Privacy Policy

Last updated: June 2026

1. Who we are

FinSavvy ("we", "us", "our") is a UK-based personal finance platform operated at finsavvy.app. We are the data controller for the personal data we collect about you.

Contact: support@finsavvy.app

2. What data we collect

  • Account data: email address and password (hashed) when you sign up
  • Financial profile: monthly income, expenses, savings goal, date of birth — entered by you
  • Financial records: subscriptions, debts, mortgage details, assets and transactions — entered by you or imported via CSV
  • Usage data: pages visited, features used — collected via Google Analytics only if you consent to analytics cookies
  • Payment data: handled entirely by Stripe. We never store card numbers or bank details

3. How we use your data

  • To provide and personalise the FinSavvy service
  • To calculate your financial projections, FIRE date, and debt payoff plans
  • To send transactional emails (account confirmation, plan changes)
  • To process payments via Stripe
  • To improve the product using aggregated, anonymised analytics (only with your consent)

4. Legal basis for processing (UK GDPR)

  • Contract: processing necessary to deliver the service you signed up for
  • Legitimate interests: security monitoring, fraud prevention, product improvement
  • Consent: analytics cookies (Google Analytics) — only after you explicitly accept

5. Cookies

We use two categories of cookies:

  • Essential cookies: required for login sessions and security. These cannot be disabled.
  • Analytics cookies (Google Analytics): help us understand how people use the app. These are only set after you click "Accept All" on our cookie banner.

You can change your cookie preference at any time by clearing your browser's local storage for finsavvy.app.

6. Data sharing

We do not sell your data. We share data only with the following trusted processors:

  • Supabase — database hosting (EU region)
  • Stripe — payment processing
  • Resend — transactional email delivery
  • Anthropic — AI Coach responses (your financial data is sent to Claude to generate answers; it is not used to train models)
  • Google Analytics — usage analytics (only with consent)

7. Data retention

We retain your data for as long as your account is active. If you delete your account, your personal data is deleted within 30 days, except where we are required to retain it for legal or tax purposes.

8. Your rights (UK GDPR)

  • Right to access your data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time (for analytics cookies)

To exercise any of these rights, email support@finsavvy.app. You also have the right to lodge a complaint with the ICO at ico.org.uk.

9. Security

We use industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and Supabase Row Level Security to ensure your data can only be accessed by you.

10. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes by email. Continued use of FinSavvy after changes constitutes acceptance of the updated policy.