1. INTRODUCTION

Welcome to Corresi Inc. ("Corresi," "we," "us," or "our"). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you visit our website at www.corresi.com (the "Website") or use our class action discovery and claim-filing services (the "Services"). By accessing or using our Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with these terms, please discontinue use of our Services immediately.

Corresi Inc. provides a platform that streamlines class-action settlement identification and claim management for consumers and law firms. Our services include a mobile application for consumers, an enterprise-grade CRM and targeting suite for law firms and settlement administrators, and APIs that connect to financial and social-media data sources to identify potential class-action claims. We are headquartered in Los Angeles, California and operate within the United States. This Privacy Policy explains how we collect, use, disclose and protect personal information when individuals access our websites, mobile applications, or other products and services (collectively, the Services).

We are not a "covered entity" under HIPAA, but we handle sensitive health-related data. As such, we follow the FTC’s Health Breach Notification Rule for vendors of personal health records and other applicable federal and state privacy laws. Our use of artificial intelligence (AI) and automated decision-making technology is governed by emerging state laws in California, Colorado and Texas, which impose duties such as risk assessments, transparency, consumer rights and anti-discrimination safeguards. Because privacy laws vary by jurisdiction, additional notices may supplement this policy for residents of certain states.

By using the Services, you consent to the practices described in this Privacy Policy. If you do not agree with these terms, please discontinue use of the Services. If you have questions or wish to exercise your privacy rights, please contact us using the details in the Contact Us section.

2. INFORMATION WE COLLECT

We collect information directly from you, automatically through your use of our Services, and from third-party sources to provide and improve our Services.

When you create an account, submit a claim, or interact with our Services, we may collect your contact information (e.g., name, email address, mailing address, phone number); claim information (e.g., date of birth, purchase history, or other details required for class action claim forms); and payment information (e.g., credit/debit card details, billing address) if you subscribe to our paid plans.

When you visit our Website, we may collect device & browser data (e.g., IP address, device type, browser type, operating system); usage data (e.g., pages visited, time spent, links clicked); and cookies & tracking technologies (e.g., cookies, web beacons, pixels) to enhance user experience and analyze trends.

We use third-party services to measure engagement, detect technical issues, and optimize marketing. These may include Google Analytics, TikTok Pixel, and ActiveCampaign. Each provider operates under its own privacy policy, which we encourage you to review.

We collect personal information from multiple sources, including information you provide directly, information generated automatically through your use of the Services, information obtained from third-party data providers and publicly available sources. Corresi builds data infrastructure to power efficient class-action identification, plaintiff discovery and settlement payout management. For consumers, our mobile app identifies potential class-action settlements, auto-fills and submits claim forms, and tracks payouts. For law firms and administrators, our platform provides targeted claimant discovery, CRM integration and automated claim submission. Our AI-driven recommendation engine analyzes financial transactions, purchase histories, social-media signals and other data to match consumers to relevant settlements.

We collect financial aggregation data such as transaction histories and account details through Plaid or similar APIs, used to identify purchases relevant to class-action settlements. We collect enrichment data such as demographic and professional details from services like Clearbit that help match users to potential claims. Social-media and public data, including posts or complaints on platforms like X (formerly Twitter), Facebook, TikTok, YouTube and LinkedIn, may also be processed for this purpose. We only collect publicly available content and honor each platform’s terms of service.

We collect public data from court filings, regulatory settlements, product recalls and other records using responsible and legal scraping practices. We do not bypass access restrictions and use licensed data brokers when required. We may also receive data from business customers, including law firms and settlement administrators, about potential claimants they invite to the Services.

Some of the data we collect may be considered sensitive personal information under privacy laws. This includes health data, precise geolocation, financial account information, government-issued identification numbers, racial or ethnic origin, sexual orientation, union membership, biometric data, and medical information. We only collect and use such data where reasonably necessary and proportionate for the Services.

We do not knowingly collect information from children under the age of 18. If we become aware that such information has been collected, we will delete it promptly and take measures to prevent future collection.

3. HOW WE USE PERSONAL INFORMATION

We use personal information to provide and improve the Services, including matching consumers to eligible class actions, auto-filling claim forms, managing user accounts, delivering settlement notifications, and facilitating settlement payouts. Our machine-learning systems are trained on financial transactions, social signals, and public data to assist in plaintiff discovery, recommendation generation, and service optimization. We perform risk assessments, monitor for algorithmic bias, and ensure human oversight to comply with applicable AI laws.

