Privacy Policy

Effective date: [DATE] · Last updated: [DATE]

Draft for review. This is a starting template that reflects how FortuniFi is built to operate. Have it reviewed by a licensed attorney and complete every [BRACKETED] field before you publish or accept real users — especially given financial-data and GLBA obligations.

This policy explains what information FortuniFi (“FortuniFi,” “we,” “us”), operated by [LEGAL ENTITY NAME], collects, how we use it, and the choices you have. By using FortuniFi you agree to this policy.

Information we collect

Account information — your email address and a password. Passwords are stored only as salted, hashed values; we never keep them in plain text.
Budget information you enter — income, bills, debts, savings goals, and similar figures you choose to type in so we can build your plan.
Bank account data (optional) — if you connect a bank through our provider Plaid, we receive account balances and transactions to keep your plan current. Connecting a bank is optional; the app works fully without it.
Payment information — handled entirely by Stripe. We never see or store your full card number; we keep only a customer reference and your subscription status.
Technical data — basic information needed to operate and secure the service, such as a session token stored in your browser to keep you signed in.

How we use your information

To build and update your monthly plan and show your progress.
To create and secure your account and process subscriptions.
To provide support and respond to your messages.
To protect against fraud, abuse, and security threats.

How we protect it

Sensitive fields are encrypted at rest, traffic is protected in transit with TLS, and access is limited and logged. No system is perfectly secure, and we don’t claim otherwise — but we hold as little sensitive data as possible and make what we hold unreadable without isolated keys. You can also sign out of all other devices from your account page.

How we share it — and what we never do

We share information only with the service providers that make FortuniFi work: Stripe (payments), Plaid (bank connections, only if you connect one), and our infrastructure provider Cloudflare (secure hosting and storage). We may disclose information if required by law.

We do not sell your personal information, and we do not show ads. You are our customer, not our product.

Financial data and GLBA

Because FortuniFi can handle consumer financial information, certain obligations (for example, under the Gramm-Leach-Bliley Act) may apply. [Confirm applicability and required disclosures with counsel and complete this section.]

Cookies and local storage

We use a small amount of browser storage to keep you signed in and remember basic preferences. We do not use third-party advertising or cross-site tracking cookies.

Data retention and your choices

We keep your information while your account is active. You may request to access, correct, export, or delete your data by emailing us at the address below. We will respond within the time required by applicable law.

Children

FortuniFi is intended for adults and is not directed to children under [13/16/18 — confirm]. We do not knowingly collect information from them.

Changes to this policy

We may update this policy from time to time. We will post the new effective date here and, for material changes, take reasonable steps to notify you.

Contact us

Questions about your privacy? Email [email protected] or write to [MAILING ADDRESS].