Receive early payments on approved invoices
Access trusted lenders for tailored financing solutions
Find your customers offering early payment
Leverage Accounts Receivable (AR) analytics and intelligence to improve your cash flow outcomes
Answers to your questions about C2FO's cash flow solutions
C2FO powers early payment programs for the world’s largest companies.
Enhance cash flow through flexible early payment options
Accelerate supplier payments with flexible funding options
Track, compare, and optimize your working capital position across your supplier network
Optimize your working capital position with expert CPSM® guidance
Implement working capital optimization strategies with expert support
Get started with C2FO
Optimize your financial KPIs and working capital strategy with C2FO’s supplier financing solutions. See how easily you can implement our integrated platform to transform your financial performance. Learn more >
Recent Article
C2FO & PWC Collaboration: Modernizing Supply Chain Finance Read more >
Recent Case Study
Bunnies by the Bay Finds Trusted Financing with C2FO Lending Connections. Read more >
Do work that matters with a team that cares. C2FO is proud to be one of the fastest-growing, most dynamic financial technology companies, with career opportunities available around the globe.
IFC Updates
Learn more about our work with the IFC.
Last Updated Date: April 10, 2026
Pollen, Inc., under its trademark name and together with its subsidiaries and affiliates (“C2FO”, “we”, “our”, or “us”) are deeply committed to protecting user privacy (“user”, “you”, “your”). This Privacy Policy (“Policy”) governs the manner in which we collect, use, disclose, or otherwise process your Personal Information when you visit our website located at www.c2fo.com, including websites that link to this Policy (the “Sites”); use our underlying C2FO Services including mobile applications and APIs, (the “Service(s)”); and/or otherwise interact with our business.
As Used in This Policy:
“Applicable Data Protection Law(s)” means all applicable data protection and privacy laws and regulations ,which may include, without limitation, the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), equivalent requirements in the United Kingdom including the Data Protection Act 2018 and the United Kingdom General Data Protection Regulation (“UK Data Protection Law”), the California Consumer Privacy Act and associated regulations (“CCPA”), Swiss Federal Data Protection Act (“Swiss DPA”), and the California Privacy Act of 2020 (“CPRA”), each as applicable and as amended, repealed, consolidated or replaced from time to time.
“Business Contact Information” means when you do business with us, or use our Sites and/or Services, we may receive professional contact details of employees and other individuals associated with our Customers, their suppliers and customers, our partners, and service providers, such as first and last name, email address, phone number, title and department, and other information relevant to, and necessary for us to manage a particular business relationship or provide you with access to the Sites and/or Services.
“Customer Personal Information” means any data provided to us by our Customer that is Personal Information as defined and protected by Applicable Data Protection Law(s).
“Personal Information” means information about an identified or identifiable natural person, or which otherwise constitutes “personal data”, “personal information”, “personally identifiable information”, or similar terms as defined in Applicable Data Protection Law.
“Controller” or “Processor” for the purposes of the GDPR, other data protection laws as applicable in member states of the EU and other provisions related to data protection is Pollen, Inc. or the applicable contracting C2FO subsidiary or affiliate.
Our Services
Where we provide our Services under an agreement with our clients (“Customer”) that entity acts as a Controller of Personal Information (“Customer Personal Information”) when the Customer uploads, submits, or otherwise makes available Customer Personal Information (generally Business Contact Information) of their business partners (suppliers, prospective suppliers or other) to our Sites and/or Services. C2FO acts as a Processor on behalf of such entities. In those cases, C2FO processes Customer Personal Information on behalf of and based on the specific instructions provided by our Customer as Controller or as otherwise set out in this Policy. Where the Customer acts as Controller that Customer’s privacy policy (and not this Policy) will apply to the Customer’s collection and use of Customer Personal Information. Accordingly, please refer to the Customer’s privacy policy and direct any questions to them. If a Customer’s business partner registers as a supplier with C2FO’s Services or a party otherwise engages with us on our Sites, then C2FO is the Controller of any Personal Information provided and this Policy and our Terms and Conditions shall govern.
By using the Site and/or Services, you signify your acceptance of this Policy. If you do not agree to this Policy, please do not use our Site and/or Services.
In the case of any conflict between the terms of this Policy and the terms of any Data Protection Agreement (“DPA”) signed by C2FO with any Customer or the terms of any other definitive documents signed by C2FO with you, the terms of that DPA or agreement (as the case may be) will take precedence, and shall supersede any provisions relating to the processing of Personal Information.
