of its own advertising network. Personal Information collected: Cookies and Usage Data. Place of processing: United States. We use the FullStory digital experience analytics platform for on-the-fly funnels, pixel-perfect replay, custom events, heat maps. FullStory’s terms of service can be found at https://www.fullstory.com/legal/terms-and-conditions; their privacy policy can be found at https://www.fullstory.com/legal/privacy-policy. Our website may also include social media features or widgets, such as the Facebook Like button. Use of these features may allow social media sites like Facebook to collect your IP address, detect which page you are visiting  on  our site, and set  a cookie to enable  the feature to  function  properly.  Your interactions with these features are governed by the privacy policy of the third party providing it.

“Do Not Track” options will not affect how we use your Personal Information.

Although we do our best to honor the privacy preferences of our customers, we are not able to respond to Do-Not-Track signals from your browser at this time. As discussed above, we track websites and app usage information  through  the use of cookies for analytic and internal purposes only. Because we do not collect this information  to track you across websites or apps over time, your selection of the “Do Not Track” option provided by your browser will not have any effect on our collection of cookie information for analytics or internal purposes.

Do we disclose any information to outside parties?

Except as set out below, we do not sell or trade your Personal Information. Non-personally identifiable visitor information, however, may be provided to other parties for marketing, advertising or other uses. We may disclose your Personal Information to our subsidiaries and affiliates, or to contractors, service providers, and other third parties we use to support our business. These third-party providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. We may also release your Personal Information when we believe release is appropriate to comply with the law, enforce our site policies or protect our or others’ rights, property or safety. Your Personal Information may also be transferred to another company in the event of a transfer, change of ownership, reorganization or assignment of all or part of our businesses or assets. This will occur if the parties have entered into an agreement under which the collection, use and disclosure of the information is limited to those purposes of the business transaction,   including   a   determination   whether or not to proceed with the business transaction. You will be notified via email or prominent notice on our websites for thirty (30) days of any such change in ownership or control of your Personal Information or as otherwise may be required or permitted by law.

How do we protect your Personal Information?

The security of your Personal Information is important to us; but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially  acceptable   means  to  protect   your  Personal Information, we cannot guarantee its absolute security.

Retention of your Personal Information

We retain your Personal Information for as long as you have an open account with us or as otherwise necessary to provide you with the Service, and thereafter as set forth in our any other written agreement with you to license our Services agreement with you. After it is no longer necessary for us to retain your Personal Information, we will dispose of it in a secure manner or anonymize the information. We also retain backups of the data in our Service for a period of ninety (90) days one year after termination of the service (or after deletion of the data from our production services). These backups may contain your Personal Information, and are deleted on a rolling ninety (90)-day basis unless otherwise retained as set forth in this policy. Despite the foregoing, in some cases we retain Personal Information for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, regulation or legal process. For example, if we are involved in litigation or a governmental or regulatory investigation, then we keep data throughout the period of litigation or investigation and for 5 years after that. If a settlement means that we have to keep data for longer, then we keep data   for   the   period   required   to   administer   the   settlement.   If   we   provide   data   to law enforcement agencies, then we keep a record of this for one year beyond the end of the investigation.

Third-party Links


Occasionally, at our discretion, we may include or offer third-party products or services on our site. This Privacy Policy does not   apply to any third-party websites, services or applications, even if they are accessible through our Services. If you click a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children’s Privacy

Our Services are not intended for use by children under the age of 13 (“Children”). We do not knowingly collect Personal Information from Children. If you become aware that a person under the age of 13 has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from Children without verification of parental consent, we take steps to remove that information from our servers.

Transfers and Processing of your Personal Information?


Our Site is operated in the United States. If you are located in another jurisdiction, please know that your information  will be transferred to, stored, and processed in the United States. By using this site and providing us with information, you consent to this transfer, processing, and storage of your information in the United States. It is important to note that the privacy laws in the United States may not be as comprehensive as those in other countries such as the European Union. Please also see the section of this Privacy Policy titled “Special Provisions Applicable to Residents of the European Union”. In addition, your Information may also be stored locally on the devices you use to access our Services. Data that we collect from you may be processed by staff operating outside the U.S. who work for us or for one of our suppliers. For example, such staff may be engaged in the processing of an order for our Services, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all reasonable steps to make sure that your data is treated securely and in agreement with this Privacy Policy. Data that is provided to us is stored on secure servers. Details relating to any transactions entered into via our site or service providers sites will be encrypted in motion and at rest. Please note, however, that the transmission of information via the internet is not completely secure, and therefore we cannot guarantee the security of data sent to us electronically. The transmission of such data is entirely at your own risk.

Special Provisions Applicable to Residents of the European Union

This section of our Privacy Notice applies to all personal information that is governed by the General Data Protection Regulations (the “GDPR”), within the territorial scope of the GDPR, that may be used to identify you as a visitor to our Site and that is obtained by us in connection with the Site or providing a product or service to you as part of our operations. For  general  data protection regulation purposes, the “Data Controller” means the organization who decides the purposes for which, and the way in which, any  Personal Information is processed. Where you are using our Services and making decisions about the Personal Information that is being processed in the Services, you are acting as a data controller and Soraban is acting as a data processor. In other cases, Soraban may be the controller of some of your Personal Information (such as when we collect your  billing information, or contact information for marketing purposes, or when monitoring usage information on our site).

A “Data Processor” is an organization which processes Personal Information for a Data Controller. As a Data Processor, we may be bound by the requirements of the GDPR.

“Data   processing”  is  any operation or set of operations (whether automated or not) performed upon Personal Information. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.

If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

- You can request access to, and rectification or erasure of, personal data;

- If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of your personal data in a usable and portable format;

- If  the processing of  personal  data   is  based  on  your  consent, you  can  withdraw consent at any time for future processing;

- You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and

- For residents of France, you can send us specific instructions regarding the use of your data after your death.

To make such requests, contact us at hello@soraban.com. When we are processing data on behalf of another party that is the Data Controller, you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns. Please be aware that those rights set out above may not apply in some instances, for example where our right to processing your personal data may be necessary for exercising the right of freedom of expression (e.g., news gathering), or for the establishment, exercise or defense of legal claims.

We will only use your Personal Information if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, and our “legitimate interests” or the legitimate interest of others, as further described below.

Contractual Necessity: We process the following categories of Personal Information because we need the Personal Information to perform the Service: (a) contact information; b) user account information; (c) billing and financial account information; (d) transaction information; and (e) user content you may submit to us.

Legitimate Interest: We process the following categories of Personal Information when we believe doing so furthers the legitimate interest of us or third parties. This may include when we operate and improve our business, products, and services; or when marketing our products and services to you; or protecting our Services from fraud or security threats; or completion of corporate transactions, and includes (a) contact information; (b) user account information; (c) billing and financial account information; (d) transaction information; and (e) user content you may submit to us; and (f) log data.

Consent: In some cases, we process Personal Information based on the consent you expressly grant to us at the time we collect such data. When we process Personal Information based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds: From time to time we may also need to process Personal Information to comply with a legal obligation, if it is necessary to protect the vital interests of you or other persons, or if it is necessary for a task carried out in the public interest.

We will not transfer your Personal Information outside the European Economic Area (“EEA”) unless it takes such measures as are necessary to provide adequate protection for such Personal Information consistent with the requirements of applicable laws. To the extent that we process (or causes to be processed) any Personal Information originating from the EEA in a country  that has not been designated by the European Commission as providing an adequate level of protection for Personal Information, the Personal Information shall be deemed to have adequate protection (within the meaning of EU Data Protection Legislation) by virtue of the European Commission’s Standard Contractual Clauses for data transfers between EU and non-EU countries, whereby you will be regarded as the Data Exporter and we will be regarded as the Data Importer. In the event that the Contractual Clauses are deemed to no longer be a valid mechanism to legitimize transfers of personal data outside the European Economic Area, we will amend this Policy in order to establish a legitimate transfer of personal data outside the European Economic Area.

Principle of Onward Transfer. In the context of an onward transfer of data to a third party, we have responsibility for the processing of Personal Data we receive and subsequently transfer to a third party acting as an agent on our behalf. We shall remain liable under applicable law if our agent processes such Personal Data in a manner inconsistent with applicable law, unless we prove that we are not responsible for the event giving rise to the damage.

Governed by the requirements contained in GDPR, we will provide you with a reasonable opportunity to access your Personal Information that we have collected, correct it if it is inaccurate, erase it, or to request we restrict processing of the data. You also have the right to data portability, to have us provide the data to other entities. Please see GDPR Articles 15 through 18 then 20 for the requirements and procedures necessary to exercise these rights. We do not engage in automated data processing or profiling as those terms are understood under GDPR.

With respect to these rights, (a) we reserve the right to not provide information until we receive adequate information to identify that you are the relevant data subject and to request additional information to confirm your identity; (b) with an access request or data portability request, we reserve the right to deny access to information where the rights or freedoms of other individuals may be adversely affected; (c) for requests for copies of data pursuant to an access request, we reserve the right to charge an administrative fee for any request after the first; (d) when requests are manifestly unfounded or excessive, we reserve the right to charge an administrative fee or to refuse to act on the request. When the purpose for data processing is based on consent, you have the right to withdrawal consent at any time, although that does not affect the lawfulness of processing based on consent before it is withdrawn. When the purpose for data processing is based on contract, we will likely not be able to provide you services without the Personal Information we request and so will likely have to terminate the relationship.

Special Provisions Applicable to Residents of California

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (“CCPA”) relating to the collection and processing of your personal information. Please read the following if you are a California resident. For additional information, you may contact us at the address listed below or at hello@soraban.com.

For purposes of this section, the terms personal information, consumer, and sell or sold shall be defined only as broadly as set forth in the CCPA and to the extent applicable to the Site visitor.

- We do not sell the personal information of California consumers.

- We have no actual knowledge that we have sold personal information of minors under the age of 16 years old.

Under the CCPA, California consumers may be provided the following rights:

- the right to know about the categories or specific pieces of Personal Information we collect (including how we use and disclose the information)

- the right to have your Personal Information deleted the right not to be discriminated against for exercising consumer rights under the CCPA

- the right to opt-out of any “sales” that may be occurring

- the right to opt-out of marketing communications we send you at any time

- the right not to receive discriminatory treatment for the exercise of your privacy rights under California law.

Our policy is not to disclose your Personal Information to third parties for the third parties’ direct marketing purposes if you have exercised your option to prevent that information from being disclosed to third parties for those purposes. If you wish to not have your personal  information  shared for  those purposes, you may request that we delete your Personal Information by following the steps outlined in this Privacy Policy.

You can request to know, access, correct, update or delete your Personal Information by contacting us using the contact details provided under the “Contacting Us” section of this Privacy Policy, and we will fulfill your request in accordance with applicable data protection laws. We may need to verify your identity in order to action your request, including by asking for you to provide a government issued identification document.  Once we have verified you, we will respond and comply with your specific requests.

California consumers may exercise their rights by emailing us at hello@soraban.com. Once we receive your request, we will review it, determine whether we can verify your identity, and process the request accordingly. If we need additional information, we will let you know. If you would prefer, you may designate an authorized agent to make a request on your behalf.

You can opt-out of marketing communications we send you at any time by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under “Contacting Us.”

In  addition, you are entitled to request certain information regarding our disclosure of Personal Information to third parties   for their direct marketing purposes. If you are a California resident and would like to request this information, then please submit a request to us as described below at “Contacting Us.

”California’s “Shine the Light” law, California Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the business’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternatively, businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. We have such a policy in place.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

Contacting Us

We welcome any queries, comments or requests you may have regarding this policy please do not hesitate to contact us at hello@soraban.com. If you have questions on information we may hold about you, you may contact us as follows:

1. Use the information request button above.

2. Email our Data protection officer at hello@soraban.com with the following information: Your name; Your   company; Your title; Your country; Your state of residence; Your contact information.

Request a Demo

How many returns does your practice prepare per year? *

Which tax software does your firm use? *

Which tax software does your firm use?

What other software does your firm currently use? *

We'll tell you how and where Soraban fits in your tech tool stack, and how we can integrate.

How did you hear about us?

Thanks for submitting the form. We'll be in touch shortly to schedule your demo!
Close
Oops! Something went wrong while submitting the form.

Request a Demo

How many returns does your practice prepare per year? *

Which tax software does your firm use? *

Which tax software does your firm use?

What other software does your firm currently use? *

We'll tell you how and where Soraban fits in your tech tool stack, and how we can integrate.

How did you hear about us?

Thanks for submitting the form. We'll be in touch shortly to schedule your demo!
Close
Oops! Something went wrong while submitting the form.