Skip to content
Slate raises $1.3M pre-seedRead more →

Privacy Policy

Slate & Dropp Labs Privacy Policy

SLATE FINANCIAL TECHNOLOGIES INC. & DROPP LABS, INC.

PRIVACY POLICY

Effective Date: May 7, 2026

Last Updated: May 7, 2026

Introduction

Slate Financial Technologies Inc. ("Slate") and Dropp Labs, Inc. ("Dropp Labs") (together with "we," "our," or "us") are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information.

This Policy applies to:

  • Visitors and general users of the Slate website and platform
  • Business customers applying for or using our Merchant Cash Advance (MCA) services
  • Individual workers applying for or using our Future Earnings Purchase Agreement (FEPA) services, including Earned Wage Advances (EWA)

We collect and process personal information in accordance with applicable Canadian and U.S. privacy laws. In Canada, this includes the federal Personal Information Protection and Electronic Documents Act (PIPEDA), the British Columbia Personal Information Protection Act (PIPA), and other applicable provincial privacy laws. In the United States, this includes Title V of the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act as amended (CCPA/CPRA), and analogous state privacy laws (including those of Virginia, Colorado, Connecticut, Utah, and Texas) where applicable.

For users in Canada, Slate Financial Technologies Inc. is the data controller. For users in the United States, Dropp Labs, Inc. is the data controller. Slate and Dropp Labs are affiliated entities and may share personal information between them as described in Section 5.

By submitting an application or using our services, you acknowledge that you have read, understood, and consent to the practices described in this Policy.

Nature of Our Services

Slate provides receivables purchase services and future earnings purchase services, not loans. When you use our services:

  • Business customers (MCA): You sell a portion of your future business receivables to Slate in exchange for immediate capital. This is a true sale of assets, not a debt or loan.
  • Individual workers (FEPA / EWA): You sell a portion of your future Platform Earnings to Slate in exchange for an immediate, upfront payment. This is a true sale of future earnings, not a debt or loan.

Terminology in this Policy (such as "underwriting" and "risk assessment") refers to our evaluation of receivables quality and collectability, or the quality and collectability of future Platform Earnings, not creditworthiness for lending purposes. You are not borrowing money or incurring debt. You are selling future receivables or future earnings at a discount.

1. What Personal Information We Collect

The information we collect depends on how you interact with us. The categories below identify which apply to your relationship with Slate.

1.1 General Website Visitors and Users

For all users of our website and platform:

  • Name and contact information (email address, phone number, mailing address)
  • Account credentials (username and password)
  • Communications you send to us
  • Device information (IP address, browser type, operating system, device identifiers)
  • Usage data (pages visited, features used, time spent, date and time of access)
  • Cookies and similar tracking technologies
  • Approximate geolocation (if you permit)

1.2 Business Customers (Merchant Cash Advance)

If you apply for or use our MCA services, we also collect:

Business Owner / Principal Information

  • Full legal name, date of birth, and government tax identifier (Social Insurance Number for Canadian residents, or Social Security Number / Individual Taxpayer Identification Number for U.S. residents)
  • Home address and contact information (phone, email)
  • Government-issued identification (driver’s licence/license, passport, state-issued ID)
  • Personal financial information (personal credit history, assets)
  • Ownership percentage and role in the business

Business Information

  • Legal business name, operating name, and business identifier (CRA Business Number for Canadian businesses, IRS Employer Identification Number for U.S. businesses)
  • Business address, phone number, and email
  • Business bank account information
  • Business financial records (bank statements, revenue data, tax returns)
  • Payment processor data (Stripe, Square, etc.)
  • Business credit history and trade references

Transaction Information (MCA)

  • Details about your receivables purchase agreement with Slate
  • Remittance history and account activity
  • Communications with Slate (emails, calls, messages)

Third-Party Information

  • Information from credit bureaus and reporting agencies
  • Bank and payment processor verification data
  • Information from Platform Partners who referred you to Slate
  • Publicly available business information

1.3 Individual Workers (Future Earnings Purchase Agreements)

If you apply for or use our FEPA services (including Earned Wage Advances), we also collect:

