Privacy Policy

Last updated: September 13, 2025

1. Introduction

Welcome to CashFlow ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial management software as a service (the "Service"). Please read this Privacy Policy carefully.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, and other registration details
  • Financial Data: Bank account last four digits, credit card last four digits, transaction data, and financial preferences
  • Profile Information: User preferences, settings, and customization choices
  • Communication Data: Messages, feedback, and support requests

2.2 Information Collected Automatically

  • Usage Data: How you interact with our Service, features used, and time spent
  • Device Information: Browser type, operating system, IP address, and device identifiers
  • Log Data: Access times, pages viewed, and technical diagnostic information
  • Cookies and Tracking: Session cookies, preferences, and analytics data

2.3 Information from Third Parties

  • OAuth Providers: Information from Google
  • Email Providers: Email messages, filter settings (with your consent and for Gmail only)

3. How We Use Your Information

We use your information for the following purposes:

  • Provide and maintain our financial management services
  • Process transactions and manage your financial data
  • Authenticate your identity and secure your account
  • Send important service notifications and updates
  • Improve our Service through analytics and user feedback
  • Respond to customer support requests
  • Develop new features and enhance user experience

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service, such as:

  • Cloud hosting and data storage providers
  • Analytics and performance monitoring services
  • Customer support platforms
  • Security and fraud prevention services

4.2 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes, court orders, or government requests
  • Protect our rights, property, or safety
  • Investigate potential violations of our Terms of Service
  • Prevent fraud or other illegal activities

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Google OAuth Integration

Our Service integrates with Google OAuth for authentication. When you connect your Google account:

  • We access only the minimum necessary information (email, basic profile)
  • You can revoke access at any time through your Google Account settings
  • We comply with Google's API Services User Data Policy
  • Your Google account data is used solely for authentication and service provision
  • We do not store Google passwords or access tokens beyond the session

6. Data Security

We implement appropriate technical and organizational security measures to protect your information:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication requirements
  • Secure data storage and backup procedures
  • Employee training on data protection practices

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services through analytics

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

8. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate personal information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Limit how we process your personal information
  • Objection: Object to certain types of processing
  • Withdraw Consent: Revoke consent for data processing where applicable

To exercise these rights, please contact us using your account information.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Authenticate your login sessions
  • Analyze usage patterns and improve our Service
  • Provide personalized content and features

You can control cookies through your browser settings, but disabling certain cookies may affect Service functionality.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own, due to the nature of the cloud service providers that we use. We ensure appropriate safeguards are in place to protect your information during such transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Sending an email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: [email protected]