Last updated: January 1, 2026. We take the privacy of your institution’s data as seriously as you do.
We collect information you provide when registering for an account, requesting a demo, or contacting us — including your name, work email, credit union name, asset size, core processor, and compliance interests. For platform customers, we collect and process financial data including GL trial balances, regulatory filing data, and member transaction records, exclusively for the purpose of generating the regulatory reports and analytics you’ve subscribed to receive.
We use collected information to provide and improve our services, process regulatory filings on your behalf, send transactional communications, and comply with our own regulatory obligations. We do not sell your data. We do not use your credit union’s financial data for any purpose other than delivering the services you’ve subscribed to.
PinotPulse implements field-level encryption, 8-tier role-based access control, Row-Level Security across all database tables, RS256 JWT authentication, and AWS Secrets Manager for credential management. All data in transit uses TLS 1.3. All data at rest uses AES-256 encryption. We operate on AWS with private VPC networking and no public database exposure.
We retain account data for the duration of your subscription and for legally required periods thereafter. Regulatory filing records are retained for a minimum of 7 years as required by BSA/AML regulations. You may request deletion of non-regulatory data by contacting us.
You have the right to access, correct, or delete your personal information, and to request a copy of your data in machine-readable format. Contact us to exercise these rights. We respond within 30 days.
For privacy-related inquiries, contact us or write to: PinotPulse Enterprise, McKinney, TX.