Identity Information

  • Full legal name
  • Date of birth
  • Government tax identifier (Social Insurance Number for Canadian residents, or Social Security Number for U.S. residents, where applicable)
  • Government-issued photo identification (driver’s licence/license, passport, state-issued ID)
  • Biometric or liveness verification data (facial images captured during identity verification)
  • Current residential address
  • Email address and phone number

Financial Information

  • Personal bank account details (institution, transit number, account number)
  • Bank account transaction history (to assess income patterns and cash flow)
  • Credit report and credit score from credit bureaus (TransUnion, Equifax, and Experian)
  • Existing debts, consumer proposals, or bankruptcy history

Platform Earnings Information

  • Platform Partner identity and your account status
  • Historical Platform Earnings (amounts, frequency, and duration)
  • Work history and earnings history on the Platform Partner’s platform
  • Platform ratings, reviews, or performance metrics (where available and relevant to earnings assessment)
  • Projected future Platform Earnings

Transaction Information (FEPA)

  • FEPA terms (Advance Amount, Purchased Amount, Early Access Fee, Remittance Structure)
  • Remittance payment history (PAD transactions, Direct Remittance records)
  • Returned payment records
  • Earnings Decline Adjustment requests and outcomes
  • Communication records between you and Slate

2. How We Collect Your Information

We collect personal information through:

Direct Collection

  • Information you provide in application forms
  • Documents you submit (bank statements, identification, tax records)
  • Communications with our team (phone, email, chat)
  • Your use of our platform and services

Automated Collection

  • Integration with your payment processor (Stripe, Square, etc.) for MCA customers
  • Integration with your bank accounts via third-party services (Plaid, Flinks)
  • Cookies and tracking technologies on our website and platform
  • System logs and usage analytics

Third-Party Sources

  • Credit bureaus (Equifax, TransUnion, and Experian)
  • Open banking and financial data providers
  • Platform Partners (with your consent)
  • Identity verification providers (Veriff)
  • Public business registries and databases (for MCA customers)
  • Fraud prevention services

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Application Processing and Underwriting

  • Verifying your identity in compliance with applicable AML laws (PCMLTFA and FINTRAC requirements in Canada; the Bank Secrecy Act, USA PATRIOT Act, and FinCEN requirements in the United States)
  • Evaluating eligibility for our services
  • Assessing the quality, reliability, and collectability of receivables (MCA) or future Platform Earnings (FEPA)
  • Conducting credit checks to assess receivables or earnings quality
  • Determining purchase amounts, fees, and remittance structures
  • Making approval or decline decisions

3.2 Service Delivery and Account Management

  • Setting up and managing your account
  • Processing receivables or earnings purchase transactions
  • Collecting remittances through automated systems (PAD, Direct Remittance)
  • Monitoring account performance and Agreement compliance
  • Verifying requests for Revenue Decline Adjustments (MCA) or Earnings Decline Adjustments (FEPA)
  • Monitoring trust compliance for MCA customers (Merchant holds Receivables in trust for Slate’s benefit under the Agreement)
  • Providing customer support and communications

3.3 Legal and Regulatory Compliance

  • Complying with anti-money laundering (AML) and counter-terrorism financing laws (PCMLTFA in Canada; Bank Secrecy Act and USA PATRIOT Act in the United States)
  • Meeting know-your-customer (KYC) requirements
  • Reporting suspicious transactions to FINTRAC (in Canada) or filing Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs) with FinCEN (in the United States)
  • Fulfilling tax reporting obligations
  • Responding to legal processes and government requests
  • Filing protective registrations under the Personal Property Security Act (PPSA) in Canada or UCC-1 financing statements under Article 9 of the Uniform Commercial Code in the United States, where applicable
  • Maintaining records as required by law

3.4 Risk Management and Business Operations

  • Detecting and preventing fraud, identity theft, and financial crime
  • Managing transaction and collection risk
  • Monitoring portfolio performance
  • Improving our underwriting models and risk assessment processes
  • Improving our products and services
  • Training staff and quality assurance
  • Internal audits and compliance monitoring

3.5 Marketing and Communications (with your consent)

  • Sending information about new products and services
  • Providing promotional offers and updates
  • Conducting market research and surveys