Quick Links
We recommend you read this Policy in its entirety. To access a particular section of this Policy, click on the relevant link below to jump to that section:
We will collect Personal Information from users when they voluntarily submit such information to us. Users can always refuse to supply Personal Information, except that it may prevent them from engaging in certain Site-related activities and/or Services.
When you interact with us, including via our Site and/or Services that link to this Policy, with our subsidiaries or affiliates, or when you use our Site and/or Services, we collect Personal Information about you, as further described below.
When Using the Site: Users may be asked for, as appropriate, name, email address, phone number, and other Business Contact Information you provide via the Site when, for example, you fill out a form (e.g. request more information or provide feedback about our Services); complete surveys or register for sales events or marketing activities.
When Using Our Service: When users register on the Site to use our Services, we may collect your Personal Information such as Business Contact Information. You can also provide additional information when you choose to register with our Service or contact us for support.
When Communicating with Us: We may collect user’s name, title, and company name, audio transcripts, audio visual recordings, and other information you provide and/or consent to when you communicate with us in person, on calls, mail, SMS, email, or through chat.
Cookies and Other Technologies
C2FO and our third-party partners, such as advertising and analytic partners, use Cookies and similar tracking technologies (e.g., web beacons and pixels). These technologies are used to provide Site functionality, analyze trends, and recognize you across our Sites. For more information, please see our Cookie Notice, which includes information on how to opt out of these Cookies and tracking technologies.
The Global Privacy Control (GPC) is another technological tool that may be used to control your Cookies and tracking preferences in certain locations.
For more information on the GPC and how to use a browser or browser extension incorporating the GPC signal, see https://globalprivacycontrol.org/. You can also use the range of other opt-out tools we provide see Cookie Notice.
We gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We perform analytics to improve Site functionality and user experience. We may share information about your computer or other devices with our third-party service providers for information and network security, including fraud detection.
Mobile
When users access or use the Services via our mobile applications, we automatically collect information such as device model, version, device identifiers, operating system, IP address, referring/exist pages, and crash data.
User Reviews and Testimonial Privacy
Our Sites include user Review and Testimonial Features (“Features”). These Features may collect your IP address, which page you are visiting on our Site, and may set a Cookie to enable the Feature to function properly. These Features are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.
We may also display testimonials of satisfied customers on our Sites in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at [email protected].
We receive information about you from other Service users, Customers, from joint marketing partners, security and fraud detection companies, from our subsidiaries, affiliates, social media platforms, publicly available sources, and from our business partners.
Third Party Personal Information
You may provide Personal Information about other people or employees, such as their name, email address, phone number, and job title. When you provide us with Personal Information about your contacts, you represent to us that you have the legal right to provide us with that information, and we represent that we will only use this information for the specific reason(s) for which it is provided. If you believe that one of your contacts has provided us with your Personal Information and you would like to request that it be removed from our database, please contact us at [email protected].
Third Party Content & Links
Users may find advertising or other content on our Site that links to the sites and services of our business partners, suppliers, advertisers, sponsors, licensors, and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other site, including sites which have a link to our Site, is subject to that site’s own terms and policies.
Third Party Integrations/Applications
You may connect third party integrations to your account, which may ask for permissions to access data or send information to or from your registered C2FO account. It is your responsibility to review and accept any terms and conditions associated with any third-party integrations you authorize. We may collect information about what types of integrations you use in your C2FO account. Any permission(s) you grant these third parties may provide access to your data, which may include (but is not limited to) granting third party applications access to view, store, and modify your C2FO account data. You agree that to an extent a third party has access to your data, the terms and conditions, including the privacy policy, of that third party will apply to the extent that third party processes your data.
Our third-party partners may use Cookies or similar technologies in order to provide you with targeted advertising based upon your browsing activities and interests. If you wish to opt out of this advertising based on your interests click here [or if located in the European Union click here]. Also see our Cookie Notice. Please note you will continue to receive generic ads.
C2FO may collect information, including Personal Information, under the direction of its Customer, and may not have a direct relationship with the individuals whose Personal Information it processes.
C2FO may also collect and use Personal Information via our Sites and Services, and through other means (e.g. in person or on calls).
