Privacy Policy

Effective date: June 5, 2026 · Version: 26.06.05

Placeholder — pending legal review. This policy is a detailed starting point and has not yet been finalized by counsel. Several sections describe systems and vendors (cookie banner, analytics, customer portal, payment processing) that should be confirmed against what the live site and product actually use before launch.

Lenni LLC (doing business as "Lenni," "we," "us," or "our") respects your privacy. This Privacy Policy explains what information we collect when you visit withlenni.com (the "Site") or otherwise interact with us, how we use that information, who we share it with, and the choices you have.

1. Who This Policy Applies To

This policy applies to visitors to our Site, to people who contact us, sign up for our newsletter, book a meeting with us, or create a Lenni customer-portal account.

This policy does not apply to information that our business customers (typically banks and other financial institutions) process inside their own banking systems or through Lenni's products such as Convey by Lenni. Information that flows through a Lenni product on behalf of one of our business customers — for example, a borrower's loan-application data submitted through a bank's Convey-powered instance — is governed by the Master Services Agreement, the Data Processing Addendum, and the applicable Product Addendum between Lenni and that business customer, not by this Privacy Policy. The business customer is the data controller for that information, and Lenni acts as a service provider and data processor on the business customer's behalf.

2. Information We Collect

We collect personal information in three ways: what you give us, what we collect automatically, and what we receive from third parties working on our behalf.

Information you give us directly. When you fill out our contact or demo request form, you typically provide your name, business email address, company name, role, and the message you write to us. If you subscribe to our newsletter, you provide an email address (and optionally a name). If you book a meeting with us through our scheduling tool, you provide the information requested by that tool — typically your name, email, time zone, and the meeting topic.

Information we collect automatically. When you visit the Site, we and our analytics provider automatically collect technical information about your visit, including your IP address, approximate location (derived from IP), browser type and version, operating system, device type, the pages you view, the links you click, referring and exit URLs, and timestamps. This information is collected through cookies, pixels, and similar technologies (see Section 5).

Information from third parties. We may receive information about you from the third parties that help us run the Site and our outreach — for example, from Mailchimp when you engage with one of our emails, or from Calendly when you complete a booking. We may also receive information from publicly available sources (such as a company website or LinkedIn profile) to help us prepare for a conversation you've requested.

Customer-portal account information. When you create a Lenni customer-portal account on behalf of a business customer that subscribes to a Lenni product, we collect:

Your name and business email address;
The institution you are affiliated with (typically your employer) and your role or title;
Authentication credentials (a password you select, or a federated identity from an identity provider you sign in with);
Multi-factor authentication enrollment information (such as a phone number or authenticator-app registration, where multi-factor authentication is enabled);
Profile preferences you set within the portal; and
Usage and audit information about your activity in the portal (such as logins, configuration changes, and other material actions), which we retain for security and operational purposes.

If your employer (a Lenni business customer) pays Lenni for a Lenni product through the customer portal, payment information is collected and processed by our third-party payment processor under that processor's own terms; Lenni receives only a limited record of the transaction (e.g., last four digits of card, transaction status, billing contact). We do not store full payment-card numbers.

We do not intentionally collect any sensitive personal data through the Site or the customer portal beyond what is described above (in particular, we do not intentionally collect government identifiers, financial-account numbers, health information, or precise geolocation through the Site or portal).

3. How We Use Your Information

We use the information described above to operate the Site, the customer portal, and our business. Specifically, we use it to:

respond to your inquiries and demo requests;
send you the newsletter or emails you've asked to receive;
schedule and conduct meetings with you;
understand how the Site and customer portal are used and improve them;
create, secure, and operate your Lenni customer-portal account, including authentication, multi-factor authentication, and audit logging;
send service-related communications (such as security alerts, billing notices, and material changes to terms);
prevent fraud and abuse; and
comply with our legal obligations.

We process your information because you've asked us to (for example, you submitted a form or created an account), because we have a legitimate business interest in operating and improving our Site, products, and outreach, or because we are required to by law.

4. Who We Share Your Information With

We share information only as needed to operate the Site, the customer portal, and our business. The categories of recipients are:

Service providers acting on our behalf. Today this includes Google Analytics (GA4) for website analytics, Mailchimp for newsletter and marketing email delivery, Calendly for meeting scheduling, our hosting and infrastructure providers, our payment processor (for customer-portal transactions), and our identity-provider and authentication services (for customer-portal login and multi-factor authentication). These providers process information under their own privacy and security commitments and use it to provide services to us; they are not permitted to use your personal information for their own independent purposes.
Professional advisors (such as our lawyers and accountants) when we need their advice.
Government authorities or other third parties when we are required to do so by law, valid legal process, or to protect the rights, safety, or property of Lenni, our customers, or the public.
A buyer or successor in the event of a merger, acquisition, financing, reorganization, or sale of all or a portion of our business.

