dv01dv01 Logodv01 fitch logo white

dv01, Inc. Privacy Policy

Introduction

Last Updated: November 21, 2025

dv01, Inc. (“dv01,” the “Company,” “we,” “our,” or “us”), a subsidiary of Fitch Solutions, Inc. (“Fitch”) provides an all-in-one data management, reporting, and analytics platform that brings transparency and insight to lending markets—making them more efficient for institutional investors and safer for the world.

When users access or use our products or services (including the dv01.co and dv01app.com sites, collectively, the “Services”), we collect personally identifiable information from such users, which includes any information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual (collectively, “Personal Information”).

Scope of Privacy Policy

This Privacy Policy (this “Policy”) describes dv01’s collection, use, maintenance and disclosure of your (“you”, “your”) Personal Information in connection with your access to and use of the Services, and the steps that we take to safeguard it. It does not apply to information collected by us offline or through any other means not described in this Policy, or to information collected by any third party linked to via the Services. By accessing or using the Services, you agree to the collection and use of your Personal Information in accordance with the terms of this Policy.

In the event of any conflict between this Policy and a definitive agreement entered into between us and you, then the terms of the definitive agreement shall govern. This Policy is incorporated into and made a part of our website Terms and Conditions of Service, and collectively comprises a legally binding agreement between you and dv01.

Information That We Collect

When you access or use one of our Services, we obtain various types of information related to you and your use of the Service. This information includes Personal Information that directly identifies you, such as your name or contact information, as well as information such as online identifiers or cookie-level data that may indirectly identify you.

The information we obtain generally consists of information that (1) you provide us about yourself or that we directly collect from you, (2) you provide us about others, (3) automatically collected about your interactions with the Services, and (4) we get from other sources as described further below.

Information that we collect directly from you

dv01 may ask you to provide information about yourself when you use the Services, including when you create an account, complete a form, or subscribe to a mailing list. You may not be able to use certain features of the Services if you choose not to submit the requested information. When you voluntarily enter your registration information to access the Services, or when you contact us with comments or inquiries, we collect the following Personal Information:

your name

your email address

your phone number

Information That We Collect Passively

The Services automatically log certain information about visits to the Services, such as the number and frequency of visitors, technical information about browsers and devices used to access the Services, and information about crashes or other technical issues.

The information automatically collected includes the following:

  • Information about your computer, device, browser and operating system (e.g., type, model, and/or version).

  • Internet protocol (IP) address, which is used to derive your general geographic area (e.g., city and country).

  • Device identifiers.

  • Information about your interactions with the Services, including browsing activities and clickstream data that reflect the Services you have accessed, clicked on, or viewed.

  • Demographic and interests information (e.g., region, industry sector, preferred language, topics of interest).

In addition, in accordance with your expressed preferences, we and third parties automatically collect certain information through cookies and similar tools (referred collectively as “Cookies and Similar Technologies”) about your activities over time across the Services as well as across third-party sites, apps or other media. Cookies are small pieces of information that a website sends to your computer’s hard drive while you are viewing a website. We collect data using both session cookies (which expire when you close your browser) and persistent cookies (which stay on your computer until you delete them). We also use web beacons, page tags, pixels or similar tools and information to gather and store “clickstream information.” You can choose what cookies are used on dv01.co by selecting the cookie notice settings menu. Persistent cookies can be removed by following your browser’s instructions (for more information, see allaboutcookies.org). Please note: if you choose to disable cookies, some of our Services may not work properly.

How We Use Your Information

We use the Personal Information that you provide voluntarily to send business updates, event announcements, promotional materials or other information to you via newsletter.

We use other information that we collect passively, including, but not limited to Personal Information, to enhance, improve, operate, and maintain our Services, as well as to develop new products and services.

We use your information for legitimate business and marketing purposes, including:

To enable your access to and generally supply the Services

Support internal business operations, including assessing and managing risk

Analyze usage of the Services

Issue benchmarking and other similar reports

Send marketing emails

Respond to your requests

We also may use your information to protect our rights and the rights of others. This protection includes:

  • Detecting, preventing and responding to fraud or potentially illegal activities, misuse of the Services, intellectual property infringement or other violations of law, this Policy, our Terms of Service or other Company policies.

