Privacy Policy

Last updated: February 2026 — Placeholder — pending legal review before public launch

1. Overview

Finito ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, who we share it with, and your rights regarding your information. We handle financial data and take that responsibility seriously.

2. How We Connect to Your Financial Accounts

Finito uses Plaid and other authorized third-party API providers to connect to your financial institutions. Here is exactly what happens:

We never see your bank credentials. When you connect a bank account, you authenticate directly with your bank through Plaid's secure interface. Your username and password are never sent to or stored by Finito.
Plaid provides us with a secure token that grants read-only access to your transaction history, account balances, and account metadata — only for accounts you explicitly authorize.
You can revoke access to any connected account at any time from your Connections settings page. Revoking access removes our ability to fetch new data from that account.
Plaid's own privacy practices are governed by the Plaid Privacy Policy.

3. What Data We Collect

We collect the following categories of data:

Account Information

Your name, email address, and account preferences provided during signup.

Financial Data

Transaction history, account balances, account names, and institution names from accounts you connect. This data is fetched via Plaid and other authorized integrations.

Usage Data

How you interact with the app — pages visited, features used, and session activity. Used to improve the product.

Device & Technical Data

Browser type, IP address, and device information collected automatically when you use the Service.

4. How We Use Your Data

To power your dashboard, budgets, analytics, and financial insights
To send you account-related notifications and alerts you configure
To improve and debug the Service
To comply with legal obligations
To communicate product updates (you can opt out at any time)

We do not sell your personal or financial data to third parties. Ever.

5. Data Storage & Security

Your data is stored securely using Supabase, hosted on AWS infrastructure. We use encryption in transit (TLS) and encryption at rest for all stored financial data. Access to production data is restricted to authorized team members only.

While we implement industry-standard security measures, no system is 100% secure. We encourage you to use a strong, unique password and enable any available account security features.

6. Data Sharing

We share data only in these limited circumstances:

Service providers: Infrastructure and hosting providers (e.g. Supabase, Vercel) that process data on our behalf under confidentiality agreements
Financial integrations: Plaid and other API providers you authorize, solely to retrieve your financial data
Legal requirements: If required by law, court order, or to protect the rights and safety of Finito or its users

7. Your Rights

You have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and associated data
Disconnect any linked financial account at any time
Opt out of non-essential communications

To exercise any of these rights, email us at hello@usefinito.com.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete or anonymize your personal and financial data within 30 days, except where we are required to retain it for legal or compliance reasons.

9. Cookies

We use essential cookies to maintain your session and authentication state. We do not use third-party advertising or tracking cookies.

10. Changes to This Policy

We may update this policy as the product evolves. We will notify you of material changes via email or an in-app notice. The date at the top of this page reflects the most recent update.

11. Contact

Questions or concerns about your privacy? Contact us at hello@usefinito.com or on Twitter.