Privacy Policy

From distributors: business name, EIN, website URL, contact email, monthly processing volume estimate, buyer-base description, and onboarding documentation (entity records, certificates of analysis, storefront URLs).

From verified counterparties on connected storefronts: institution name, professional credentials, stated research purpose, IP address, timestamp, attestation signature, and the cryptographic hash of the signed agreement.

Automatically: log data, device identifiers, scan results from compliance monitoring, and processor-related metadata.

To operate the platform, verify counterparties, generate and seal audit records, run weekly storefront compliance scans, enforce jurisdiction controls, respond to processor inquiries with exportable audit trails, communicate with distributors, prevent fraud and abuse, and comply with our legal obligations.

SolRUO processes information on the basis of (a) contract performance with the distributor, (b) legitimate interests in operating a compliant payment infrastructure platform, (c) compliance with legal obligations, and (d) consent where required.

SolRUO shares information with: (a) the distributor's connected payment processor, when required to substantiate a transaction, attestation, or compliance posture; (b) infrastructure subprocessors that provide hosting, database, monitoring, and email services under written contracts; (c) law enforcement or regulators when legally required; (d) successors in the event of a corporate transaction.

SolRUO does not sell personal information.

Audit records and signed attestations are retained for a minimum of seven (7) years from the date of the underlying transaction, consistent with processor expectations and regulatory good-practice norms. Distributor account data is retained for the life of the account plus 24 months. You may request earlier deletion subject to legal-hold obligations.

SolRUO maintains administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest, role-based access controls, cryptographic sealing of audit records, and routine security review. No system is fully secure; SolRUO does not warrant absolute security.

Depending on your jurisdiction, you may have rights to access, correct, port, or delete information about you. Distributors may exercise these rights from within the platform. Verified counterparties on a connected storefront may direct requests to the distributor; SolRUO acts as a processor in that relationship.

Information may be processed in the United States. Where applicable, SolRUO relies on standard contractual clauses or equivalent transfer mechanisms.

The platform is exclusively B2B and is not directed to anyone under 18. SolRUO does not knowingly collect information from minors.

Privacy inquiries: privacy@solruo.com.