  • Performing audits, assessments, and testing or troubleshooting activities.

  • Backing up our systems, including for disaster recovery purposes, and enhancing the overall security of the Services.

  • Complying with and enforcing applicable legal requirements, including legal process such as court orders, warrants, regulatory investigations, or subpoenas, and/or fulfilling contractual obligations.

Legal Basis for Using the Information

We have a legal basis to process your Personal Information. The legal basis will be one of the following:

  • To honor our contractual obligations to you when we use your information to provide you with the Services. For example, when you purchase a Service from us, it will be necessary to process contact details to confirm and provide the Service.

  • To comply with our legal obligations when we use your information to protect our rights or the rights of others and when we share your information with other parties where required by law or as necessary to protect our rights. We are required to collect certain information from you when processing your subscription payment for tax or financial reporting reasons. Similarly, local tax law will often require us to keep information about contest or promotion participants for audit and taxation purposes.

  • To meet our legitimate interests when we use your information to provide you with the Services, to communicate with you and for advertising and marketing purposes, including interest-based advertising or when we share your information with our affiliates and subsidiaries, in the context of a corporate transaction or with our business partners, social media platforms and advertisers. Our legitimate interests include improving the Services, understanding how you interact with our Services, deriving knowledge to develop new products and services, and customizing the Services by making them more relevant and interesting to you and others. When we process Personal Information to meet our legitimate interests, we put in place safeguards to help ensure that your privacy is given due regard.

  • We will obtain your consent to collect and use certain types of Personal Information when we are required to do so by law (for example, in relation to sharing of your information with third parties for their own marketing activities). If we ask for your consent to process your Personal Information, you can withdraw your consent at any time by contacting us.

Disclosure & Sharing of Information

We may share your information, including Personal Information, with certain third parties as follows:

Affiliates. We are currently a subsidiary of Fitch with whom we may have shared users’ Personal Information as part of the acquisition. If we further undergo an acquisition, merger, reorganization, dissolution, or a change of control or other similar corporate event, user information, including Personal Information, may be one of the assets that is transferred or acquired by a third party as one of our business assets.

Other Parties When Required by Law or As Necessary to Protect Our Rights. We share your information as and when we believe it necessary or appropriate to protect, enforce, or defend our legal rights, the privacy or safety of our employees, users of the Services or other individuals and entities, or to comply with or enforce applicable law or legal process, including responding to court orders, warrants, regulatory investigations, subpoenas and other requests from public and government authorities.

With Your Consent or Otherwise at Your Direction. In addition, we share your information with third parties when you consent to or request such sharing.

Service Providers. In connection with the operation of the Services, we engage various third parties to provide services or handle transactions on our behalf. These service providers use the information we provide to them as necessary or appropriate for the performance of their services. The third-party service providers that we currently share information with are listed below:

Google, USA

Cloud computing and data hosting

https://cloud.google.com/

https://gsuite.google.com/

FreshDesk, USA

https://freshdesk.com/

SendGrid, USA

https://sendgrid.com/

Heap

https://www.heap.io/privacy

MailChimp

https://mailchimp.com/legal/

Salesforce

https://www.salesforce.com/company/legal/privacy/

Your Rights Over Your Personal Information

In certain circumstances, you may have the following rights in relation to the processing of your Personal Information:

  • Right to Access

    : To request a copy of the Personal Information we process in relation to you and to be informed about how we use and share your Personal Information.

  • Right to Object:

    To object to the processing of your Personal Information if (i) we are processing your Personal Information on the grounds of legitimate interests or for the performance of a task in the public interest (including profiling); or (ii) if we are processing your Personal Information for direct marketing purposes.

  • Right to Rectification

    : To request that we update the Personal Information we process in relation to you, or to correct Personal Information that you think is incorrect or incomplete.

  • Right to Erasure

    : To ask that we delete Personal Information that we process in relation to you where we do not have a legal or regulatory obligation or other valid reason to continue to process it.

