Privacy Policy


Effective Date: February 4, 2024

This privacy notice describes how Amberoon Inc. uses and protects any information that we may collect about you when you visit our website ( and other websites operated by us (collectively the “Sites”), when you use our Services, or communicate with us.

We offer to financial institutions (“Clients”) access to our SaaS platform for various risk management and anti-money laundering (AML) compliance services, including its Lucre AML and Statum KPI software solutions (collectively, the “Services”). Please rest assured that the protection and security of your Personal Information are very important to us,. The following sections explain our collection, use, disclosure, retention, and protection of your personal data.

Collection, Processing and Use of Personal Information

For purposes of this Privacy Policy, "Personal Information" means any information from or about an individual that either reasonably identifies that individual or that makes that individual reasonably identifiable when it is combined with other information from that individual.

    • What Data is Automatically Collected

Most of the data we collect from the Sites and the Services is technical in nature and is collected and processed automatically through cookies and similar widgets used on the Sites. The data we may collect by such automated means may include:

The Uniform Resource Locator (“URL”) of the site you visited before coming to our Sites, the URL of the site you visit after leaving our Sites, the type of browser you are using and your Internet Protocol (“IP”) address;

Behavioral data or usage history relating to the Sites;

Browsing history; and

Information we collect on the use of the Sites via cookies.

This automatically collected data may constitute Personal Information by itself, or in combination with other data.

What Data is Automatically Collected

To make your visit to our Sites more attractive and facilitate the quality and use of certain features, we use "cookies". Cookies are small files that are stored on your device and save specific settings and data for exchange with our system via your browser. Cookies do not contain personal information and cannot be traced to a specific individual. We receive only anonymous and aggregated information, such as which pages on our Sites have been viewed. Please keep in mind that certain cookies are already set when you access our Sites. You can configure your browser so that you are notified about the setting of cookies and personally choose whether to accept them or not or exclude the acceptance of cookies in certain cases or generally.

Internet browsers allow you to control the storage of cookies on your computer. This is described in the Help menu of each browser and explains how to change your cookie settings. However, deactivating cookies may render some functions of our Sites unusable.

We use Google Analytics and HubSpot Analytics for our Sites. By using cookies, these analytics applications collect and store data such as time of visit, pages visited, time spent on each page of the Sites, the Internet Protocol address, and the type of operating system used in the devices used to access the Sites. By using a browser plugin available at provided by Google, you can opt out of Google Analytics.

Similarly, you may learn how to opt out of HubSpot Analytics by clicking here.

What types of Cookies are used?

      1. Required cookies enable you to navigate the Sites and use its features, such as accessing secure areas of the Sites and using our Services. If you have registered with us, we use cookies containing encrypted information to allow us to uniquely identify you. These cookies allow us to uniquely identify you when you are logged into the Sites and to process your requests. There is no option to opt out of these cookies since they required cookies are essential to operate the Sites.
      2. Performance cookies collect information about how you use the Sites, including which pages you frequently visit and any error messages from certain pages. We only use the information collected from performance cookies to improve how the Sites perform. To learn how to opt out of performance cookies using your browser settings, click here. To learn how to manage privacy and storage settings for Flash cookies, click here.
      3. Functionality cookies allow the Sites to remember data that you have entered or choices you make (such as your username or region) so that we can provide more personalized features, and optimize your use of the Sites after logging in. We may use local Flash cookies to recognize your preferences or display content based upon what you view on the Sites to personalize your visit. To learn how to opt out of functionality cookies using your browser settings, click here. To learn how to manage privacy and storage settings for Flash cookies, click here.

