Privacy Policy

CFD Service Company, Inc., doing business as Sapphire Guard (“Sapphire Guard,” “we,” “our,” or “us”), is committed to protecting the privacy of our applicants, clients, and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you use our cosigner service program, financial literacy course, and monthly budget tracking platform (collectively, the “Service”).

By submitting an application or using any part of our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not submit an application or use our Service.

We collect information you provide directly to us during the application and program enrollment process, including:

We use the personal information we collect for the following purposes:

• Cosigner Evaluation: To review your application, verify income documentation, and determine your eligibility for cosigner services.
• Program Delivery: To enroll you in the financial literacy course, send secure course links, and track your progress through the program.
• Waiver Administration: To generate, deliver, and store your signed cosigner service agreement.
• Budget Tracking: To receive, store, and review your monthly budget submissions as required by the active client program.
• Communications: To send program-related emails, including welcome messages, course instructions, reminders, approval notifications, and payment links.
• Fee Collection: To send payment links for the one-time cosigner service fee via our payment processor.
• Program Compliance: To monitor active client status and flag accounts that have not submitted required monthly budget updates.
• Legal Compliance: To comply with applicable laws, resolve disputes, and enforce our agreements.

We do not sell, rent, or trade your personal information for marketing purposes. We do not use your information for automated decision-making or profiling beyond the cosigner evaluation described above.

We take the security of your personal information seriously. Your data is stored and protected as follows:

• File Storage: Uploaded documents (pay stubs, photo ID, signed waivers) are stored in Cloudflare R2, a secure cloud object storage service with server-side encryption at rest. Files are accessible only through authenticated, time-limited administrative access.
• Database: Application data, course progress, budget submissions, and program records are stored in Cloudflare D1, a managed SQLite database with access controls limited to our application and authorized administrators.
• Token Security: Links to sensitive pages (waiver, budget submission) are protected by cryptographically signed tokens (HMAC-SHA256) that are unique to each applicant and expire with the associated record.
• Transit Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS / TLS.
• Access Controls: Administrative access to applicant data is protected by password authentication. Documents and records are only accessible to authorized Sapphire Guard staff.

While we implement commercially reasonable security measures, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

We do not sell or share your personal information with third parties for their own marketing or commercial purposes. We share your information only in the following limited circumstances:

• Payment Processor: We use Paysley to process the one-time cosigner service fee. When a payment link is sent to you, Paysley processes the transaction. Your payment information is entered directly into Paysley’s platform and is governed by Paysley’s own privacy policy. Sapphire Guard does not store your payment card details.
• Email Service Provider: We use Resend to deliver transactional emails. Your email address and name are transmitted to Resend solely for the purpose of delivering program communications.
• Property Management: We may confirm to the referring property management company or leasing agent that you have been approved as a Sapphire Guard cosigner client, and co-sign your lease as agreed. We do not share your full financial records or uploaded documents with property management without your consent.
• Legal Requirements: We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of Sapphire Guard, our clients, or others.

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy and to comply with applicable legal obligations:

• Active Clients: Your application data, documents, course records, and budget submissions are retained for the duration of your active cosigner service relationship with Sapphire Guard.
• After Termination: Following the end of your cosigner service relationship, we retain your records for a period of three (3) years to comply with legal obligations, resolve disputes, and maintain records of cosigned lease agreements.
• Incomplete Applications: Applications that are not completed or approved may be retained for up to twelve (12) months, after which they may be deleted.
• Uploaded Documents: Documents stored in Cloudflare R2 (pay stubs, photo ID, signed waiver) are retained for the same periods described above and then securely deleted.

You have the following rights with respect to your personal information held by Sapphire Guard:

• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we correct inaccurate or incomplete information in your record.
• Right to Deletion: You may request that we delete your personal information. Note that we may be required to retain certain information for legal compliance or contractual obligations. Deletion requests by active clients will result in termination of cosigner services.
• Right to Withdraw Consent: Where we process your information based on your consent, you may withdraw that consent at any time by contacting us.

To exercise any of these rights, please contact us at inquiries@sapphireguard.com. We will respond to your request within thirty (30) days. We may require you to verify your identity before processing your request.

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete such information.

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of our Service after any changes constitutes your acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact us: