This article summarizes how RapidRatings handles the information members provide to and generate on the FHR Exchange. It is an overview, not a comprehensive policy — the authoritative documents are the Privacy Policy and the Discloser Terms. Where those documents and this article differ, the Privacy Policy and Discloser Terms control.
What information RapidRatings collects
Members provide and generate several categories of information through participation in the FHR Exchange:
Financial statement data submitted for the purpose of producing a Financial Health Rating, including balance sheets, income statements, and cash flow statements where produced.
Company information such as legal name, industry classification, jurisdiction of incorporation, and corporate structure.
Personal information of account users — typically the name, business email address, job title, and login credentials of the individuals who submit data or manage the account on behalf of the member company. This is limited to the information necessary to operate the account.
Usage information generated as members interact with the platform, including access times, features used, and actions taken within the portal.
RapidRatings does not collect personal information about members' end customers, employees outside the account, or individuals unrelated to platform operation.
How the information is used
The information members provide is used to:
Produce the member's Financial Health Rating and associated report
Deliver the rating and report to client organizations that the member has authorized to receive it, at the disclosure level the member selects
Operate, secure, and improve the FHR Exchange platform
Meet RapidRatings' legal, regulatory, and contractual obligations
The permitted uses of member-submitted information are described in more detail in the Use of Information article.
Sharing with clients
The FHR Exchange allows client organizations to request Financial Health Ratings from members. Whether to accept a client request is at the member's sole discretion. When a member accepts, RapidRatings shares the rating and report with the requesting client at the disclosure level the member has selected. See What control will I have over my data, rating, and report? for the full set of member controls.
Ratings and reports are not shared with client organizations that the member has not authorized, and are not sold or distributed to third parties outside the FHR Exchange.
Sub-processors and service providers
RapidRatings uses a limited set of third-party service providers to operate the platform (for example, cloud hosting and email delivery). The current list of sub-processors, along with the categories of data each processes, is maintained in the Vendor and Sub-Processor List.
Access and usage monitoring
RapidRatings monitors access to and usage of the FHR Exchange for security, fraud prevention, and product improvement purposes. Aggregate usage patterns may be analyzed to guide product development, provided the analysis does not identify individual members or users as the source. Security monitoring — including detection of access patterns that do not reflect ordinary human use — is applied to all accounts and cannot be disabled at the member level.
Feedback
Feedback, comments, and suggestions members provide about the FHR Exchange are voluntary. RapidRatings may use feedback to improve the platform without additional obligation to the member providing it. Feedback is not treated as confidential unless the member has separately agreed to a confidentiality arrangement covering the specific submission.
Member listing
RapidRatings may list a company as an FHR Exchange member and use the company name in listings of participating members appearing within the FHR Exchange. Members cannot opt out of this listing at this time. RapidRatings will not conduct marketing or other public activities outside the FHR Exchange using a member's name without the member's prior consent.
Member rights and regulatory coverage
Members and individuals whose personal information is processed through the FHR Exchange have rights over that information under applicable privacy law, including in some jurisdictions the right to access, correct, or request deletion of personal information. The specific rights available depend on the member's jurisdiction and the regulatory framework that applies.
See Privacy Regulations FAQs for coverage of specific regimes (GDPR, CCPA, and others), and the Privacy Policy for the authoritative statement of rights and how to exercise them.