Olive

Privacy Policy

Effective Date: April 26th, 2025


Welcome to Olive! This Privacy Policy applies to all our websites, applications, services, and other offerings linked to this policy (collectively, the “Services”). It explains how Olive Financial, Inc. (“Olive,” “we,” “our,” or “us”) collects, uses, stores, and protects your personal data. Please read it carefully to understand your rights and our responsibilities regarding your information.

Scope of this Privacy Policy

In providing the Services, Olive may collect personal data from individuals interacting with our Services, including, without limitation, website visitors, customers, potential customers, and service providers. By accessing or using our Services, you acknowledge and consent to our practices regarding the collection, use, and sharing of your information as outlined in this Privacy Policy.

This Privacy Policy addresses how we handle “personal data,” defined as any information identifying or relating to a specific individual, including information classified as “personally identifiable information” or “personal information” under applicable privacy laws, rules, or regulations. This Policy does not apply to the practices of entities we do not own or control or to individuals we do not manage.

This Privacy Policy does not cover personal information we process on behalf of our business customers in providing Services to them. In such cases, our data handling is governed by agreements with these customers. If you have concerns about personal information processed on behalf of a business customer, please contact that customer directly, as they control the use of your information.

What Personal Data Do We Collect?

This chart details the categories of personal data that we collect and have collected over the past 12 months:

Category of Personal Data

Examples of Personal Data We Collect

Categories of Third Parties with Whom We Share this Personal Data

Identity and Profile Information

First and last name

Email address

Phone number

Mailing address

Name of employer or company

Job title

Other identity verification information reasonably requested

Service Providers

Parties You Authorize

Your Employer (If you register with a company email address)

Payment Information

Credit card number

Payment card type

Bank account and routing number

Billing address

Service Providers (e.g., Stripe if used to process payments)

Web Analytics

Web page interactions

Non-identifiable request IDs

IP addresses

Service Providers

Parties You Authorize

Device IP/Data

Device ID

Domain server

Type of device/operating system/browser used to access the Services

Service Providers

Parties You Authorize 

Other Identifying Information that You Voluntarily Choose to Provide

Identifying information submitted by you in emails, messages, posts, survey responses or other content you share, post or upload to the Services

Service Providers

Parties You Authorize

Your Employer (If you register with a company email)

Categories of Sources of Personal Data

We collect personal data about you from the following categories of sources:

  • You
    • When you provide such information directly to us.
    • When you create an account or use our Services.
    • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.
    • When you upload files or authorize access to third-party applications.
    • When you send us an email or otherwise contact us.
    • When you use the Services and such information is collected automatically.
    • Through Cookies (defined in the “Tracking Tools, Advertising and Opt-Out” section below).
  • Third Parties
    • Integration Partners and Third-Party Services: We may obtain certain personal data from our integration partners and third-party services (including, for example, GitHub and other coding repository platforms)
    • Vendors: We may use analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.

Our Commercial or Business Purposes for Collecting Personal Data

  • Providing, Customizing and Improving the Services
    • Creating and managing your account.
    • Setting up your repositories and push/pull requests with your designated coding repositories.
    • Processing orders; billing.
    • Providing you with the products, services or information you request.
    • Providing your service and product needs and preferences.
    • Meeting or fulfilling the reason you provided the information to us.
    • Providing support and assistance for the Services.
    • Improving the Services and our algorithms and AI models, including testing, research, internal analytics and product development.
    • Personalizing the Services, website content and communications based on your preferences.
    • Doing fraud protection, security and debugging.
    • Carrying out other business purposes stated when collecting your personal data or as otherwise set forth in applicable data privacy laws.
    • Processing your natural language commands and queries to execute requested operations.
    • Analyzing anonymized usage patterns to improve our natural language interface functionality.
  • Marketing the Services
    • Marketing and selling the Services.
  • Corresponding with You
    • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Olive or the Services.
    • Sending emails and other communications according to your preferences.
  • Meeting Legal Requirements and Enforcing Legal Terms
    • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating alleged crimes, security incidents and potentially illegal or prohibited activities.
    • Protecting the rights, property or safety of you, Olive or another party.
    • Enforcing any agreements with you.
    • Responding to claims that any posting or other content violates third-party rights.
    • Resolving disputes.

We will not collect additional categories of personal data or use the personal data we collected for materially different, unrelated or incompatible purposes without providing you notice.

How We Share Your Personal Data

We disclose your personal data to the categories of service providers and other parties listed in this section. Depending on state laws that may be applicable to you, some of these disclosures may constitute a “sale” of your personal data. For more information, please refer to the section with state-specific rights below.

  • Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:
    • Hosting, technology and communication providers.
    • AI & machine learning providers.
    • Security and fraud prevention consultants.
    • Support and customer service vendors.
    • Payment processors.
      • Our payment processing partner Stripe, Inc. (“Stripe”) collects your voluntarily provided payment card information necessary to process your payment. Please see Stripe’s terms of service and privacy policy for information on its use and storage of your personal data.
  • Analytics Partners. These parties provide analytics on web traffic or usage of the Services. They include:
    • Companies that track how users found or were referred to the Services.
    • Companies that track how users interact with the Services.
  • Parties You Authorize, Access or Authenticate
    • Third-party services and integration partners (including, for example, GitHub and other coding repository platforms). When authorized, we access only the repositories and code you explicitly grant permission to view.

Legal Obligations

We may share any personal data that we collect with third parties in conjunction with any of the activities set forth under “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting Personal Data” section above.

Business Transfers

All of your personal data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

Data that is Not Personal Data

We may create aggregated, de-identified or anonymized data from the personal data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services (including to improve our algorithmic models) and promote our business, provided that we will not share such data in a manner that could identify you.

Data from Connected Systems

When providing our Services, we may access personal data from systems you connect to Olive, such as databases and APIs. We process this personal data solely to deliver the requested functionality as outlined in our customer agreement with you. We implement appropriate security measures for these connections and do not independently store your Personal Data beyond what is necessary for the Services or as otherwise provided in this Privacy Policy.

Tracking Tools, Advertising and Opt-Out

The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser, tell us how and when you visit and use our Services, analyze trends, learn about our user base and operate and improve our Services. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone or similar device when you use that device to access our Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Services do not support “Do Not Track” requests sent from a browser at this time.

We use the following types of Cookies:

  • Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and services unavailable.
  • Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These Cookies help us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Services. They do this by collecting information about the number of visitors to the Services, what pages visitors view on our Services and how long visitors are viewing pages on the Services. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising.

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.

To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/.

Data Security and Retention

We seek to protect your personal data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of personal data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

As part of our Services, we may maintain audit logs of user activities based on your configured settings. These logs may record actions such as tool creation and database queries. The specific activities logged, retention periods, and access permissions are determined by the settings you select. If you are a business customer, you control who within your organization can access these logs through your administrator settings.

If you are a business customer, access to your data by your authorized users is restricted based on the permissions you configure within the Services. You are responsible for setting appropriate internal permissions. Our support teams may require temporary access to troubleshoot issues upon request and as otherwise provided in this Privacy Policy.

We retain personal data about you for as long as you have an open account with us or as otherwise necessary to provide you with our Services (including, without limitation, for so long as necessary to “settle” a transaction). In some cases we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

Personal Data of Children

As noted in the Terms of Service, we do not knowingly collect or solicit personal data about children under 13 years of age; if you are a child under the age of 13, please do not attempt to register for or otherwise use the Services or send us any personal data.

State Law Privacy Rights

California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of personal data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at [email protected].

Nevada Resident Rights

If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal data to third parties who intend to license or sell that personal data. You can exercise this right by contacting us at [email protected] with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account.

Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia Rights

To the extent that Olive is processing any of your personal data in scope of the Colorado Privacy Act, Connecticut Data Privacy Act, Montana Consumer Data Privacy Act, Oregon Consumer Privacy Act, Texas Data Privacy and Security Act, Utah Consumer Privacy Act and/or Virginia Consumer Data Protection Act, Olive will:

  1. Ensure that each person authorized to process personal data is subject to a duty of confidentiality with respect to the personal data;
  2. If you are employed by one of our business customers, at their direction, delete or return all your personal data as they may request at the end of the provision of the Services, unless retention of the personal data is required by law;
  3. Adhere to instructions from our business customers to Olive regarding treatment of your personal data. Our business customers are required to ensure that their instructions to Olive adhere to all applicable laws.
  4. Allow, and cooperate with, reasonable assessments by a designated assessor of a business customer; alternatively, Olive may arrange for a qualified and independent assessor to conduct an assessment of Olive’s policies and technical and organizational measures in support of the obligations under the foregoing laws using an appropriate and accepted control standard or framework and assessment procedure for such assessments. Olive shall provide a report of such assessment to its applicable business customer upon request; and
  5. Engage any subcontractor pursuant to a written contract in accordance with the foregoing laws that requires the subcontractor to meet the obligations of Olive with respect to the personal data; and the parties (subcontractor and Olive) shall, taking into account the context of the processing, implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk and establish a clear allocation of the responsibilities between them to implement the measures. Customer may object to such an engagement of a subcontractor.

Changes to this Privacy Policy

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time, but we will alert you to any such changes by placing a notice on the Olive website, by sending you an email and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect is subject to the Privacy Policy in effect at the time such information is collected.

Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your personal data or your choices and rights regarding such collection and use, please do not hesitate to contact us at [email protected].