  • Right to Restriction:

    To request that we restrict the way in which we process your Personal Information, for example, if you dispute the accuracy of your Personal Information or have raised an objection which is under consideration.

  • Right to Portability:

    To request a copy of your Personal Information that you have provided to us in a commonly used electronic format such as through the completion of an application form.

  • Right to Automated Decision Making:

    To request manual intervention if you are subject to automated decisions where the decision results in a legal or similar effect to you.

Such requests are subject to applicable law. If you would like to discuss or exercise such rights, please contact us. We will contact you if we need additional information from you in order to honor your requests. For example, we may need to request specific information from you to help us confirm your identity and ensure your right to access the Personal Information requested, or to exercise any of your other rights. This is to ensure that Personal Information is not disclosed to any person who does not have authority to receive it.

We encourage you to contact us to update or correct your Personal Information if it changes or if the Personal Information we hold about you is inaccurate.

Your Choices, Including Opt-Outs

You may opt out of receiving marketing or promotional emails from us by clicking on the “unsubscribe” links contained in such emails. Depending on the Service you use, you may also be able to opt out of marketing or promotional emails by logging into your account and managing your email preferences. Please keep in mind that if you opt out of receiving marketing or promotional emails we will still send you transactional emails or other communications relating to your use of the Services (e.g., to inform you of changes to a Service or in response to your password recovery request).

How We Protect and Store Your Information

Trust and transparency are at the core of our business. To that end, we protect your Personal Information against unauthorized access, alteration, disclosure or destruction using appropriate techniques. Your data is encrypted when stored on our platform or systems and is removed when no longer needed. (Please note that some information may remain in our records after deletion of your account to satisfy legal obligations or where we believe that we have a legitimate reason to do so.) However, we recognize that not all security breaches may always be preventable. We maintain multiple layers of security and privacy controls in place to detect and respond to identified security incidents, but we do not guarantee or warrant that the techniques we employ will prevent all breaches of information about you that we store. If you register an account on the Services, you are responsible for keeping your password secure. Do not share your login credentials with others.

Do Not Track “DNT” option

Your browser may offer you a DNT option. DNT is a privacy option that you can set in your web browser which allows you to indicate that you do not want certain information about your online activity tracked over time and across different websites. We currently do not support DNT requests, which means that we continue to collect your information as described in this Policy.

Non-U.S. Users

Please be advised that your information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of Personal Information may be less stringent than the laws in your country. If you have concerns about our processing of your Personal Information, please do not use the Services.

EEA Residents

We collect your explicit consent before processing Personal Information collected using cookies. The legal basis on which we process other Personal Information is our legitimate interest to improve our services, address bugs, and enhance the user experience for our products. When legitimate interests serve as the basis for data processing, you have the right to object at any time.

You are also afforded the following rights over the use of your personal data under the European General Data Protection Regulation (“GDPR”):

Right to be informed – you must be informed of the types of Personal Information collected from you, the purposes for processing said data, and of the contact details of the individual responsible for data privacy

Right to access – you may request access to your personal data being processed, along with the purpose(s) for processing, and the estimated retention period

Right to rectification – you may request that your personal data be corrected where inaccuracies are identified

Right to erasure – you may request that your Personal Information be erased by dv01

Right to restrict processing – you may request that your Personal Information not be processed under certain circumstances, including where the accuracy of the data is contested or where the data is no longer needed

Right to data portability - you may request that a copy of all Personal Information be provided to you

If you are an EEA resident and wish to make a request, please contact us directly.

California Privacy Rights

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the address listed in Contact Us below.

Children’s Privacy

Our Services are not directed to children under the age of 18. We do not knowingly collect Personal Information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us. We will take immediate steps to remove that information.

Contacting us

If you have any questions or concerns regarding your privacy when using the Services, please send us a message to support@dv01.co. We will make every effort to resolve your concerns.

You may also get in touch by writing to us at:

dv01, Inc. Attn: General Counsel 33 Whitehall Street, Floor 24

New York, NY 10004

Changes to This Policy

We may amend this Policy from time to time. We encourage you to review it regularly to stay informed about how we collect, use and disclose Personal Information.