C2FO may collect, store and use Personal Information for the following purposes:
We do not disclose your Personal Information to third parties other than as follows:
If a service provider needs to access information about you to perform Services on our behalf, they do so under a written agreement with us; and close instruction from us, including this Policy, and other policies and procedures designed to protect your information and are restricted from using Personal Information for any purposes other than those authorized by us. These service providers are also required to maintain the confidentiality of your information;
We also work with third party business partners such as referral partners who are or may provide Services to prospective and/or current users that we think may be relevant to you;
As part of operating our global business, Personal Information we collect may be stored and processed in your region, in the United States, outside of the European Economic Area (the “EEA”), and any other country we or our affiliates or service providers maintain facilities. Our website servers are primarily located in the United States and Europe, and we may process your Personal Information pursuant to applicable law and in jurisdictions where our affiliates or service providers are located. This includes countries with laws that have not necessarily been determined to provide an adequate level of protection for the processing of Personal Information under the laws of the EU or other jurisdictions. C2FO carefully evaluates and engages these Subprocessors through our vendor management program. Our Subprocessor list is available to existing and prospective customers upon request. If you would like to receive a copy of this list, please email [email protected]. In addition, we have taken the necessary safeguards to require that your Personal Information remains protected in accordance with this Policy. These safeguards include implementing applicable data transfer mechanisms, such standard contractual clauses, data processing agreements (or equivalent terms), or other lawful mechanisms for transfers of personal information as approved by the European Commission or other applicable regulators or legislators.
Pollen, Inc., including under our trademark name “C2FO”, complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Pollen, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Pollen, Inc. has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
With respect to personal data received or transferred pursuant to the DPF Program, we are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the DPF Program, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States in reliance on the DPF Program should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than the purpose for which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to [email protected].
If you are an EU, UK, or Swiss Individual, where we transfer your personal data to third party service providers who perform Services for us or on our behalf, we are responsible for the processing of that data by them and shall remain liable if they process your personal data in a manner inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage.
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), we commit to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-US.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact our Data Protection Officer (DPO) at [email protected]; our representative to the EU at [email protected] or at C2FO Limited 9th Floor, 107 Cheapside, London EC2V 6DN.
We have further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you. If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.
See https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction.
If you are located in the European Economic Area, United Kingdom or Switzerland, the Controller of your Personal Information is C2FO Limited 9th Floor, 107 Cheapside, London EC2V 6DN. Where we act as a Controller, we only process your Personal Information based on a valid legal basis (e.g. this means the grounds on which an organization can rely when processing Personal Information). Our legal basis for collecting and using the Personal Information described in this Policy will depend on the Personal Information concerned and the specific context in which we collect it.
For those jurisdictions that require a specific legal basis for processing Personal Information, for the purposes described above, we will normally collect Personal Information as set forth below:
Processing is necessary for the purposes of our legitimate interests.
In certain circumstances, we may collect your Personal Information on a different legal basis. If we use your Personal Information for purposes that are materially different from the purposes set forth in this Policy or from the purposes we alerted you to at the point of collection, we will explain how and why we use your Personal Information in a supplementary notice at or before the point of collection. These legal bases only apply if you are a resident in the EEA, the UK, or Switzerland. If you have any questions about our legal bases for processing your Personal Information, please contact us at [email protected] .
Depending on your location and applicable data protection laws, you may have the following data protection rights:
To exercise any of these rights including our Sites and Services, please use this form or email [email protected].
Please note that to protect Personal Information, we may verify your identity by a method appropriate to the type of request you are making. Depending on where you reside, you may be entitled to empower an “authorized agent” to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
We will respond to your privacy requests within a reasonable timeframe and notify you of the action we have taken. In some instances, your rights may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights.
If you are a Supplier, prospect, or otherwise interact with a C2FO Customer that uses our Services, and would like to access, correct, amend or delete your data controlled by the Customer, please contact the relevant Customer directly and refer to that Customer’s privacy notice.
Right to Opt Out of “Online Targeted Advertising”
Depending on your location, you may have the right to opt-out of the “sale” of your Personal Information or the disclosure of your Personal Information for the purposes of Online Targeted Advertising (our online advertising activities are described in our Cookie Notice). We do not “sell” Personal Information for Online Targeted Advertising in the traditional sense of exchanging information for monetary payment.
The definitions of “sale” and “targeted advertising” under applicable law may include the disclosure of your information (which may include identifiers as well as Internet and device activity) to certain types of advertising and marketing partners. To the extent that our practice constitutes a sale or sharing of your Personal Information for Online Targeted Advertising as described in this section, you have the right to opt-out by:
Opting Out of Our Marketing Communications
You may unsubscribe from our marketing communications through the following methods:
Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. Please note you may also encounter generic ads within our applications, and/or Sites and Services.
