Privacy Policy

1. Introduction

Welcome to SpokenFor.money. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial forecasting service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, password, and account preferences
• Financial Data: Account balances, recurring transactions, income, expenses, and financial goals that you manually enter into our system
• Payment Information: Billing details processed securely through Stripe (we do not store complete credit card numbers)
• Communication Data: Information from your interactions with our support team

2.2 Automatically Collected Information

• Usage Data: How you interact with our service, features used, and preferences
• Device Information: Browser type, operating system, IP address, and device identifiers
• Cookies and Tracking: Session data and authentication tokens

3. How We Use Your Information

We use your information to:

• Provide and maintain our financial forecasting service
• Calculate balance forecasts and generate financial insights
• Process your subscription payments and manage billing
• Send you service updates, security alerts, and administrative messages
• Improve our service and develop new features
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations and enforce our Terms of Service

4. How We Store Your Information

Your data is stored securely using Supabase, a secure cloud database platform built on PostgreSQL. We implement industry-standard security measures including:

• Encryption of data in transit using SSL/TLS
• Encryption of data at rest
• Row-level security policies to ensure data isolation
• Regular security audits and updates
• Secure authentication using industry-standard protocols

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers like Stripe (payment processing) and Supabase (data hosting) who assist in operating our service
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, privacy, safety, or property, and that of our users

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, regulatory, or security purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a structured, machine-readable format
• Objection: Object to processing of your personal information
• Restriction: Request restriction of processing your personal information
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided below or use the data management tools in your account settings.

8. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect, use, disclose, and sell. You also have the right to request deletion of your personal information and to opt-out of the sale of your personal information (note: we do not sell personal information).

9. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We process your personal information based on legitimate interests, contractual necessity, or your consent. You have the right to lodge a complaint with your local data protection authority.

10. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyze usage patterns. You can control cookie preferences through your browser settings, but disabling cookies may limit your ability to use certain features of our service.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of our service after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: