CFO X Privacy Policy
Full text. As of April 27, 2026.
1. Scope
CFO X, Inc. and its affiliates (“CFO X”, “we”, “us” or “our”) prioritize privacy. This Privacy Policy explains information practices regarding collection, use, disclosure, and retention of personal information through our website at cfo-x.ai and related services.
The policy applies to U.S. consumers and covers information collected through digital means. We maintain separate policies for employees and applicants.
Our Digital Properties may contain third-party links. We are not responsible for the privacy or other practices of such other sites. Users should review privacy statements of visited websites independently.
Your use of our Digital Properties is subject to our Terms of Use, which incorporates this Privacy Policy.
State-specific privacy information is available below for California, Colorado, Connecticut, and Virginia residents.
2. Information We Collect
2.1 Information You Provide
We collect personal and non-personal information through various means, including: name, address, telephone number, email address, professional information (job title, department, role), and contact preferences.
2.2 Information Collected Automatically
We automatically collect: IP address, browser type, device type, mobile carrier information, operating system, site version accessed, referring site, time and date of use, repeat visitor status, usage duration, and pages viewed. Approximate location may be derived from IP address.
2.3 App Usage Data
When downloading and using mobile applications, we and service providers may track app usage data, including access dates and times.
2.4 Cookies
We send cookies to improve interactions. A cookie is a small file containing a string of characters that is sent to your computer or device when you visit a website. Users must opt out separately on each device and browser. We do not currently respond to browser “do not track” signals.
For more information, visit allaboutcookies.org or our Cookie Policy.
2.5 Pixel Tags
We use pixel tags — small graphic files — to monitor website usage, collecting information such as IP addresses, URLs, viewing times, browser types, and cookie identification numbers. We may use “format sensing” technology to determine if emails were opened.
2.6 Other Sources
We may receive information from public databases, commercial sources, service providers, advisors, advertising networks, data analytics providers, internet service providers, operating systems and platforms, government entities, and other third parties.
Method Financial Authorization. As part of your relationship with us, you acknowledge and consent that:
- We use Method Financial to validate identity and prevent fraud using wireless carrier information. You authorize us to provide your information to Method and its service providers, and authorize your wireless carrier to disclose information to them.
- You authorize and direct Method to access, obtain, and transmit Enhanced Data from your financial institutions, lenders, creditors, and service providers. You consent to Method sharing the Enhanced Data with us. Your authorization, direction, and consent remains effective for the duration of your business relationship with us, solely for the purpose of providing you with services or products that you may request from us from time to time.
2.7 Aggregated Information
We may use deidentified and/or aggregated information that cannot reasonably be linked to you or your device. Such information is not subject to this Privacy Policy and may be used for research, analysis, and other legally permissible purposes.
3. Use of Information
3.1 To Provide Products, Services and Information
We use information to:
- Communicate regarding our Services
- Respond to requests and inquiries
- Register accounts
- Process payments
- Address legal matters
- Prevent, investigate, and stop fraudulent or illegal activity
3.2 Our Business Purposes
We use information for data analysis, research, audits, fraud monitoring and prevention, developing new products and services, enhancing our Digital Properties, identifying usage trends, determining marketing campaign effectiveness, and expanding business activities.
We may generate and use deidentified or aggregated information about customers for commercial purposes.
3.3 Marketing Communications
We use information to send marketing communications, determine campaign effectiveness, understand preferences, and promote services and products in accordance with your preferences and applicable law. You can opt out using email opt-out features or interest-based advertising options in Section 4.2.
3.4 Compliance with Law
We may process personal data for establishment, exercise, or defense of legal claims in court proceedings or administrative procedures.
3.5 Other Purposes
We may process information for obtaining or maintaining insurance, managing risks, complying with legal obligations, protecting vital interests, and improving service safety and reliability, including detecting fraud, abuse, security risks, and technical issues.
Note: limiting information collection or use may restrict service availability and prevent response to certain requests.
4. Disclosure of Information
4.1 Our Third Party Service Providers
We share information with service providers and agents providing services such as website hosting, data analysis, order fulfillment, IT infrastructure, customer service, email delivery, text messaging, payment processing, auditing, and related services. We require service providers to protect personal information and limit use to providing services to us and you. We may also share information with external auditors for accreditation and account audits.
4.2 Advertising and Third Party Advertisers
We may use third-party advertising companies to serve targeted advertisements based on your Digital Properties access and use, information you provide, and third-party data. These companies may place cookies and use pixel tags to measure ad effectiveness and recognize you across devices.
We may share Digital Properties usage and other information with third-party advertisers unless you opt out. State laws may provide opt-out rights for “sale” and “sharing” (see Your State Rights section).
Opt-out information.
- Learn about advertising practices at aboutads.info
- Opt out via the Digital Advertising Alliance’s consumer page: optout.aboutads.info
- Download AppChoices at aboutads.info/appchoices for mobile app opt-outs
4.3 Legal Requests or Requirements and to Prevent Harm
We reserve the right to disclose personal information as required by law and when necessary to protect our rights, comply with judicial proceedings, court orders, or legal processes. We may share information to prevent fraud, illegal activity, imminent bodily harm, or protect rights, property, Digital Properties, customers, and employees.
4.4 Transfer in the Event of Sale or Change of Control
If our business ownership substantially changes or we transfer assets to a third party, we may transfer your personal information to the new owner(s).
4.5 Related Companies
We may share personal information with affiliates or subsidiaries to help provide or support Services, service accounts, troubleshoot concerns, or support legitimate business operations.
4.6 Other Sharing of Non-Personally Identifiable Information
We may share non-personally identifiable information with third parties for any purpose, except where legally prohibited.
5. Data Security
We use physical, technical, and administrative security measures to protect personally identifiable information. However, no data transmission or storage system can be guaranteed to be 100% secure. If you believe your interaction with us is no longer secure, notify us at contact@cfo-x.ai immediately.
Take steps to protect against unauthorized access by signing off after using shared computers, choosing robust passwords, and keeping login credentials private. We are not responsible for lost, stolen, or compromised passwords or unauthorized account activity.
6. International Transfers
Your personal information may be transferred to and processed in countries other than your resident country. These countries may have different data protection laws.
Our website servers are located in the United States, with data stored in the U.S. through AWS. If you don’t reside in the U.S., U.S. laws may differ from your local laws. By using the Services, you acknowledge that any personal information about you, regardless of whether provided by you or obtained from a third party, is being provided to us in the U.S. and will be hosted on U.S. servers, and you authorize us to transfer, store and process your information to and in the U.S., and possibly other countries.
In some circumstances, personal information may be transferred pursuant to a data processing agreement incorporating standard data protection clauses.
7. Retention of Personal Information
We retain personal information as long as necessary to provide products and services and fulfill transactions, or for other business purposes such as legal compliance, dispute resolution, and agreement enforcement. Actual retention periods vary based on information type. Retention periods consider how long information is needed, applicable statute of limitations, and records retention requirements.
8. Personal Information of Minors
We do not knowingly collect or solicit personal information about children under 16 years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Digital Services or send us any personal information. If we learn we’ve collected information from children under 16, we’ll delete it quickly. Contact contact@cfo-x.ai if you believe a child under 16 provided information.
9. Your State Privacy Rights and Additional Disclosures
Notice at Collection
For the 12-month period prior to this Privacy Policy date, we have collected the following Personal Information categories:
| Category | Examples | Purpose | Recipients |
|---|---|---|---|
| Profile / contact data | Name, email, addresses, phone numbers, unique identifiers | Provide products/services; communicate; safety/security | Service providers; advertising partners; analytics partners; authorized parties |
| Device / IP data | IP address, device type, OS, browser, location | Provide products/services; communicate; safety/security | Service providers |
| Sensory data | Voice/audio recordings of environment | Provide products/services; communicate; safety/security | Service providers |
| Additional data (Cal. Civ. Code § 1798.80) | Signature, physical characteristics, financial information, medical information | As noted above | As noted above |
| Sensitive personal information | Account login data with security codes/passwords | Enable account access | Service providers |
Note:we do not “sell” or “share” this information as defined by the CCPA.
9.1 Important Additional Information for California Residents
If you are a California resident, the California Consumer Privacy Act (“CCPA”) provides these rights regarding personal information:
Right to non-discrimination
We do not discriminate against California residents for exercising CCPA rights.
Right to opt-out of sale of personal information
California residents may opt out of “sale” of personal information. Under the CCPA, “sale” includes disclosing or making available information to third parties in exchange for monetary compensation or other benefits. Click “do not sell or share my personal information” to opt out.
Right to opt-out of sharing
California residents may opt out of sharing personal information with third parties. “Sharing” under the CCPA means disclosing information for cross-context behavioral advertising. Click “do not sell or share my personal information” to opt out.
Right to correct
California residents may request correction of inaccurate personal information. We will use commercially reasonable efforts to correct information or provide instructions for correction.
Right to limit use of sensitive personal information
The CCPA allows limiting certain uses and disclosures of sensitive personal information to specified purposes. Due to our limited use of sensitive information, we are not required to offer this opt-out.
Right to opt-in
We do not sell or share personal information about residents we know are under 16 without opt-in consent.
Verifiable requests to delete and right to know
Subject to certain exceptions, California residents may make these requests at no charge, up to twice every 12 months.
Right of deletion. Residents may request deletion of collected personal information, subject to exemptions.
Right to know — right to a copy. Residents may request a copy of specific personal information collected in the prior 12 months, delivered by mail or electronically in a portable, readily useable format allowing transmission to another entity without hindrance.
Right to know — information. Residents may request information about how we handled their personal information in the prior 12 months, including:
- Categories of personal information collected
- Categories of information sources
- Business/commercial collection purposes
- Categories of third-party disclosure recipients
- Categories of information disclosed for business purposes
- Categories of information sold and recipients by category
Submitting requests
Contact us at contact@cfo-x.ai to exercise rights. We will respond to verifiable requests as required by law. We verify requests by matching provided information with our records and may request additional information if necessary. Authorized agents may initiate requests on behalf of California individuals with proof of authorization.
Financial incentives
We do not currently offer financial incentive programs.
Deidentified information
We maintain and use deidentified information in deidentified form and will not attempt reidentification unless legally permitted.
Do not track disclosure
We do not have a mechanism for responding to browser “do not track” signals or similar mechanisms for limiting online behavioral advertising collection.
“Shine the Light”
California Civil Code Section 1798.83 permits annual requests for third-party disclosure information for their direct marketing purposes. We do not share Personal Information with third parties for their direct marketing.
9.2 Virginia, Colorado and Connecticut Privacy Rights
If you are a Virginia, Colorado, or Connecticut resident, your state’s consumer privacy laws provide these rights regarding Personal Information:
Right to access
You may request to know personal information categories or specific pieces, and how it was collected, used, disclosed, and sold.
Right of deletion
You may request deletion of collected personal information, subject to exemptions.
Right to correct
You may request correction of inaccurate personal information, subject to exceptions.
Right to opt-out of sale or sharing
You may opt out of personal information processing for targeted advertising, sale of personal information, and/or profiling that produces legal or similarly significant effects.
Right to appeal
If we deny your request, you may appeal. We will respond within 45–60 days as required by applicable state law.
Submitting requests
See the “Submitting Requests” section above for request procedures.
Deidentified information
We maintain and use deidentified information in deidentified form and will not attempt reidentification unless legally permitted.
10. Updates to Our Privacy Policy
We may update this Privacy Policy in response to legal, technical, or business developments. For material changes to information collection, use, sharing, or processing practices, we will notify you by posting notice on the Website, emailing your last provided address, or using another lawful communication channel.
11. Alternative Format
If you need this notice in another format, please contact us.
12. Contacting Us
To exercise rights or ask questions about this Privacy Policy, email contact@cfo-x.ai or write to:
CFO X, Inc.
© 2026 CFO X, Inc. All rights reserved.