The California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA), requires businesses that collect personal information of California residents to make certain disclosures regarding how they collect, use, retain, and disclose such information. For purposes of this section “Personal Information” has the meaning given in the California Consumer Privacy Act (“CCPA”).
Other than C2FO’s sharing of personal information (as defined by CCPA and its implementing regulations) described in the second table below. C2FO does not sell Personal Information as we understand the term sale defined by the CCPA and its implementing regulations.
The categories we collect about you and the third parties to whom we disclose that Personal Information for a business purpose in the preceding 12 months are as follows:
Categories of Personal Information Shared in the Preceding 12 months:
Internet or Other Network or Device Activity
C2FO does not use or disclose sensitive Personal Information for purposes other than those permitted under the CCPA.
C2FO does not have actual knowledge that it sells or shares the Personal Information of consumers under 16 years of age.
Retention of Personal Information: We retain Personal Information as described in “Data Retention” below.
Sources of Personal Information: The sources from which we collect Personal Information are described in the Information You Provide ; Information We Automatically Collect ; Information We Receive from Third Parties ; and Use of Information We Collect sections of this Policy.
To the extent provided by law and subject to applicable exceptions, California residents have the following privacy rights related to personal information we collect about you:
How to Exercise Your California Privacy Rights
You can exercise your rights yourself or you can designate an authorized agent to exercise these rights on your behalf. To protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. Depending on your request, we will ask for information such as your name and email address. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may need to verify your authorized agent’s identity to protect your Personal Information. We may deny a request from an agent that does not submit proof that they have been authorized to act on your behalf. For multiple requests in the same 12-month period, we may charge a reasonable fee, as permitted by law.
Please use our data subjects rights form found here or email [email protected] if you would like to:
To opt out of sharing personal information for cross-context behavior advertising (e.g. targeted advertising):
C2FO does not discriminate against you for exercising your rights or offer you financial incentives related to the collection and use of your Personal Information.
We will retain and use your Personal Information described in this Policy for as long as long as necessary to provide the Services to you and to other third parties with legitimate business interests in such information, to the extent necessary and permissible under applicable law, to comply with our legal obligations, audit and record keeping purposes, as necessary for other legitimate business interests such as to resolve disputes, and to enforce our agreements, or as otherwise communicated to you.
If you wish to request the deletion of your Personal Information prior to the end of the retention period, please reach out to us at [email protected]. If you wish to cancel your Services please see our Terms and Conditions for more information.
We are committed to protecting your information. We use physical, organizational, and technical safeguards and measures designed to protect your personal information which may include: physical access controls, encryption, internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. However, no method of transmission over the internet, or method of electronic storage, is 100% secure, and we cannot warrant the security of any information you provide to us.
Our staff and any service providers who may have access to your Personal Information are trained and required to keep your Personal Information secure and confidential. If you have any questions about the security of your Personal Information, you can contact us at [email protected].
This Policy is entered into in the English language. Any translation prepared for any reason shall be a non-binding accommodation of no legal effect, and the English version of this Policy shall govern. All communications with respect to this Policy shall be in the English language. Without limiting the generality of this provision, you acknowledge that: (i) it shall not assert any claim based upon any translation or any discrepancy or purported discrepancy between such translation and this English-language version of this Policy; and (ii) any such translation shall not be used to interpret this Policy. The English language version of this document is available here: https://www.c2fo.com/privacy.
We do not knowingly collect information on children under the ages of 13, 14, or 16, respective of the region you live in. If you believe a person who is underage has signed up for our Services, please contact us at [email protected].
C2FO is committed to user accessibility. If you are having difficulty viewing or navigating the content of this website or find any content, feature, or functionality not fully accessible, please contact [email protected] and provide a detailed description of what you believe is not fully accessible.
We may update this Policy from time to time by posting a new version on our Site. If we make material changes to this Policy, we will post such revised policy on our Sites and we may notify you via notices posted on the Sites, by email or otherwise as permitted by law. We encourage you to periodically review this Policy for the latest information on our privacy practices.
If you have any questions about this Policy, the practices of this Site and/or Services, or your dealings with this Site and/or Services, please contact us at:
Pollen, Inc.
Attn: Legal Notice 8880 Ward Pkwy, #500 Kansas City, MO 64114 888.980.9025
C2FO’s Data Protection Officer (DPO) may be contacted at [email protected] and C2FO’s representative to the EU at [email protected] or at 9th Floor, 107 Cheapside, London EC2V 6DN.