      What Data Will We Collect from Third Parties

In connection with the Services, we may receive information from our business partners such as the Certified Public Accountants and ID verification service providers or external registries (such as information about being a politically exposed person (PEP), checks in public sanction lists and other information from such registries, as determined by the Client). This data may include first name, last name, addresses, account numbers, social security numbers, employer identification numbers, email addresses, phone numbers and other details

Data That You Provide to Amberoon

As part of the Services that we are providing to Clients, we will be providing personal identity verification services for the Clients, and will verify the personal identify of the Client’s customers or prospectives customers (collectively, the “End Users”). We will collect data that you (or the End-User) provide to us directly when you use our Services, or communicate with us. The information you provide to us directly may include the following information that may, alone or in combination with other data, constitute Personal Information:

      • Information you provide via email or using the contact details listed on various parts of the Sites, including your name, company, and phone number, and any other information you provide to us;
      • As a Client, we may also process certain Personal Information in the course of our business relation with such as your name, company, title, e-mail address, phone number, and address.
      • During the course of performing the Services, we will also be collecting personal information from the End-User, which consists mainly of information on the End-User’s documentation (such as driver’s license, passport, or other identification documents) that are extracted therefrom such as the End-User’s name, sex, date of birth, identification number, social security numbers, age, nationality, citizenship, organ donor status, eye color, weight and height, employer identification numbers, employee payroll data, hire reports, prior tax filings, , and other records as required to perform the Services. For passport documents of End-Users, this will also include the name of the issuing country, number, expiration date, and other information embedded to passport document.
      • We will also be receiving and processing identity verification data, such as photographs taken from you and your document, and video and sound recording of the verification process (of the whole session, if such recording is enabled by the End-User or Client).
    1. For What Purposes Do We Collect and Use Personal Information

The data collected automatically in connection with the Services is used to for the following purposes

      • To perform the Services, including identity verification services for the Client and End-User
      • Respond to questions, requests, comments or complaints made by you or otherwise communicate with you;
      • Analytics and/or market research;
      • Advertising;
      • To track new visitors to the Sites;
      • Troubleshooting and maintenance of the Sites;
      • Obtaining geographic information of our visitors;
      • Improving our understanding of how Clients and End-users interact with the Sites and the Services;
      • Improving the Sites and the Services;
      • To measure the overall effectiveness of our marketing and content;
      • To help us recognize your browser as a previous visitor to the Sites; and
      • Complying with applicable law, and cooperating with law enforcement activities.

In addition to the above, we use the Personal Information for our legitimate purposes of protecting our legal rights and the data we process, in connection with legal claims, and for compliance, regulatory, and investigative purposes. This may include sharing the Personal Information with third parties, such as governmental authorities or law enforcement officials subject to applicable law.

    • Sharing of Personal Information.

We may disclose Personal Information with the following third parties:

      • With respect to the Personal Information of the End-Users, the Client will have access to the End-User’s Personal Data, which we may share including identity verification data with the Client through which the End-User used our identity verification services
      • Service providers, such as cloud data storage service providers, marketing service providers, and ID verification service providers or external registries (such as information about being a politically exposed person (PEP), checks in public sanction lists and other information from such registries, as determined by the Client). Such service providers are only allowed to use Personal Information disclosed to them for the purpose of providing us the services and for no other purposes;
      • Third party financial institutions (such as payment processing companies like Paypal and Stripe) with whom we partner, for them to provide joint content and services, such as facilitating the processing of payments, to prevent, detect, mitigate, and investigate potentially illegal acts, fraud and/or security breaches;
      • Law enforcement or governmental agencies (such as the IRS), to comply with our legal requirements, respond to claims, or protect anyone's rights, property or safety; and
      • Our subsidiaries and affiliates; or a subsequent owner, co-owner or operator of the Sites and/or the Services and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization, in accordance with this Privacy Notice.

The use by the mentioned third parties of the disclosed data is strictly limited to these mentioned purposes. We will never disclose your personal data to a third party for marketing purposes without your consent.

    • Retention of Data and Data Security
      1. We retain Personal Information about you only for as long as needed for the purposes for which it was collected and to comply with applicable laws. If you are an End-user , we will retain Personal Information about you until the Services are completed and subject to the data retention policies stated in our agreements with you.
      2. We maintain commercially reasonable data security measures against the risk of loss, misuse, unauthorized access, which includes end-to-end encryption for Personal Information in transit and encryption for Personal Information at rest. All information that you provide to us is stored on our secure servers behind firewalls. We continually adapt our security measures to reflect technological developments.