3.6 Analytics and Improvement

  • Analyzing platform usage and performance
  • Developing new features and services
  • Creating anonymized data for research and reporting

4. Legal Basis for Processing

We process your personal information based on:

  • Your consent
  • Necessity to fulfill our contract with you
  • Compliance with legal obligations
  • Our legitimate business interests

5. How We Share Your Information

We may share your personal information with the following parties:

5.1 Service Providers

Third-party vendors who process information on our behalf, including:

  • Payment processors and PAD providers (ZumRails, ACH providers, Stripe)
  • Banking and financial data aggregators (Plaid, Flinks)
  • Cloud hosting and data storage providers
  • Identity verification and fraud prevention services (Veriff)
  • Customer relationship management (CRM) systems
  • Electronic signature platforms (HelloSign / Dropbox Sign)
  • Analytics tools

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Credit Bureaus

We share information with credit bureaus including TransUnion, Equifax, and Experian (in their Canadian and U.S. operations as applicable), including:

  • Account status, payment history, and remittance performance
  • Information about Events of Breach (FEPA) or breaches (MCA)
  • Other information authorized under our Credit Check Authorization Terms

5.3 Platform Partners (FEPA Customers)

We share limited information with your Platform Partner as necessary to administer your FEPA, including activating and managing Direct Remittance arrangements. We do not share your credit report, SIN, or banking details with Platform Partners.

5.4 Platform Partners (MCA Customers)

We share limited information with the Platform Partner who referred you to Slate, including application status, approval decisions, and transaction summaries. Platform Partners are not agents, brokers, or lenders. They do not make purchase decisions, do not have access to your full application data, and bear no responsibility for servicing, collection, or enforcement of your Agreement.

5.5 Affiliated Entities

We may share personal information with our U.S. affiliated entity, Dropp Labs, Inc., for corporate administration, financial reporting, and risk management purposes. When information is transferred to the United States, it is subject to U.S. laws, which may differ from Canadian privacy laws. We implement contractual protections to safeguard your information in such transfers.

5.6 Legal and Regulatory Authorities

We may disclose your personal information when required by law, in response to a valid court order, subpoena, or regulatory request, or to comply with our obligations under applicable AML laws (PCMLTFA in Canada; Bank Secrecy Act in the United States), tax laws, or other applicable legislation. This includes:

  • Government agencies and regulators (including FINTRAC and the Office of the Privacy Commissioner of Canada; FinCEN, OFAC, the IRS, the FTC, the CFPB, and state attorneys general in the United States)
  • Law enforcement
  • Legal counsel and advisors
  • Courts and dispute resolution bodies
  • Provincial Personal Property Security Act (PPSA) registries (Canada) and U.S. state UCC filing offices, for protective filings related to MCA receivables purchases

5.7 Recovery and Enforcement

Recovery agencies may receive your information only if you breach the Agreement and we engage them to recover amounts owed.

5.8 Business Transactions

Potential buyers, investors, or merger partners may receive your information (with appropriate safeguards) in connection with a merger, acquisition, sale of assets, or business reorganization.

5.9 With Your Consent

We may share your personal information with other parties if you provide specific, informed consent for such disclosure.

We do not sell your personal information to third parties for marketing purposes.

6. Credit Checks and Reporting

By applying for our services, you authorize Slate to:

  • Obtain your personal and business credit reports from credit bureaus (Equifax, TransUnion, Experian, and others, in their Canadian and U.S. operations as applicable)
  • Share information about your account, remittance history, and any breaches with credit bureaus
  • Conduct periodic credit checks throughout our relationship to monitor receivables or earnings quality
  • Access your credit information as often as reasonably necessary for our business purposes

Important Context

Credit information helps us assess the quality and collectability of receivables or future earnings. Unlike a loan application where credit determines your ability to repay debt, we use credit data to evaluate the risk profile of the receivables or earnings you are selling to us.

