Privacy Policy

1. Introduction

Welcome to Rafin ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web service (collectively, the "Service").

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and password when you create an account
• Profile Information: Profile picture, display name, and preferences
• Financial Data: Expense records, group information, and budget categories you create
• Payment Information: When you subscribe to premium features, payment is processed by Stripe. We do not store your credit card details.

2.2 Information from Third-Party Services

• Bank Account Data (Ultimate tier): If you choose to connect your bank accounts via Plaid, we receive account balances, transaction history, and account identifiers. We never have access to your bank login credentials.
• Authentication Providers: If you sign in with Google or Apple, we receive your email and basic profile information.

2.3 Automatically Collected Information

• Device Information: Device type, operating system, and app version
• Usage Data: Features used, pages visited, and interaction patterns
• Analytics: We use PostHog to understand how users interact with our Service

3. How We Use Your Information

We use the collected information to:

• Provide, maintain, and improve our Service
• Process transactions and manage your subscriptions
• Send you service-related notifications
• Detect and prevent fraud or abuse
• Analyze usage patterns to improve user experience
• Provide customer support
• Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party companies that help us operate our Service (e.g., Supabase for database, Plaid for bank connections, Stripe for payments)
• Group Members: When you join expense groups, other members can see your shared expenses and balances
• Legal Requirements: When required by law or to protect our rights

5. Data Security

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS/SSL
• Data is encrypted at rest in our databases
• Bank credentials are never stored on our servers (handled by Plaid)
• Regular security audits and monitoring
• Access controls and authentication requirements

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except for data we are required to retain for legal or legitimate business purposes.

7. Your Rights

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your data
• Export your data
• Opt out of marketing communications
• Withdraw consent where applicable

To exercise these rights, please contact us at privacy@rafin.app or use the account settings in the app.

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with applicable laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

• Email: privacy@rafin.app
• Website: https://rafin.app