What we collect, why, who else sees it, and how to get it all back or wipe it. Written for a real person to read once and understand.
FinTrack ("we", "us") is the operator of fintrack.app, based in the Province of Quebec, Canada, and currently operated as a sole proprietorship. For the purpose of Canadian privacy law (PIPEDA) and applicable provincial law, FinTrack is the data controller.
If you're an individual in the EU/EEA or the UK, the legal basis for processing your data is your contract with us (to deliver the service you signed up for) and our legitimate interests (running the business, preventing abuse).
This is the full list. We don't collect anything not on it.
| Category | Examples | Why |
|---|---|---|
| Account info | Email, name (first/last), hashed password, preferred currency, preferred language, optional phone number, optional profile picture | To log you in, talk to you, and personalize the app |
| Financial data you import | Transactions, budgets, recurring payments, savings goals, categories, account labels | To provide the core FinTrack service |
| AI Money Coach exchanges | Questions you ask, FinTrack's answers, your feedback (thumbs up/down) | To show your conversation history; helps us improve answer quality |
| Receipts you scan | Photos you upload from the receipt scanner | Processed in-memory only — not stored on disk after the AI extracts the fields |
| Subscription & billing | Stripe customer ID, Stripe subscription ID, billing currency, billing status | To run your subscription. We never store your card number, CVC, or full card details — Stripe does. |
| Service logs | Request timestamps, IP address (briefly, for abuse prevention), error logs | To keep the service running and to detect/prevent abuse |
| Abuse-prevention hash | A one-way SHA-256 hash of your canonical email, kept after account deletion | So a closed account can't open a new free trial. We can't reverse the hash to recover the email. |
Settings → Account → Delete account: all your personal data, transactions, budgets, goals, recurring entries, AI exchanges, and email events are removed from the production database within 30 days. Backups holding the same data are overwritten on their normal rotation cycle within a further 60 days.Production data is stored in a PostgreSQL database operated on our behalf by our hosting provider. Until FinTrack moves to a permanent production deployment, this is a North-American-region cloud database. Once we publish a fixed primary region (planned for our v1 production launch), we'll update this section with the exact location.
Transit between you and our servers uses HTTPS/TLS. Passwords are stored as one-way bcrypt hashes — we cannot recover your password, only reset it.
To run FinTrack we share specific data with these sub-processors. We've vetted each one and require they meet at least our own standards.
| Sub-processor | What they process | Purpose |
|---|---|---|
| Stripe, Inc. | Your name, email, billing address, payment method (card details handled directly by Stripe — never by us) | Subscription payments |
| Resend (email infrastructure) | Your email address + the contents of transactional emails we send you | Delivering welcome, trial-reminder, payment-receipt, password-reset, and account-event emails |
| Anthropic (Claude AI) | The text of your Money Coach questions + a summary of recent transaction data we attach as context | Generating AI-powered answers and daily insights |
| Hosting / database provider | All FinTrack application data, stored encrypted at rest | Running the FinTrack servers |
| Cloudflare | Inbound HTTP requests, IP addresses (briefly) | DNS, DDoS protection, TLS termination |
We don't share data with advertisers, brokers, "anonymized" aggregators, or any third party not on this list. If we add a sub-processor we'll update this page at least 14 days before the change takes effect.
FinTrack uses one cookie: a session cookie that keeps you logged in. It's strictly necessary for the service to function and is not used for tracking. It expires when you log out or close your browser session.
We also store a few non-sensitive preferences (your chosen currency, language, and onboarding completion status) in your browser's localStorage so the app feels consistent between visits. None of these leave your device.
We do not use marketing pixels, fingerprinting libraries, or cross-site tracking technology.
No security program is bulletproof. If we discover a breach affecting your personal information, we will notify you and the appropriate regulators as required by PIPEDA and other applicable laws, generally within 72 hours of confirming the incident.
Under PIPEDA (Canada), GDPR (EU/UK), and similar privacy laws elsewhere, you have rights over your personal data. We honor all of them:
You can see every transaction, budget, goal, and recurring entry inside the app at any time. For account metadata (created_at, login history, email events sent), email help@fintrack.app and we'll send the full record within 30 days.
From Settings → Export you can download every transaction as a portable CSV file at any point — while subscribed, in read-only mode, or after cancellation.
You can edit any data you've entered directly in the app. For things you can't edit (your email address, account creation date), email us.
From Settings → Account → Delete account you can permanently erase everything. The deletion is irreversible — you'll be asked to type the word "delete" to confirm. See Section 3 for retention specifics.
You can withdraw consent to our processing at any time by deleting your account. We can't continue providing the service without processing the data, so withdrawal of consent ends our relationship.
If you want us to stop using your data for a specific purpose without deleting the account, email help@fintrack.app. We'll comply unless we have a legal reason not to.
If you think we've mishandled your data, please write to help@fintrack.app first — we'd like a chance to fix it. If we can't resolve it, you can file a complaint with the Office of the Privacy Commissioner of Canada, or your local data-protection authority.
FinTrack is not directed to children under 13. We don't knowingly collect personal information from anyone under 13. If you believe a child has created a FinTrack account, please email us at help@fintrack.app and we'll delete it.
FinTrack is operated from Canada. If you're in the EU/UK or elsewhere, your personal data may be transferred to and processed in Canada, the United States (where our payment processor Stripe and our AI provider Anthropic operate), and our hosting provider's regions.
Where required, we rely on the European Commission's Standard Contractual Clauses (SCCs) or equivalent legal mechanisms in our contracts with these sub-processors to ensure your data is protected at a level equivalent to GDPR.
We may update this Privacy Policy from time to time. For material changes we will email active users at the email on file at least 14 days before the change takes effect. Non-material updates (clarifications, formatting) take effect when posted. The "Last updated" date at the top is always current.
Questions, requests to exercise your rights, or complaints:
[PRIVACY] helps us route it correctlyWe aim to respond within 12 hours on business days and to resolve substantive requests within 30 calendar days.
Common privacy and data questions are answered in our Help Center.