You acknowledge that:

  • Credit inquiries may appear on your credit report
  • We may use both "soft" and "hard" credit checks
  • Credit checks may affect your credit score
  • This authorization remains valid for the duration of our relationship

7. Automated Data Access

By using our services, you authorize Slate to:

  • Access your bank account information through third-party services (Plaid, Flinks)
  • For MCA customers, access your payment processor data (Stripe, Square, etc.) to monitor revenue and collect remittances
  • Automatically retrieve transaction data, revenue or earnings information, and account balances
  • Continue accessing this information for the duration of your Agreement

You acknowledge that:

  • You will provide necessary credentials and authorizations
  • Data access enables automated remittance collection and account monitoring
  • Revoking access may affect our ability to service your Agreement, including processing remittances, monitoring account performance, and verifying eligibility for Revenue or Earnings Decline Adjustments
  • If you need to change or update your data access credentials, please contact Slate before making changes to ensure continuity of service
  • We use secure, industry-standard methods to access your data

8. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Policy.

During Active Relationship

  • For the full term of your Agreement (MCA or FEPA)
  • Plus any applicable cure or recovery periods

After Relationship Ends

  • Minimum 7 years from the date of your last transaction for MCA customers, to meet legal and regulatory requirements
  • Minimum 5 years for FEPA customers (in compliance with PCMLTFA and FINTRAC record-keeping requirements in Canada) and minimum 5 years for U.S. customers (in compliance with Bank Secrecy Act record-keeping requirements)
  • Identity verification records: minimum 5 years (in compliance with PCMLTFA in Canada and the Bank Secrecy Act in the United States)
  • Declined applications: minimum 5 years to comply with regulatory requirements
  • Longer if required by law, court order, or ongoing legal proceedings
  • Longer if necessary to protect our legal rights or defend claims

After Retention Period

  • Personal information is securely destroyed or permanently anonymized
  • Some anonymized data may be retained indefinitely for analytics and research

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Access controls and authentication procedures
  • Regular security audits and vulnerability assessments
  • Employee and contractor training on privacy and security practices
  • Secure data centers with physical access controls
  • Incident response and breach notification procedures

While we take reasonable precautions, no method of transmission or storage is completely secure. If you become aware of a potential security issue, please contact us immediately at [email protected].

10. International Data Transfers

Your personal information may be transferred between Canada and the United States, and processed in either jurisdiction, through our affiliated entities (Slate Financial Technologies Inc. in Canada and Dropp Labs, Inc. in the United States) and through service providers located in either country. When we transfer data across borders, we ensure appropriate safeguards are in place, including:

  • Contractual protections requiring equivalent privacy standards
  • Security measures to protect data in transit and storage
  • Compliance with applicable cross-border data transfer regulations

By using our services, you consent to the transfer of your personal information between Canada and the United States and to other jurisdictions where our service providers operate.

11. Your Privacy Rights

You have certain rights regarding your personal information. The specific rights available to you depend on your jurisdiction. The summary below describes the core rights that apply to all users. For jurisdiction-specific rights (Canada and U.S. states), see the Region-Specific Rights section toward the end of this Policy.

Right of Access

Request a copy of the personal information we hold about you. We will respond within 30 days.

Right of Correction

Request correction of inaccurate or incomplete personal information.

Right to Withdraw Consent

Withdraw your consent to the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions. Withdrawing consent may affect our ability to provide services to you, including the administration of an active Agreement.

Right to Complain

File a complaint with the Office of the Privacy Commissioner of Canada, your provincial privacy commissioner, or, in the United States, with your state attorney general or the Federal Trade Commission. See Section 17 for contact details.

To exercise your rights, contact us at:

Email: [email protected]

Phone: (778) 653-9468

12. Withdrawing Your Consent

You may withdraw your consent to certain uses of your personal information at any time by contacting us. However, please note:

Consent for Core Services Cannot Be Withdrawn

If you withdraw consent for information necessary to provide our services, we may not be able to continue your Agreement.

Consent for Marketing Can Be Withdrawn

You can opt out of marketing communications at any time by clicking "unsubscribe" in our emails or contacting us. This will not affect your purchase services.

Some Uses Do Not Require Consent

We may continue to use your information for legal compliance, fraud prevention, and enforcing our rights even if you withdraw consent.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver personalized content. You can manage cookie preferences through your browser settings. Disabling cookies may affect functionality.

