Last updated: January 2025

FinFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application FinFlow (the "App").

Information We Collect

Personal Information

• Account Information: Email address, name, age range
• Financial Data: Expenses, income sources, financial goals, credit card information
• Usage Data: How you interact with the app, features used, preferences

Automatically Collected Information

• Device Information: Device type, operating system, unique device identifiers
• App Usage: App crashes, performance data, feature usage
• Location Data: We do not collect precise location data

How We Use Your Information

Primary Uses

• Provide Services: Process your financial data, generate insights, track goals
• Personalization: Customize AI recommendations and financial advice
• Communication: Send notifications about goals, expenses, and insights
• Support: Respond to your questions and provide customer service

Analytics and Improvement

• App Performance: Monitor app stability and performance
• Feature Development: Understand usage patterns to improve features
• User Experience: Optimize the app interface and functionality

Information Sharing

Limited Sharing

We may share your information only in these circumstances:

• Service Providers: With trusted third-party services that help us operate the app (Firebase, analytics)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Protection

All data sharing is governed by strict confidentiality agreements and data protection measures.

Data Security

Security Measures

• Encryption: All data is encrypted in transit and at rest
• Access Controls: Strict access controls limit who can access your data
• Regular Audits: We regularly review and update our security practices
• Secure Infrastructure: We use industry-standard cloud infrastructure (Firebase)

Your Responsibility

• Keep your login credentials secure
• Don't share your account with others
• Log out when using shared devices

Data Retention

How Long We Keep Data

• Active Accounts: We retain your data as long as your account is active
• Inactive Accounts: Data is retained for 2 years after account deactivation
• Deletion: You can request complete data deletion at any time

Data Deletion

• Account Deletion: You can delete your account in the app settings
• Data Export: You can export your data before deletion
• Complete Removal: We will delete all your data from our systems

Your Rights and Choices

Access and Control

• View Your Data: Access all your personal information in the app
• Update Information: Modify your account information at any time
• Delete Account: Remove your account and all associated data
• Export Data: Download a copy of your data

Communication Preferences

• Notifications: Control which notifications you receive
• Marketing: Opt out of marketing communications
• Updates: Choose how you receive app updates

Text Message Reminders (SMS)

Opt-In and Consent

• SMS bill reminders are optional and only sent after explicit opt-in.
• We store your consent status, consent timestamp, and reminder phone number.
• Message and data rates may apply based on your wireless carrier plan.

What We Send

• We send event-triggered bill reminders only (for example, reminders sent before a due date).
• We do not use SMS reminders for marketing campaigns.
• Reminder frequency is limited and may include monthly caps to reduce message volume.

Opt-Out and Data Handling

• You can opt out at any time in app settings or by replying STOP to a reminder.
• When you opt out, we disable SMS reminders and record the opt-out event.
• We retain only the minimum SMS-related data needed for consent, delivery, and compliance.

Children's Privacy

Age Requirements

• Minimum Age: Users must be 13 years or older
• Parental Consent: Users under 18 need parental consent
• Family Accounts: Parents can manage family member accounts

Protection Measures

• We do not knowingly collect data from children under 13
• Family-friendly content and features
• Parental controls and monitoring options

Third-Party Services

Services We Use

• Firebase: Backend services, authentication, database
• Analytics: App performance and usage analytics
• Payment Processing: Secure payment processing (if applicable)

Third-Party Policies

• Each service has its own privacy policy
• We only use services that meet our privacy standards
• Links to third-party policies are available upon request

Changes to This Policy

Policy Updates

• Notification: We will notify you of significant changes
• Review: Please review this policy periodically
• Acceptance: Continued use means acceptance of changes

Contact for Changes

• Email us with questions about policy changes
• We're happy to explain any modifications

Contact Information

Legal Compliance

GDPR (European Users)

• Right to access, rectification, and erasure
• Right to data portability
• Right to restrict processing
• Right to object to processing
• Right to withdraw consent

CCPA (California Residents)

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt out of data sales
• Right to non-discrimination

Data Breach Procedures

Our Response

• Detection: We monitor for security incidents
• Notification: We will notify you within 72 hours of discovery
• Investigation: Thorough investigation of any incidents
• Remediation: Immediate steps to prevent future breaches

Your Actions

• Monitor your accounts for suspicious activity
• Report any concerns immediately
• Change passwords if recommended

Compliance

Standards We Follow

• GDPR: European data protection regulations
• CCPA: California privacy laws
• COPPA: Children's online privacy protection
• Industry Standards: Best practices for financial apps

Regular Audits

• Annual privacy audits
• Security assessments
• Compliance reviews

Last updated: January 2025

FinFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application FinFlow (the "App").

Information We Collect

Personal Information

• Account Information: Email address, name, age range
• Financial Data: Expenses, income sources, financial goals, credit card information
• Usage Data: How you interact with the app, features used, preferences

Automatically Collected Information

• Device Information: Device type, operating system, unique device identifiers
• App Usage: App crashes, performance data, feature usage
• Location Data: We do not collect precise location data

How We Use Your Information

Primary Uses

• Provide Services: Process your financial data, generate insights, track goals
• Personalization: Customize AI recommendations and financial advice
• Communication: Send notifications about goals, expenses, and insights
• Support: Respond to your questions and provide customer service

Analytics and Improvement

• App Performance: Monitor app stability and performance
• Feature Development: Understand usage patterns to improve features
• User Experience: Optimize the app interface and functionality

Information Sharing

Limited Sharing

We may share your information only in these circumstances:

• Service Providers: With trusted third-party services that help us operate the app (Firebase, analytics)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Protection

All data sharing is governed by strict confidentiality agreements and data protection measures.

Data Security

Security Measures

• Encryption: All data is encrypted in transit and at rest
• Access Controls: Strict access controls limit who can access your data
• Regular Audits: We regularly review and update our security practices
• Secure Infrastructure: We use industry-standard cloud infrastructure (Firebase)

Your Responsibility

• Keep your login credentials secure
• Don't share your account with others
• Log out when using shared devices

Data Retention

How Long We Keep Data

• Active Accounts: We retain your data as long as your account is active
• Inactive Accounts: Data is retained for 2 years after account deactivation
• Deletion: You can request complete data deletion at any time

Data Deletion

• Account Deletion: You can delete your account in the app settings
• Data Export: You can export your data before deletion
• Complete Removal: We will delete all your data from our systems

Your Rights and Choices

Access and Control

• View Your Data: Access all your personal information in the app
• Update Information: Modify your account information at any time
• Delete Account: Remove your account and all associated data
• Export Data: Download a copy of your data

Communication Preferences

• Notifications: Control which notifications you receive
• Marketing: Opt out of marketing communications
• Updates: Choose how you receive app updates

Children's Privacy

Age Requirements

• Minimum Age: Users must be 13 years or older
• Parental Consent: Users under 18 need parental consent
• Family Accounts: Parents can manage family member accounts

Protection Measures

• We do not knowingly collect data from children under 13
• Family-friendly content and features
• Parental controls and monitoring options

Third-Party Services

Services We Use

• Firebase: Backend services, authentication, database
• Analytics: App performance and usage analytics
• Payment Processing: Secure payment processing (if applicable)

Third-Party Policies

• Each service has its own privacy policy
• We only use services that meet our privacy standards
• Links to third-party policies are available upon request

Changes to This Policy

Policy Updates

• Notification: We will notify you of significant changes
• Review: Please review this policy periodically
• Acceptance: Continued use means acceptance of changes

Contact for Changes

• Email us with questions about policy changes
• We're happy to explain any modifications

Contact Information

Legal Compliance

GDPR (European Users)

• Right to access, rectification, and erasure
• Right to data portability
• Right to restrict processing
• Right to object to processing
• Right to withdraw consent

CCPA (California Residents)

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt out of data sales
• Right to non-discrimination

Data Breach Procedures

Our Response

• Detection: We monitor for security incidents
• Notification: We will notify you within 72 hours of discovery
• Investigation: Thorough investigation of any incidents
• Remediation: Immediate steps to prevent future breaches

Your Actions

• Monitor your accounts for suspicious activity
• Report any concerns immediately
• Change passwords if recommended

Compliance

Standards We Follow

• GDPR: European data protection regulations
• CCPA: California privacy laws
• COPPA: Children's online privacy protection
• Industry Standards: Best practices for financial apps

Regular Audits

• Annual privacy audits
• Security assessments
• Compliance reviews