FI-Journey

Privacy Policy

Last Updated: May 25, 2026

1. Information We Collect

We collect information you provide directly to us when you create an account, including your name, email address, and financial data used for simulations.

Operational usage telemetry is also collected automatically to operate the Service, manage capacity, and tune costs. This telemetry is strictly aggregated, contains no message content, and includes only:

Counts of authenticated requests, AI advisor interactions, and simulation runs.
AI token totals (input / output / cached) per model identifier — never the contents of your prompts or replies.
Counts of bank-sync events per product category (transactions, holdings, liabilities).
Session-start counts inferred from inactivity gaps.

Usage telemetry does not contain transaction line items, account values, names, email addresses, or any financial figures — only your user identifier and the numeric counters above.

Use of telemetry. In addition to operating the Service, these aggregated counters are used to enforce the monthly AI fair-use allowance described in our Terms of Service(see "Fair Use & Service Limits"). The counters are never sold, never shared with third parties for advertising, and never used to train external AI models.

2. How We Use Your Information

We use your information to:

Provide, maintain, and improve the Service.
Process payments via our third-party provider, Stripe.
Communicate with you exclusively about your account or the Service.

3. Financial Account Integration

If you subscribe to our paid Pro tier and choose to utilize our budgeting features, we use secure third-party bank connectivity providers to safely connect to your financial institutions. Through these providers, we retrieve transaction data, account balances, and account details strictly for the purpose of providing you with personal budgeting, analytics, and financial simulation tools. We do not sell your transactional or financial data to third parties.

4. Data Security & Encryption

Bank-Level Encryption: We utilize advanced AES-256 Envelope Encryption for all sensitive financial data. This means your data is encrypted with a unique Data Encryption Key (DEK), which is itself encrypted by a secure System Master Key.

Field-Level Protection: Specific sensitive fields—such as your account balances, income, and debt amounts—are encrypted at the application level before they ever touch our database. Because this data is encrypted uniquely to your account, even if our database were compromised, your sensitive financial numbers would remain unreadable ciphertext.

Data Decoupling: Your authentication credentials (password, login tokens) are managed securely by a separate identity provider and are never accessible to our administrators. Your financial profile is stored in a decoupled database, keyed only by a unique user identifier (UID), maximizing privacy and reducing risk.

Multi-Factor Authentication (MFA): You can add a second layer of protection to your account beyond your password. We support two methods—an authenticator app (time-based one-time codes) and email-based verification codes—and you may enable either or both. MFA is required before connecting a bank account* and for other sensitive operations, so a compromised password alone is not enough to access your financial connections.

5. Cookies & Tracking Technology

We use cookies and similar tracking technologies to track the activity on our Service and store certain information.

Essential Cookies: We use cookies provided by our identity provider (Firebase Authentication) to maintain your secure login session.
Payment Cookies: Our payment processor (Stripe) may use cookies to prevent fraud and process transactions securely.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service (e.g., logging in).

6. Data Retention and Deletion

We retain your personal and financial data only for as long as your account is active or as needed to provide you with the Service. You maintain full control over your data:

Disconnecting a financial account at any time through your dashboard immediately severs the connection with our third-party financial providers, stopping any future data collection, and removes every transaction that was imported through that connection.
Raw transaction detail (individual line items: date, amount, merchant, description) is automatically purged 24 months after the original transaction date. Materialized monthly aggregates (income, expense, and category totals used for long-horizon analytics) are retained for the lifetime of your active account.
Operational usage telemetry (the aggregated counters described in §1) is retained for 24 months and then automatically purged. It contains no message content or financial values, and is wiped immediately on account deletion alongside your other data.
Deleting your entire account triggers a complete and irreversible purge of all associated personal and financial data, including any remaining transactions, aggregates, simulations, usage telemetry, and authentication records.

You may request a copy of your data at any time by contacting support.

* Bank Connections are a Pro members only feature.