Privacy Policy

Information you provide directly. When you create an account, we collect your name and email address via our OAuth authentication provider. If you subscribe to a paid plan, Stripe processes your payment information — we never store card details on our servers.

Financial data you enter. Transactions, budgets, and categories you add to FinTrack are stored locally in your browser's localStorage by default. If you are signed in, this data may be synchronised to our servers to enable cross-device access.

Usage data. We collect anonymised analytics (page views, feature interactions) to improve the product. This data does not include any of your financial figures.

We use the information we collect to provide and improve the FinTrack service, process subscription payments through Stripe, send important account and billing notifications, and respond to your support requests.

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use your financial data to train machine learning models or for any purpose beyond delivering the service to you.

Local storage. For users without an account, all financial data is stored exclusively in your browser's localStorage. It never leaves your device.

Server storage. For authenticated users, data is stored in encrypted databases hosted on secure cloud infrastructure. All data in transit is encrypted using TLS 1.2 or higher.

Payment security. All payment processing is handled by Stripe, which is PCI DSS Level 1 certified. We store only your Stripe Customer ID and Subscription ID — never card numbers or CVV codes.

FinTrack uses a single session cookie to maintain your login state. This cookie is HTTP-only and secure. We do not use tracking cookies or third-party advertising cookies.

You can clear cookies at any time through your browser settings. Doing so will log you out of the application.

FinTrack integrates with the following third-party services:

• Stripe — payment processing. Subject to Stripe's Privacy Policy.
• Manus OAuth — authentication. Used only to verify your identity at sign-in.

You have the right to access the personal data we hold about you, request correction of inaccurate data, request deletion of your account and associated data, and export your financial data at any time.

To exercise any of these rights, please contact us at the address below. We will respond within 30 days.

We retain your account data for as long as your account is active. If you delete your account, we will permanently delete your personal information and financial data within 30 days, except where we are required to retain it for legal or regulatory purposes.

FinTrack is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email or via an in-app notice. The "Last updated" date at the top of this page will always reflect the most recent revision.

Your continued use of FinTrack after changes are posted constitutes your acceptance of the updated policy.

If you have any questions about this Privacy Policy or how we handle your data, please reach out via our Contact page or email us directly at [email protected].