1. Introduction

Welcome to TheFinWay ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.

2. Information We Collect

2.1 Personal Information

• Email address (for authentication and account recovery)
• Password (stored encrypted using industry-standard hashing)

2.2 Financial Information

• Income data (salary, business income)
• Expense information
• Asset details and valuations
• Investment goals and retirement planning data
• Custom financial goals

2.3 AI Insights Data

• Chat conversations with AI Insights assistant (stored temporarily for context)
• Financial queries and guidance requests

2.4 Usage Data

• Analytics data via Google Analytics (anonymized)
• App interaction patterns
• Device information (for biometric authentication)

3. How We Protect Your Data

3.1 Encryption

3.2 Access Control

• Multi-factor authentication options
• Biometric authentication (fingerprint/Face ID) - optional
• Session management with automatic timeout
• No third-party access to your financial data

4. How We Use Your Information

Your data is used exclusively to:

• Provide financial planning calculations and projections
• Display your personalized financial dashboard
• Generate retirement planning recommendations
• Track progress towards your financial goals
• Provide AI Insights for personalized financial guidance (processed via secure API)
• Improve our services through anonymized usage analytics

5. Biometric Data

6. Data Sharing and Disclosure

We do NOT sell, trade, or share your personal or financial information with third parties, except:

• Service Providers: Neon (database hosting), Vercel (app hosting), Groq (AI Insights processing) - all under strict data protection agreements
• Analytics: Google Analytics (anonymized usage data only, no financial information)
• Legal Requirements: If required by law or to protect our legal rights

7. Data Retention

We retain your data as long as your account is active or as needed to provide services. You can request data deletion at any time.

8. Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct your information
• Deletion: Request complete deletion of your account and data
• Export: Download your data in a portable format
• Opt-out: Disable analytics or biometric features

9. Cookies and Tracking

We use:

• Essential Cookies: For authentication and session management
• Analytics Cookies: Google Analytics for usage statistics (can be disabled)
• No Advertising Cookies: We do not use cookies for advertising

10. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect data from children.

11. International Data Transfers

Your data is stored on secure servers located in Singapore (Neon database) and globally distributed via Vercel's CDN. All transfers comply with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via email or in-app notification.

13. Contact Us

For privacy-related questions, concerns, or data deletion requests, please contact us through the support information provided in the app store listing.