Privacy Policy

Introduction

Forthwith Industry LLC d/b/a Ruproa (“Ruproa,” “we,” “us”) is committed to protecting the privacy of our users and their business information. This Privacy Policy (“Policy”) describes how we collect, use, disclose, and protect information obtained through our website (ruproa.com), our web application, any mobile applications, and other communications (collectively, the “Services”).

Please review this Policy carefully. By using the Services, you agree to the collection and use of information as described here. You can determine when this Policy was last revised by referring to the “Last Revised” date above. We will post updates to this Policy on the Services; material changes will be communicated by email or in-platform notice.

Questions? Contact us at service@ruproa.com.

1. What Information We Collect

Information You Provide

When you create an account, enroll in a Service, or interact with Ruproa, we may collect:

• Your name, email address, phone number, and mailing address
• Business entity information, including legal business name, state of formation, EIN (Employer Identification Number), and business address
• Payment information (credit/debit card number, billing address) — processed and stored by our payment processor, Stripe; Ruproa does not store raw card data
• Account credentials (username and password)
• Customer support correspondence and general feedback
• Any other information you voluntarily provide when completing forms or using platform features

Business Credit Information

With your authorization, Ruproa retrieves business credit data from Dun & Bradstreet, Equifax Business, and CreditSafe on behalf of your registered business entity. This data includes business credit scores, tradeline information, payment history, public records, and related business financial data. This information is used solely to provide the Services you have requested and is associated with your business entity, not your personal consumer credit file.

Ruproa does not collect or require your Social Security Number (SSN).

Information Collected Automatically

When you use the Services, we and our service providers automatically collect:

• Log Data: IP address, browser type and version, operating system, referring URLs, pages viewed, and time spent on the platform
• Device Information: Device type, screen resolution, MAC address, and language preferences
• Cookies and Tracking Technologies: We use cookies, pixel tags, web beacons, and similar technologies to recognize your browser, remember preferences, analyze usage patterns, and support marketing and advertising activities (described further below)
• Analytics: We use analytics providers such as Google Analytics to track and report on platform usage. You may opt out of Google Analytics data collection at tools.google.com/dlpage/gaoptout

You may configure your browser to decline cookies; however, some features of the Services may not function properly without them. At this time, we do not respond to “Do Not Track” browser signals.

2. How We Use Your Information

We and our service providers may use the information we collect for the following purposes:

• Service Delivery: To provide, operate, and improve the Ruproa platform, including business credit monitoring, score updates, tradeline reporting, and marketplace access
• Account Management: To create and manage your account, process payments, and communicate billing information
• Credit Bureau Reporting: To report tradeline data associated with your Ruproa subscription to Dun & Bradstreet, Equifax Business, and CreditSafe on your behalf
• Communications: To send transactional emails (receipts, score alerts, bureau notifications, account updates) and, with your consent, marketing communications about new features, offers, and related products
• Personalization: To present offers, content, and financial service matches relevant to your business profile
• Security & Fraud Prevention: To detect, investigate, and prevent fraudulent activity, unauthorized access, or violations of this Policy and our Terms of Service
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests
• Analytics & Improvement: To analyze usage trends, conduct research, and improve the functionality, design, and performance of the Services
• Aggregated Insights: To create aggregated, de-identified data that does not personally identify you, which we may use and disclose for any business purpose

3. How We Share Your Information

We may share your information with the following categories of recipients:

• Business Credit Bureaus: Dun & Bradstreet, Equifax Business, and CreditSafe, for the purpose of tradeline reporting and credit data retrieval as authorized by you
• Service Providers: Third-party vendors who assist in operating the platform, including cloud hosting (Vercel, Supabase), payment processing (Stripe), email delivery (Resend, Brevo), customer support tools, and analytics providers. These providers are contractually required to protect your information and may not use it for their own commercial purposes
• Marketplace Partners: Third-party financial service providers featured in the Ruproa marketplace, with your consent or at your direction when you engage with an offer or apply for a product
• Affiliates: Our affiliated entities, for the purposes described in this Policy
• Business Transfers: In connection with a merger, acquisition, sale of assets, or other corporate transaction, your information may be transferred as part of the business. We will notify you before such a transfer if required by applicable law
• Legal & Compliance: To comply with legal process, respond to governmental requests, enforce our Terms of Service, or protect the rights, privacy, safety, or property of Ruproa, its users, or others

We do not sell your personal information to third parties for their own independent marketing purposes. Mobile information gathered through SMS opt-in will not be shared or sold to third parties for promotional purposes.

4. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include secure HTTPS connections, encrypted data storage, and access controls limiting employee access to customer data.

Ruproa's payment processing is handled entirely by Stripe. We do not store, transmit, or have access to raw credit card data. Our PCI-DSS obligations are limited to SAQ A compliance.

No data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you believe your account has been compromised, please contact us immediately at service@ruproa.com.

5. Data Retention

We retain your personal and business information for as long as your account is active or as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. When you close your account, we may retain certain information as required by law or for legitimate business purposes such as fraud prevention and legal defense. Upon request, we will delete or anonymize personal information that we are not required to retain by law.

6. Your Choices & Rights

Marketing Communications

You may unsubscribe from Ruproa marketing emails at any time by clicking the “Unsubscribe” link in any marketing email or by contacting service@ruproa.com. You may not opt out of transactional and account-related communications (such as billing notices, score alerts, and security notifications) while your account is active.

Account Information

You may review and update your personal and business information at any time through your account settings at ruproa.com/settings. For corrections that cannot be made through self-service, contact service@ruproa.com. We may require identity verification before making certain changes.

Cookies

You may configure your browser to reject cookies or to alert you when cookies are being set. Opting out of certain cookies may affect platform functionality. You may also opt out of interest-based advertising at optout.aboutads.info and optout.networkadvertising.org.

Account Deletion

To request deletion of your account and associated personal data, contact service@ruproa.com. We will process deletion requests within a reasonable time, subject to any retention obligations under applicable law.

7. Third-Party Links & Services

The Services may contain links to third-party websites, tools, or marketplace partners. This Policy does not apply to third-party websites, and Ruproa is not responsible for their privacy practices or content. We encourage you to review the privacy policies of any third-party sites you visit. When you engage with a marketplace partner or click through to an external offer, your interaction is governed by that third party's terms and privacy policy.

8. Third-Party Advertising

We may use third-party advertising technologies to serve advertisements relevant to your business interests when you access the Services or other websites. These companies may use cookies and similar technologies to collect information about your visits to our Services and elsewhere online in order to deliver relevant ads. To learn more or opt out of interest-based advertising, visit optout.aboutads.info or optout.networkadvertising.org.

9. Children's Privacy

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us at service@ruproa.com and we will take steps to delete it promptly.

10. California Residents

California residents may have additional rights regarding their personal information under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to request deletion, the right to opt out of the sale of personal information, and the right to non-discrimination for exercising privacy rights. To submit a privacy request, contact us at service@ruproa.com with the subject line “California Privacy Request.”

11. Jurisdiction & Cross-Border Transfers

Ruproa is operated from the United States. By using the Services, you consent to the transfer and processing of your information in the United States, which may have different data protection laws than your country of residence. The Services are intended for U.S.-based business entities only.

12. Contacting Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Please note that email communications are not fully secure; do not include sensitive financial information in general correspondence.

© 2026 Forthwith Industry LLC d/b/a Ruproa. All rights reserved.