14. Children’s Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from anyone under 18. We do not knowingly sell or share the personal information of consumers under 16 years of age (as defined under the California Consumer Privacy Act) and we do not knowingly collect personal information from children under 13 years of age (as defined under the U.S. Children’s Online Privacy Protection Act). If you believe we have collected information from a minor, please contact us immediately and we will take appropriate steps to delete that information.

15. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you by:

  • Email to your registered email address
  • Notice on our website
  • Notice in your account dashboard (where applicable)

For material changes affecting active Agreement holders, we will provide notice at least 30 days before changes take effect, where reasonably practicable. The "Last Updated" date at the top of this Policy indicates when it was last revised. Your continued use of our services after changes constitutes acceptance of the updated Policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact our Privacy Officers. Use the Slate contact for matters relating to Canadian users and the Dropp Labs contact for matters relating to U.S. users. If you are unsure which applies, either contact will route your request appropriately.

Slate Financial Technologies Inc.

Attention: Privacy Officer

1322 West Broadway St Unit 1006

Vancouver, BC V6H 1H2

Canada

Email: [email protected]

Phone: (778) 653-9468

For U.S. users:

Dropp Labs, Inc.

Attention: Privacy Officer

8518 Kings Cove Drive

Salt Lake City, UT 84121

USA

Email: [email protected]

Phone: (385) 217-2119

17. Complaints

If you have a complaint about our handling of your personal information, please contact us first. If you are not satisfied with our response, you may file a complaint with:

Office of the Privacy Commissioner of Canada

30 Victoria Street

Gatineau, Quebec K1A 1H3

Toll-free: 1-800-282-1376

Website: www.priv.gc.ca

In British Columbia, you may also file a complaint with the Office of the Information and Privacy Commissioner for British Columbia (OIPC BC).

U.S. residents may also file a complaint with the relevant authority in their state or with the Federal Trade Commission:

Federal Trade Commission

600 Pennsylvania Avenue, NW, Washington, DC 20580

Toll-free: 1-877-382-4357

Website: www.ftc.gov

California residents may also file a complaint with the California Privacy Protection Agency (cppa.ca.gov) or the California Attorney General (oag.ca.gov). Residents of other U.S. states (including Virginia, Colorado, Connecticut, Utah, and Texas) may file a complaint with their state attorney general.

18. Sale or Sharing of Personal Information

We do not sell personal information for monetary consideration. We do not "sell" or "share" personal information for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act (CCPA) or analogous U.S. state privacy laws. We do not knowingly sell or share the personal information of consumers under 16 years of age.

We disclose personal information to service providers, processors, and contractors only as needed to provide our services and only under written agreements that restrict their use of that information to the purposes we specify. See Section 5 for the categories of recipients.

19. Sensitive Personal Information

Some of the personal information we collect is "sensitive" under the CCPA and analogous U.S. state laws, including:

  • Government identifiers (Social Security Number, Social Insurance Number, driver’s licence/license number, passport number, state-issued ID number)
  • Financial account information, including bank account numbers and access credentials when collected through open banking
  • Biometric and liveness verification data captured during identity verification
  • Precise geolocation data (where you provide it during authentication or fraud-prevention checks)

We use sensitive personal information only for the purposes for which it was collected (identity verification, fraud prevention, AML compliance, transaction processing, and recordkeeping required by law). We do not use sensitive personal information for the purpose of inferring characteristics about you, and we do not use it for marketing or advertising.

20. Region-Specific Rights

In addition to the general rights described in Section 11, the following jurisdiction-specific rights apply.

20.1 Canadian Residents (PIPEDA and Provincial Privacy Laws)

If you are located in Canada, you have the rights described in Section 11 (access, correction, withdrawal of consent, and complaint), exercisable in accordance with PIPEDA and applicable provincial privacy legislation. We will respond to verifiable requests within 30 days, with one possible extension as permitted by law.

20.2 California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act):

  • Right to Know.  Request the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of recipients.
  • Right to Delete.  Request deletion of personal information we have collected, subject to legal exceptions (including AML recordkeeping and active Agreement administration).
  • Right to Correct.  Request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing.  As stated in Section 18, we do not sell or share personal information. No opt-out is required, but the right exists.
  • Right to Limit Use of Sensitive Personal Information.  As stated in Section 19, we use sensitive personal information only for purposes permitted under CCPA. No limitation request is required, but the right exists.
  • Right to Non-Discrimination.  We will not deny services, charge different prices, or provide a different level or quality of service because you exercised any of your privacy rights.
  • Right to Use an Authorized Agent.  Designate an authorized agent to make a request on your behalf. We will require written authorization signed by you and may require you to verify your identity directly with us.

We will respond to verifiable requests within 45 days. We may extend this period by up to an additional 45 days when reasonably necessary, with notice to you.

20.3 Other U.S. State Residents

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), or Texas (TDPSA), you have rights substantially similar to the California rights described in Section 20.2, including the rights to access, correct, and delete your personal information, the right to opt out of targeted advertising and sale (which we do not engage in), and, in most of these states, the right to appeal a denial of a privacy request. Residents of other U.S. states may have similar rights under their state laws as those laws come into effect. We will honor verifiable requests in accordance with the applicable state law.

20.4 How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected] with the subject line "Privacy Request" and a description of your request and your jurisdiction. We will verify your identity (typically by confirming information you have already provided to us) before fulfilling the request. We will not charge a fee for a verifiable consumer request unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline to act, in accordance with applicable law.

21. Anti-Spam and Anti-Abuse Policy

Slate does not advertise its website, products, or services through unsolicited commercial electronic messages. We send commercial electronic messages only to recipients who have provided express or implied consent under applicable law, including Canada's Anti-Spam Legislation (CASL) and the U.S. CAN-SPAM Act (15 U.S.C. § 7701 et seq.). Every commercial electronic message we send identifies Slate as the sender, includes accurate routing and subject line information, and provides a clear and functioning unsubscribe mechanism.

Specifically, Slate does not:

  • Send unsolicited commercial email, SMS, or other electronic messages to promote our website or services
  • Purchase, rent, harvest, scrape, or otherwise acquire third-party contact lists for marketing purposes
  • Use deceptive subject lines, false sender information, spoofed headers, or misleading routing information in any electronic message
  • Engage in automated or bulk outreach designed to circumvent applicable anti-spam laws
  • Authorize any third party, affiliate, or service provider to send unsolicited messages on our behalf

Transactional and service-related messages (including remittance confirmations, account notices, breach notifications, document delivery, identity verification messages, and other communications required to administer an active Agreement) are not commercial electronic messages and are sent as part of our service.

Slate also does not engage in deceptive web or search practices to drive traffic to our website. We do not use cloaking, hidden text or links, doorway pages, scraped or auto-generated content, keyword stuffing, paid link schemes, machine-generated traffic, misleading redirects, or any other practice prohibited by Google's spam policies for web search or analogous search engine policies. We do not distribute malware, unwanted software, or any content designed to harm users or compromise their devices.

You may withdraw your consent to receive commercial electronic messages from Slate at any time by clicking the unsubscribe link in any marketing email, replying STOP to any marketing SMS, or contacting [email protected] with the subject line "Unsubscribe." Withdrawal of consent does not affect transactional communications relating to an active Agreement.

If you believe you have received an unsolicited message that appears to come from Slate or that impersonates Slate, please report it to [email protected] so we can investigate. We treat impersonation, spoofing, or unauthorized use of the Slate brand as a security and compliance matter and will take appropriate action, including reporting to relevant authorities where warranted.

Your Consent

By submitting an application to Slate or using our services, you acknowledge and consent to:

  • The collection, use, and disclosure of your personal information as described in this Policy
  • Credit checks and credit bureau reporting as described in Section 6
  • Automated access to your bank and (for MCA customers) payment processor data as described in Section 7
  • International transfer of your personal information as described in Section 10
  • All other practices described in this Policy

If you do not consent to these practices, please do not submit an application or use our services.

Document Version: 5.0 — unified Canada/U.S. policy. Supersedes Privacy Policy v4.0. Aligned with MCA Master Terms v1.0 (Canada), MCA Master Terms (US) v1.0, Schedule A (Canada and US), FEPA Traditional v3.1, FEPA EWA v3.2, and applicable Terms and Conditions.

Page  of