FinTrix
PT EN

fintrix.app

Personal finance hub

Sign in Sign up
Privacy Policy - FinTrix

Privacy Policy (GDPR Compliant)

Last Updated: December 8, 2025

FinTrix ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

FinTrix
Email: [email protected]
We are the data controller responsible for your personal data.

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, password (encrypted)
  • Financial Data: Bank account names, transaction descriptions, amounts, dates (no actual bank credentials)
  • Payment Information: Processed through PayPal (we do not store credit card details)
  • Communication Data: Messages sent to our AI assistant, support tickets

2.2 Automatically Collected Information

  • Usage Data: IP address, browser type, device information, access times
  • Cookies: Session cookies, preference cookies (language selection)

3. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract Performance: To provide the Service you subscribed to
  • Legitimate Interest: To improve our Service and prevent fraud
  • Consent: When you voluntarily provide additional information
  • Legal Obligation: To comply with tax and financial regulations

4. How We Use Your Information

  • Provide, operate, and maintain the Service
  • Process your financial tracking data via AI
  • Process payments and prevent fraud
  • Send service-related communications (transaction confirmations, updates)
  • Improve our Service through analytics
  • Comply with legal obligations

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share data with:

  • PayPal: For payment processing (subject to PayPal's Privacy Policy)
  • OpenRouter/AI Providers: Anonymized financial data for AI processing
  • Cloud Hosting: Secure servers for data storage
  • Legal Authorities: When required by law or to protect our rights

6. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Privacy Shield frameworks (where applicable)

7. Data Retention

  • Active Accounts: We retain your data while your account is active
  • Deleted Accounts: Data is deleted within 30 days of account closure
  • Legal Requirements: Some data may be retained longer to comply with tax/legal obligations (up to 7 years)

8. Your GDPR Rights

As an EU resident, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure ("Right to be Forgotten"): Request deletion of your data
  • Restriction: Limit how we process your data
  • Data Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Lodge a Complaint: File a complaint with your local data protection authority

To exercise your rights, contact us at: [email protected]

9. Data Security

We implement industry-standard security measures:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest (AES-256)
  • Password hashing (Argon2ID)
  • Two-Factor Authentication (2FA) option
  • Regular security audits and updates
  • Access controls and monitoring

10. Cookies and Tracking

Essential Cookies: Required for authentication and security (cannot be disabled)

Preference Cookies: Language selection (1-year expiration)

You can control cookies through your browser settings.

11. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect data from children. If we learn we have collected data from a child, we will delete it immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on our Service.

13. Contact Us

For privacy-related questions or to exercise your rights:

Email: [email protected]
Data Protection Officer: [email protected]

14. Supervisory Authority

If you are in the EU and have concerns about our data practices, you may contact your local data protection authority:

European Data Protection Board - Member List

Back to Home