Privacy Policy

1. Information We Collect

We collect information to provide and improve our services. The types of information we collect include:

Account Information

• Name, email address, and contact information
• Account credentials and authentication data
• Profile information and preferences
• Payment and billing information

Financial Information

• Bank account information (account numbers, routing numbers)
• Transaction history and spending patterns
• Investment portfolio data
• Credit card information for linked accounts

Usage Information

• Device information (browser type, operating system)
• IP address and location data
• Usage patterns and feature interactions
• Error logs and performance data

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and manage your accounts
• Sync your financial data across connected institutions
• Generate insights, analytics, and personalized recommendations
• Send service notifications and updates
• Respond to your requests and provide customer support
• Detect and prevent fraud and security threats
• Comply with legal obligations and regulatory requirements

3. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

With Your Consent

When you explicitly authorize us to share your information with third parties.

Service Providers

We share data with trusted service providers who help us operate our services, including bank data aggregation partners (such as Plaid), cloud hosting providers, and analytics services.

Legal Requirements

We may disclose information when required by law, legal process, or government request, or to protect the rights, property, and safety of FinanceFlow, our users, or others.

4. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: 256-bit AES encryption for data at rest and TLS 1.3 for data in transit
• Access Controls: Role-based access controls and multi-factor authentication
• Infrastructure: SOC 2 Type II certified data centers with 24/7 monitoring
• Testing: Regular penetration testing and security audits
• Compliance: PCI-DSS Level 1 compliant for payment data

5. Your Rights and Choices

You have the following rights regarding your personal information:

To exercise these rights, visit your account settings or contact us at privacy@financeflow.com.

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Active accounts: Data retained while your account is active
• Closed accounts: Core account data deleted within 30 days of closure
• Financial records: Transaction data retained for 7 years per regulatory requirements
• Security logs: Retained for 2 years for fraud prevention

7. Third-Party Services

Our service integrates with third-party services to provide functionality:

• Plaid: Bank account linking and transaction data
• Stripe: Payment processing for subscriptions
• Google Analytics: Usage analytics and performance monitoring

These services have their own privacy policies, and we encourage you to review them.

8. Children's Privacy

FinanceFlow is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 18, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through our app. Your continued use of FinanceFlow after changes become effective constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: