Last updated: February 2026
1. Information We Collect
We collect the following types of information:
- Account information: Email address, name, and password (hashed)
- Financial data: Cashflow entries, transactions, and reports you enter into the Service
- Usage data: Pages visited, features used, and error logs for improving the Service
- Technical data: IP address, browser type, and device information for security
2. How We Use Your Information
We use your information to:
- Provide and maintain the Service
- Process billing and subscriptions
- Send important account notifications (password resets, security alerts)
- Improve the Service through aggregated, anonymized analytics
- Detect and prevent fraud or security incidents
3. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS/HTTPS) and at rest
- Bcrypt password hashing with minimum 12 rounds
- JWT-based authentication with HttpOnly secure cookies
- Role-based access control (RBAC) for multi-tenant data isolation
- Regular security audits and vulnerability assessments
4. Data Sharing
We do not sell your personal information. We may share data with:
- Service providers: Stripe (payments), Resend (email), Sentry (error tracking), Render (hosting)
- Legal requirements: When required by law or to protect our rights
5. Data Retention
We retain your data for as long as your account is active. Upon account deletion, we will remove your personal data within 30 days. Some data may be retained in anonymized form for analytics purposes.
6. Your Rights
You have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate data
- Request deletion of your account and data
- Export your financial data in standard formats
7. Cookies
We use essential HttpOnly cookies for authentication. We do not use third-party tracking cookies or advertising cookies.
8. Contact
For privacy-related inquiries, contact us at privacy@smartcash.app.