We communicate with users to respond to inquiries, send transactional updates, alert users about new settlements or claim statuses, and provide relevant legal information. Where permitted, we also use personal information for direct marketing, behavioral advertising, and analytics. Our systems respect privacy preferences and opt-out signals, and our analytics data is typically aggregated or de-identified.

We use personal information for legal compliance, including compliance with applicable data protection laws and FTC regulations, responding to court orders and regulatory inquiries, enforcing our policies, preventing fraud, and protecting our legal rights. We maintain the integrity and security of our systems and monitor for unauthorized activity.

We do not use automated decision-making technology to make decisions with legal or similarly significant effects without meaningful human involvement. When high-impact automated decisions are necessary, such as ranking claimants for limited funds, we provide advance notice and allow individuals to request human review.

4. LEGAL BASIS AND COMPLIANCE FRAMEWORK

Corresi complies with the California Consumer Privacy Act (CCPA/CPRA), Colorado’s Artificial Intelligence Act (CAIA), Texas’s Responsible Artificial Intelligence Governance Act (TRAIGA), the Gramm–Leach–Bliley Act (GLBA), the FTC’s Health Breach Notification Rule (HBNR), and other applicable state and federal laws. We offer users rights of access, correction, deletion, opt-out, and human review under these frameworks. Corresi’s privacy and data protection measures are implemented across our systems, product design, and internal practices.

5. HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION

We may share personal information in the following circumstances: with class-action administrators and law firms when you request us to file a claim or when a law firm partners with us to identify claimants; with service providers and contractors who host our systems, process payments, provide analytics, send communications, detect fraud, and perform other functions subject to contractual obligations and security safeguards; with analytics and advertising partners under privacy-compliant conditions; with professional advisors such as auditors or lawyers; with government authorities when required by law or for safety reasons; and during business transfers in the context of mergers or acquisitions. We do not sell personal information under CCPA definitions.

6. DATA SECURITY AND RETENTION

We implement administrative, technical, and physical safeguards designed to protect personal information against loss, theft, unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit and at rest, role-based access controls, intrusion detection, regular security assessments, anonymization or pseudonymization of data where practical, and staff training on data protection.

We retain personal information for as long as needed to fulfill the purposes described in this policy, comply with legal obligations (e.g., record-keeping for tax or regulatory requirements), resolve disputes, and enforce our agreements. When personal information is no longer required, we will delete or de-identify it in accordance with our data retention schedule and applicable laws. Aggregated or de-identified data may be retained indefinitely for analytics and research.

7. YOUR PRIVACY RIGHTS AND CHOICES

Depending on your jurisdiction, you may have the right to know what data we have collected about you, request a copy of your data, correct inaccuracies, delete personal information, limit the use of sensitive information, opt out of the sale or sharing of personal information, and request human review of automated decisions. These rights are available to California residents under the CPRA and, where applicable, to users in other states such as Colorado and Texas. We honor authorized agent requests and will verify identity as required. We respond to requests within the legally mandated time period.

8. INTERNATIONAL DATA TRANSFERS

Our servers are located in the United States, and our service providers may process personal information in the U.S. or other countries. If you access the Services from outside the United States, your information may be transferred to, stored in and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Services, you consent to these transfers. When transferring data internationally, we implement appropriate safeguards, such as standard contractual clauses, to protect your information.

9. THIRD-PARTY LINKS AND SERVICES

The Services may contain links to third-party websites, plug-ins, applications or services. We are not responsible for the privacy practices or the content of those third parties. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We encourage you to read the privacy policies of every website or service you visit.

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. We will notify you of material changes by posting an updated version on our Website and indicating the date of the latest revision at the top of this document. In certain cases, we may provide additional notice (such as email notifications or in-app alerts). Your continued use of the Services following any updates constitutes acceptance of the revised Privacy Policy.

11. CONTACT US

If you have any questions, concerns, complaints, or requests related to this Privacy Policy or our data practices, please contact us at:

Corresi Inc.

Email: hello@corresi.com

Website: www.corresi.com

We are committed to addressing your inquiries promptly and protecting your privacy to the best of our ability.