We do not sell your personal data, and we do not share your personal data for purposes of cross-context behavioral advertising or targeted advertising as those terms are defined under Texas law or comparable state laws.

5. Cookies, Analytics, and Your Choices

We use cookies and similar technologies to remember your preferences, understand how the Site is used, and measure the performance of our outreach. Some cookies are strictly necessary to make the Site and the customer portal work; others are used for analytics.

Cookie banner and opt-out. When you first visit the Site, you'll see a cookie banner that lets you accept or reject non-essential cookies. You can change your preferences at any time through the cookie settings link in the Site footer. You can also control cookies through your browser settings and opt out of Google Analytics specifically by installing the Google Analytics Opt-Out Browser Add-on.

Do Not Track. Browsers can send a "Do Not Track" signal. There is no industry-standard way to interpret this signal, and most websites — including ours — do not currently respond to it. You can use the cookie banner and the browser-level controls described above to manage tracking on the Site.

6. How We Protect Your Information

We use reasonable administrative, technical, and physical safeguards to protect personal information against loss, misuse, and unauthorized access — including access controls, encryption in transit (TLS 1.2 or higher), encryption at rest for stored data, periodic risk assessments, and using reputable service providers. For the customer portal we additionally require unique credentials, support multi-factor authentication, and maintain audit logs of material account activity.

You play a role in security too. Please use a strong, unique password for your Lenni customer-portal account, enable multi-factor authentication where offered, do not share your credentials, and notify us promptly at hello@withlenni.com if you believe your account has been accessed without your authorization. No method of transmission or storage is perfectly secure, however, and we cannot guarantee absolute security.

7. How Long We Keep Your Information

We retain personal information for as long as reasonably necessary to provide the Site, the customer portal, and our services; to respond to your inquiries; to comply with our legal and recordkeeping obligations; to resolve disputes; and to enforce our agreements. Customer-portal accounts are retained for the duration of the underlying business-customer relationship and for a reasonable period thereafter, consistent with our agreements with the business customer and applicable law. Newsletter subscribers can unsubscribe at any time using the link in any email; once you unsubscribe we will retain only the minimum information needed to honor your opt-out.

8. Children's Privacy

The Site and the customer portal are intended for businesses and the adults who work in them. They are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us personal information, please contact us at the address below and we will delete it.

9. Your Rights — Texas Residents (and Others)

If you are a Texas resident, the Texas Data Privacy and Security Act gives you the following rights with respect to the personal information we hold about you:

The right to confirm whether we are processing your personal information and to access that information.
The right to correct inaccuracies in your personal information.
The right to delete personal information we have collected from you.
The right to a portable copy of personal information you previously provided to us, in a readily usable format, where technically feasible.
The right to opt out of the processing of your personal information for targeted advertising, sale, or profiling in furtherance of decisions that produce legal or similarly significant effects. As noted above, we do not engage in any of these activities today, so there is nothing to opt out of — but the right is preserved.

How to exercise your rights. Send your request to hello@withlenni.com with the subject line "Privacy Request." We will verify your identity using the information we already have about you (for example, by replying to a known email address) and respond within 45 days. If we need more time, we will tell you and provide an updated timeline.

Appeals. If we decline your request, we will tell you why. You may appeal that decision by replying to our response within a reasonable time, and we will respond to your appeal within 60 days. If your appeal is denied, you may contact the Office of the Texas Attorney General at texasattorneygeneral.gov/consumer-protection to submit a complaint.

Authorized agents. You may use an authorized agent to submit a request on your behalf. We may ask the agent to provide proof of authorization and may ask you to verify your identity directly.

Residents of other states. If you live in a U.S. state that grants you similar privacy rights (including California, Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws), we will honor those rights to the extent required by applicable law. Send your request to the same email above.

Note for borrowers and other end-users of our business customers' platforms. If you are an applicant or borrower interacting with a bank or financial institution through a Lenni-powered product such as Convey, your rights with respect to that information are exercised through the bank or financial institution, which is the controller of that information. You can ask Lenni for help identifying the appropriate contact at the bank, but Lenni will refer the substance of your request to the bank.

10. Third-Party Links

The Site and the customer portal may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy notices before providing them any information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll update the "Effective date" and "Version" at the top of the policy. If the changes are material, we will provide reasonable additional notice — for example, by posting a notice on the Site, by email to subscribers, or by notice within the customer portal. Your continued use of the Site or the customer portal after the effective date of the updated policy constitutes your acceptance of the updated policy.

12. How to Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Lenni LLC
1578 Crescent Pointe Pkwy, STE 100
College Station, TX 77845
Email: hello@withlenni.com