Statement

HomeFeaturesPricingBlog
HomeFeaturesPricingBlog
Log In

Privacy Policy

Last updated: 5th March 2026

1. Introduction

This Privacy Policy explains how Ananta Innovations Ltd (“Statement”, “we”, “our”, or “us”) collects, uses, stores, and protects personal data when you use our website, platform, and services.

Statement provides a financial intelligence platform that connects to financial systems and data sources to help businesses understand their financial position through analytics, insights, and conversational interfaces.

We are committed to protecting personal data and complying with applicable data protection laws including:

  • UK General Data Protection Regulation (UK GDPR)
  • EU General Data Protection Regulation (GDPR)
  • UK Data Protection Act 2018

This Privacy Policy applies when Statement acts as a data controller, including when individuals:

  • visit our website
  • create an account
  • request product demonstrations
  • communicate with our team

When Statement processes financial or operational data on behalf of customers, we act as a data processor. In those circumstances, data processing is governed by our Terms of Service and Data Processing Agreement.

2. Information We Collect

We collect personal data depending on how individuals interact with Statement.

2.1 Information Provided by Users

When users interact with Statement, we may collect:

  • name
  • email address
  • company name
  • role or job title
  • telephone number
  • account credentials
  • onboarding information
  • communications with our support team

2.2 Financial Data Processed Within the Platform

When customers connect financial services or upload financial data, Statement may process business financial information including:

  • transaction data
  • revenue and expense records
  • bank account balances
  • financial statements
  • payment processor data
  • accounting platform data
  • financial metadata and categorisation
  • derived financial analytics and insights

Financial data may originate from integrations such as:

  • accounting platforms
  • banking institutions via Open Banking providers
  • payment processors
  • financial APIs
  • financial files uploaded by customers

This information is processed solely to provide the functionality of the Statement platform.

Statement does not sell, rent, or monetise customer financial data.

Customer financial data is never used for advertising or behavioural profiling.

2.3 Platform Usage and Technical Data

When users access the Statement platform or website, we may collect technical information including:

  • IP address
  • browser type and version
  • device identifiers
  • operating system
  • session activity
  • platform interaction data
  • system logs and security events

This information is used to maintain service reliability, improve the product, and detect potential security threats.

2.4 Cookies and Website Analytics

Our website uses cookies and similar technologies for:

  • essential functionality
  • website performance monitoring
  • product analytics
  • security monitoring

Additional information about cookies is provided in our Cookie Policy.

3. Legal Basis for Processing Personal Data

We process personal data under the following legal bases:

Contractual Necessity

Processing necessary to provide the Statement platform and fulfil contractual obligations.

(GDPR Article 6(1)(b))

Legitimate Interests

Processing necessary for the operation, improvement, and security of our services.

(GDPR Article 6(1)(f))

Legal Obligations

Processing necessary to comply with regulatory or legal requirements.

(GDPR Article 6(1)(c))

Where consent is required for certain processing activities, it will be obtained in accordance with applicable law.

4. Artificial Intelligence and Automated Analysis

Statement uses artificial intelligence and machine learning models to analyse financial information and generate insights.

These systems may be used to:

  • categorise financial transactions
  • detect financial trends or anomalies
  • generate summaries and explanations of financial activity
  • answer financial queries submitted by users

AI systems operate on structured financial data provided by customers and are designed to assist users in interpreting financial information.

Statement does not make decisions that produce legal or similarly significant effects based solely on automated processing.

AI-generated outputs are intended to support human decision-making and should not be interpreted as financial advice.

5. Customer Data Isolation and Use of Financial Data

Statement is designed to ensure that customer financial data is handled with strict confidentiality.

Accordingly:

  • customer financial data is logically isolated between accounts
  • data from one customer is not accessible to other customers
  • customer financial data is not used to train shared AI models unless explicitly authorised
  • financial information is processed only for the purpose of providing the Statement service

Statement does not aggregate customer financial data for resale, advertising, or behavioural profiling.

6. Sharing of Personal Data

We may share personal data with trusted third parties where necessary to operate and support the Statement platform.

These may include:

Cloud Infrastructure Providers

Hosting providers responsible for running and securing our platform infrastructure.

Financial Integration Providers

Providers that enable secure connections to banking systems, accounting platforms, and financial APIs.

Analytics and Monitoring Services

Providers used to monitor system performance, detect incidents, and maintain platform reliability.

Professional Advisors

Legal, compliance, accounting, and professional advisory services.

Regulatory Authorities

Authorities or regulators where disclosure is required by law.

All service providers are subject to contractual safeguards including Data Processing Agreements compliant with Article 28 GDPR.

Service providers are permitted to process personal data only for the purposes specified by Statement.

7. International Data Transfers

Some of our infrastructure or service providers may operate outside the United Kingdom or European Economic Area.

When personal data is transferred internationally, we implement safeguards including:

  • Standard Contractual Clauses approved by the European Commission
  • UK International Data Transfer Agreements
  • adequacy decisions issued by relevant authorities

These mechanisms ensure that personal data remains protected when transferred across borders.

8. Data Security

Statement implements technical and organisational measures designed to protect personal data and financial information.

Security measures include:

  • encryption of data in transit
  • encryption of sensitive data at rest
  • strict access control and authentication policies
  • role based access management
  • infrastructure monitoring and logging
  • security incident detection and response procedures
  • secure cloud infrastructure environments

Access to personal data is restricted to authorised personnel who require it to perform operational duties.

All personnel handling personal data are subject to confidentiality obligations.

9. Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes outlined in this Privacy Policy.

Typical retention periods include:

Account information

Retained for the duration of the account and up to three years after account closure.

Financial data processed within the platform

Retained for the duration of the customer relationship unless deleted earlier by the customer.

Legal, compliance, and accounting records

Retained for up to six years where required by law.

Marketing communications

Retained until the individual unsubscribes or withdraws consent.

10. Your Data Protection Rights

Individuals may have the following rights under applicable data protection law:

  • right to access personal data
  • right to correct inaccurate information
  • right to request deletion of personal data
  • right to restrict processing
  • right to object to certain processing activities
  • right to data portability where applicable
  • right to withdraw consent where processing is based on consent

11. Complaints

If you believe that your personal data has been handled improperly, you have the right to lodge a complaint with the relevant supervisory authority.

In the United Kingdom, complaints may be submitted to the Information Commissioner's Office (ICO).

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes to our services, technology, or legal obligations.

The most recent version will always be available on our website with the updated revision date.

Questions regarding this Privacy Policy may be directed to:

privacy@askstatement.com

© Statament. All Rights Reserved 2026