Privacy Policy

Account Information: When you create an account, we collect your name and email address through our OAuth authentication provider (Manus). We do not store passwords directly.

Financial Data You Enter: We collect financial information you manually enter into the application, including account balances, income amounts, budget categories, bill details, debt balances, credit limits, and savings account information.

Financial Data via Plaid: If you choose to connect your bank or credit card accounts using Plaid, we receive financial data from your financial institutions through Plaid's API. This may include account balances, transaction history, account numbers (masked), credit limits, APR, minimum payment amounts, and payment due dates. You explicitly authorize each connection through Plaid's secure Link flow.

Usage Data: We collect standard server logs including IP addresses, browser type, pages visited, and timestamps for security and performance monitoring purposes.

We use your information solely to provide the D.A.I.O. HomeFinance service, including:

• Displaying your financial accounts, balances, and transaction history
• Generating budget tracking, spending analysis, and financial reports
• Providing AI-powered financial insights and recommendations
• Sending bill payment reminders and budget alerts to household members
• Calculating debt paydown strategies and savings projections
• Tracking credit utilization across household accounts

We do not sell, rent, or share your personal or financial data with third parties for marketing or advertising purposes.

D.A.I.O. HomeFinance uses Plaid Technologies, Inc. to connect your financial accounts. When you use Plaid Link:

• You explicitly authorize each bank or credit card connection through Plaid's secure interface
• Your bank login credentials are entered directly into Plaid's interface and are never seen or stored by D.A.I.O. HomeFinance
• Plaid provides us with an access token to retrieve your financial data on your behalf
• This access token is stored as an encrypted environment secret and is never exposed in the application's client-side code
• You can revoke any Plaid connection at any time from within the application

Plaid's own privacy practices are governed by the Plaid Privacy Policy.

Your data is stored on a managed cloud database hosted on the Manus platform. We implement the following security measures:

• All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS)
• All data stored in our database is encrypted at rest using volume-level encryption
• API credentials, including Plaid access tokens, are stored as encrypted environment secrets and never hardcoded in application code
• Access to production systems requires authenticated access through our managed platform with multi-factor authentication
• The production database is not publicly accessible and can only be reached through our application server

While we implement industry-standard security practices, no system is completely immune to security risks. We encourage you to use a strong, unique password for your account and to notify us immediately if you suspect unauthorized access.

Retention Period: We retain your financial data for as long as your account is active. Transaction history, budget records, and financial reports are retained to provide historical analysis and year-over-year comparisons.

Account Deletion: You may request deletion of your account and all associated data at any time by contacting us at [email protected]. Upon receiving a verified deletion request, we will permanently delete your account and all associated financial data within 30 days.

Plaid Connection Revocation: You can disconnect any linked financial account at any time from within the application. Disconnecting an account removes the Plaid access token from our system and terminates our ability to retrieve new data from that institution.

Inactive Accounts: Accounts that have been inactive for 24 consecutive months may be subject to deletion after 30 days' notice sent to the registered email address.

You have the right to:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate personal data
• Deletion — Request deletion of your account and all associated data
• Portability — Request an export of your financial data in a machine-readable format
• Objection — Object to certain processing of your data

To exercise any of these rights, contact us at [email protected]. We will respond to all verified requests within 30 days.

We use the following third-party services to operate D.A.I.O. HomeFinance: