Privacy Policy

Who we are

Lootrunners, Inc. (“Lootrunners,” “we,” “us”) provides a global contractor operations platform for agencies and similar organizations. This Policy applies to information we process through our website and the Service.

For most data about contractors and clients, the Customer (the organization using the Service) is the controller and Lootrunners acts as a processor on its behalf. For our website, account administration, and billing, Lootrunners is the controller.

Information we collect

We collect the following categories of information:

• Account data — names, work email, role, organization details, and authentication data for users who create or manage a workspace.
• Contractor & recipient data — legal or business name, country, address, tax residency, engagement type, tax forms, and payout preferences, submitted by contractors or by the Customer.
• Engagement & financial records — clients, projects, budgets, milestones, invoices, approvals, payout instructions, fees, and reconciliation records.
• Payment-related data — bank or stablecoin destination details and transaction status. Sensitive payment credentials and verification documents are generally collected and held by our regulated Payment Partners, not by Lootrunners.
• Usage & device data — log data, IP address, device and browser information, and product interactions, collected to operate and secure the Service.
• Integration data — information exchanged with accounting and payment tools you connect, such as QuickBooks Online, Xero, or Stripe.

How we use information

We use information to: provide, maintain, and secure the Service; onboard contractors and configure workspaces; route approvals and instruct payments through Payment Partners; reconcile transactions with accounting systems; prevent fraud and meet legal, compliance, and sanctions obligations; provide support; and improve the Service. We do not sell personal information.

We may use aggregated or de-identified data, which does not identify any individual, for analytics and product development.

Legal bases

Where the GDPR or similar laws apply, we process personal data on the basis of: performance of a contract; compliance with legal obligations (including AML and sanctions requirements); our legitimate interests in operating and securing the Service; and consent where required. Where we act as a processor, we process data under our agreement with the Customer.

How we share

We share information only as needed to run the Service:

• Payment Partners — regulated providers that perform verification, conversion, custody, and transmission of funds.
• Service providers — vendors that host infrastructure, process data, or provide support under contractual confidentiality and security obligations.
• Integrations you authorize — accounting and payment systems you connect to your workspace.
• Legal & safety — authorities or parties where required by law, to enforce our terms, or to protect rights, safety, and the integrity of the Service. In a merger or acquisition, data may transfer as part of the transaction.

International transfers

We operate globally and may transfer and process information in countries other than where it was collected, including the United States. Where required, we use appropriate safeguards for cross-border transfers, such as the European Commission’s Standard Contractual Clauses or another lawful transfer mechanism.

Retention

We retain information for as long as needed to provide the Service and for legitimate business and legal purposes, including tax, accounting, audit, and compliance obligations, which may require retaining certain financial and transaction records for several years. When information is no longer needed, we delete or de-identify it.

Security

We use technical and organizational measures designed to protect information, including encryption in transit and at rest, least-privilege access controls, multi-factor authentication, payment-destination controls and holds, signed webhook validation, and audit logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Your rights

Depending on where you live, you may have rights to access, correct, delete, or port your personal data, to object to or restrict certain processing, and to withdraw consent. Residents of California and certain other states may have rights to know, delete, correct, and opt out of the “sale” or “sharing” of personal information; we do not sell personal information.

If a Customer controls your data (for example, your agency or the agency that engaged you), please direct requests to that organization; we will assist them as a processor. Otherwise, you can contact us using the details below. We will not discriminate against you for exercising your rights.

Cookies & analytics

We use necessary cookies to operate the Service and may use limited analytics to understand usage and improve the product. You can control cookies through your browser settings; disabling some cookies may affect functionality. Where required, we request consent for non-essential cookies.

Contractor data

When a Customer invites a contractor or vendor, that individual provides information to be paid through the Service. The Customer determines how that information is used within its workspace. We process it to deliver the Service, instruct payouts through Payment Partners, and meet compliance obligations, and we make payment-history and document records available to the contractor through their portal.

Children’s privacy

The Service is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will take appropriate steps to delete it.

Changes

We may update this Policy from time to time. If we make material changes, we will provide notice by posting the updated Policy with a new effective date or by notifying you in the Service. Your continued use after changes take effect constitutes acceptance.

Contact

For privacy questions or to exercise your rights, contact our privacy team.

Lootrunners, Inc.  ·  New York, NY  ·  [email protected]