Privacy Policy

Provider: Financesaur LLC, 8 The Green Suite B, Dover, DE 19901, United States

Last Updated: September 27, 2025

This Privacy Policy (“Policy”) explains how Financesaur LLC (“Financesaur”, “we”, “our”, “us”) collects, uses, shares, retains, and protects personal information when you:

Visit financesaur.com or any sub‑domains.
Use the Financesaur Service (the “Service”).
Communicate with us by email, support tickets, or other channels.

1. Definitions

Personal Information – Any information that can directly or indirectly identify an individual (e.g., name, email, IP address).
Processing – Any operation performed on Personal Information, including collection, storage, use, disclosure, or deletion.
Data Subject – The individual to whom the Personal Information relates.
Legitimate Interests – A lawful basis for processing that balances our business needs against your rights.
Controller / Processor – We are the Controller of your data; the companies that handle it on our behalf are Processors (see the Sub‑processor Schedule).

2. Information We Collect

Account & Contact	Name, email, phone, mailing address, date of birth (provided by you).
Usage & Device	IP address, browser type, OS, device ID, login timestamps, feature usage (collected automatically).
Content & Uploads	Files, notes, financial data you enter or upload.
Payment Data	Transaction ID, amount, billing address (processed by Stripe; we never store raw card numbers).
Third‑Party Sources	Data you import from banks, financial institutions, or other apps via APIs that you expressly authorize.
Cookies & Tracking	Session cookies, analytics cookies, marketing cookies.

3. How We Use Personal Information

Provide, operate, secure, and improve the Service.
Personalise features and communications (including service‑related updates).
Detect and prevent fraud, abuse, or security incidents.
Comply with legal obligations and respond to lawful requests.
Generate de‑identified or aggregated data for analytics, research, and product improvement.
Honor Global Privacy Control (GPC) signals.

We do **not sell** Personal Information.

4. Legal Bases (GDPR/UK‑GDPR)

Contract performance – To deliver the Service you have requested.
Legitimate interests – For security, fraud prevention, service improvement and analytics (you may object – see “Your Rights”).
Legal obligations – Tax, record‑keeping, and compliance with applicable law.
Consent – For non‑essential cookies and marketing communications (you may withdraw consent at any time).

5. Sharing & Disclosure

Service providers – Google Analytics (web‑analytics) and an Azure‑hosted web proxy that you run. Both act as data processors under written agreements that incorporate Standard Contractual Clauses (SCCs) for any cross‑border transfers.
Professional advisors – legal, tax, audit, only the minimum data required.
Law enforcement / regulators – when required by law or to protect our rights.
Business transfers – sale, merger, or acquisition, with the same privacy obligations.
Integrations you enable – data you choose to share with third‑party tools.
Aggregated / de‑identified insights – never linked to an identifiable individual.

The current list: (Google Analytics, Microsoft Azure and Stripe).

6. Data Retention

Account & Contact data	Until account deletion + 2 years (administrative purposes).
Usage & Device logs	30 days (anonymised after 90 days).
Uploaded content	For as long as you keep it in the Service.
Payment records	7 years (tax & financial regulations).
Back‑up copies	Rotated out 75‑90 days after deletion.

When you terminate your account or submit a verified deletion request, we remove your data from active systems within **60 days**; backup copies expire within **75‑90 days**.

7. Security

Encryption at rest and in transit where technically feasible.
Multi‑factor authentication for administrative access.
Regular vulnerability scanning and patching of our on‑premise infrastructure.
Data‑breach notification – We will email you within **72 hours** of confirming a breach that affects your Personal Information and will report to the relevant supervisory authority where required.
We employ “reasonable and appropriate” safeguards that are standard for a technology‑focused startup.

8. International Transfers

Our service is based 100% in the United States, any transfer of Personal Information from the European Economic Area (EEA) or United Kingdom to the U.S. relies on the **EU‑Commission Standard Contractual Clauses (Version 2 – 2021)**.

9. Your Rights

Depending on your jurisdiction, you may have the following rights. To exercise any right, please email hello@financesaur.com with a clear description of your request.

Access – Receive a copy of your Personal Information.
Correction – Request amendment of inaccurate data.
Deletion (“Right to be Forgotten”) – Require us to erase your data.
Portability – Obtain your data in a commonly used, machine‑readable format (JSON/CSV).
Restriction – Limit processing (e.g., for marketing).
Object – Object to processing based on legitimate interests or profiling.
Withdraw consent – For any processing that relies on consent.
Do‑Not‑Sell – We do not sell Personal Information; any “Do Not Sell” request is automatically honored.
Global Privacy Control (GPC) – Signals are respected; we will not discriminate for exercising any right.

We will respond within **45 days** (extensions allowed by law). If you are unsatisfied, you may contact the data‑protection authority in your jurisdiction.

10. Children’s Privacy

The Service is **not directed to children under 16**. We do not knowingly collect Personal Information from anyone younger than that age. If we become aware of such data, we will delete it promptly.

11. Cookies & Tracking Technologies

We use cookies and similar technologies to keep you signed in, understand usage patterns, and improve the Service.

12. Changes to This Policy

Minor updates (typos, formatting) will be posted with a new “Last Updated” date.
Material changes (new purposes, new sharing categories, etc.) will be announced via email (if you have an account) and a prominent notice on the website.

13. Contact & Complaints

Data‑privacy inquiries / requests: hello@financesaur.com
Mail: Attn: Financesaur LLC, 8 The Green Suite B, Dover, DE 19901, USA

If you are not satisfied with our response, you have the right to lodge a complaint with the supervisory authority in your jurisdiction.

14. Version History

v1.0 – September 27 2025 – Initial publication.