We also take internal protection measures. Our employees are obliged to maintain secrecy and comply with applicable data protection laws. In addition, employees and service providers are only granted access to personal data on a “need to know” basis.

While we strive to do our best to protect your personal data, we cannot absolutely guarantee that unauthorized access to, or disclosure of, your personal data will never occur. We therefore cannot warrant that Personal Information about you will be protected against, loss, misuse, or alteration by such bad actors or criminals.

    • Links To Other Websites.

This privacy policy addresses only our use and handling of personal data we collect from you in connection with providing you our Services through our Sites. The Sites may contain links to other websites of interest. However, once you have used these links to leave our Sites, we do not have any control over third party websites.

If you disclose your information to a third party, or visit a third party website via a link in our Sites, their respective privacy policy will apply to any personal data that you provide to them or that they collect from you. We cannot guarantee the privacy or security of your personal data once you provide it to a third party and we encourage you to consult the privacy policies and security policies of third parties before entering into a transaction and choosing to share your personal data.

We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and review the privacy notice applicable to the website in question.

    • Children’s Privacy.

The Sites and the Services are not intended for children under the age of 18. As such, we do not intend to collect Personal Information from anyone we know to be under 18 years of age. If you are under the age of 18, you are not permitted to use the Sites.

    • Do-Not-Track-Signals

Our Sites do not respond to do-not-track signals. You may, however, disable certain tracking as discussed above (e.g., by disabling cookies) as set out above.

    • Notice To California Residents Only.

California Civil Code Section 1798.83 permits Website(s) users who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make a request, please contact us:

Furthermore, California residents have the following rights with respect to Personal Information we may have collected about them:

      • You have the right to request that we disclose:
        1. The categories of Personal Information we have collected about you;
        2. The categories of Personal Information about you we have sold or disclosed for a business purpose;
        3. The categories of sources from which we have collected Personal Information about you;
        4. The business or commercial purposes for selling or collecting Personal Information about you;
        5. The categories of Personal Information sold or shared about you, as well as the categories of third parties to whom the Personal Information was sold, by category of Personal Information for each party to whom Personal Information was sold; and
        6. The specific pieces of Personal Information collected.

You may submit a request to know via We will respond to you via e-mail or by mail. We are not required to respond to requests to know more than twice in a 12-month period.

      1. You have the right to request that we delete any Personal Information about you that we have collected. Upon receiving a verified request to delete Personal Information, we will do so unless otherwise authorized by law. You may submit a request to delete Personal Information by contacting us below.
      2. You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.
      3. Methods for Submitting Consumer Requests. You may submit a request to review and request to delete Personal Information by emailing us at

We may ask you for additional information to verify your identity after we receive your request. Any additional information you provide will be used only to verify your identity and not for any other purpose.

We will acknowledge the receipt of your request within ten (10) days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 days of receipt. In order to protect your privacy and the security of Personal Information about you, we verify your request by verifying your ownership of the email address used for the account. A verification link will be emailed to your email address for you to select and confirm your ownership of that email address, and then the data collection or deletion process can be initiated.

      1. You have the right not to be discriminated against for the exercise of your California privacy rights described above.
      2. Sale of Personal Information. We have not sold Personal Information collected in and through the Sites. Consequently, we do not have an opt-out functionality on the Sites.

    • Changes To The Privacy Notice.

This Privacy Notice may change from time to time, effective from the date mentioned in the updated version of the Privacy Notice. Please check the Sites periodically to review such changes in the Privacy Notice. We may email periodic reminders of our agreements and policies in the event of a change.

    • Questions, complaints or requests?

If you have any questions about this Privacy Notice, please contact us via the following:

Amberoon Inc.
20660 Stevens Creek Boulevard, Suite 249
Cupertino, CA, 95014