Privacy Policy

1. Introduction

Welcome to Paynancer's Privacy Policy. This policy explains how Paynancer Inc. ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you use our website, mobile applications, and services (collectively, the "Service").

At Paynancer, we understand that your financial information is deeply personal and sensitive. We are committed to protecting your privacy and maintaining the security of your data. This Privacy Policy is designed to help you understand:

• What information we collect and why
• How we use and share your information
• How we protect your data
• Your rights and choices regarding your information

By using Paynancer, you agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

When you create an account and use Paynancer, you provide us with information including:

• Account Information: Name, email address, password, and profile picture
• Financial Information: Loan details (balance, APR, lender name), income sources, expenses, budget categories, savings goals, and payment schedules
• Payment Information: Credit card or payment method details (processed securely through our payment processor)
• Account Preferences: Currency, notification settings, debt payoff strategy preferences, and account sharing settings
• Support Communications: Messages, feedback, and support tickets you submit

2.2 Information Collected Automatically

When you access our Service, we automatically collect certain information:

• Device Information: Device type, operating system, browser type, unique device identifiers
• Usage Data: Pages viewed, features used, time spent on pages, click patterns, and navigation paths
• Log Data: IP address, access times, error logs, and service performance data
• Location Data: Approximate location based on IP address (we do not collect precise GPS location)
• Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to enhance your experience and analyze usage patterns

2.3 Information from Third Parties

We may receive information about you from third-party sources:

• Authentication Providers: If you sign up using Google or other OAuth providers, we receive basic profile information
• Payment Processors: Transaction confirmation and payment status information
• Analytics Services: Aggregated usage statistics and behavior insights

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing and Improving Our Service

• Create and manage your account
• Calculate debt payoff timelines and payment schedules
• Track your financial progress and goals
• Provide budget analysis and expense tracking
• Enable account sharing with partners or family members
• Generate reports and visualizations of your financial data
• Improve our algorithms and user interface
• Develop new features and services

3.2 Communications

• Send service-related notifications (payment reminders, goal milestones, account updates)
• Respond to your inquiries and support requests
• Send promotional emails about new features (you can opt out anytime)
• Request feedback and conduct user surveys

3.3 Security and Compliance

• Verify your identity and prevent fraud
• Detect and prevent security threats and abuse
• Monitor compliance with our Terms of Service
• Comply with legal obligations and enforce our rights

3.4 Analytics and Research

• Analyze usage patterns and trends (using aggregated, anonymized data)
• Measure the effectiveness of our features and marketing campaigns
• Conduct research to improve financial planning tools

4. How We Share Your Information

We do not sell your personal information to third parties. We may share your information only in the following circumstances:

4.1 With Your Consent

We share your information when you explicitly authorize us to do so, such as when you invite family members to a shared account.

4.2 Service Providers

We work with trusted third-party service providers who help us operate our business:

• Cloud Hosting: Secure data storage and infrastructure (e.g., AWS, Supabase)
• Payment Processing: Secure payment transactions (e.g., Stripe)
• Analytics: Usage analytics and performance monitoring (e.g., PostHog)
• Customer Support: Help desk and support ticket management
• Email Services: Transactional and marketing email delivery

These service providers are contractually obligated to protect your information and may only use it to provide services on our behalf.

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, including:

• Compliance with court orders, subpoenas, or legal processes
• Protection of our rights, property, or safety
• Prevention of fraud, security threats, or illegal activity
• Cooperation with law enforcement or regulatory authorities

4.4 Business Transfers

If Paynancer is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that does not identify you personally for research, marketing, or analytics purposes. For example, "70% of users prefer the snowball debt payoff method."

5. How We Protect Your Information

We implement industry-standard security measures to protect your personal and financial information:

5.1 Technical Safeguards

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Secure Authentication: Password hashing using industry-standard algorithms
• Access Controls: Role-based access restrictions to limit who can view your data
• Regular Security Audits: Ongoing monitoring and vulnerability assessments
• Firewalls and Intrusion Detection: Network-level protection against attacks

5.2 Organizational Measures

• Limited employee access to personal data (only when necessary for job functions)
• Confidentiality agreements with all employees and contractors
• Regular security training for staff
• Incident response plan for data breaches

5.3 Your Responsibility

While we implement strong security measures, no system is 100% secure. You play an important role in protecting your account:

• Use a strong, unique password for your Paynancer account
• Enable two-factor authentication when available
• Do not share your password with others
• Log out when using shared or public devices
• Report any suspicious activity immediately

If we become aware of a data breach that affects your personal information, we will notify you promptly in accordance with applicable laws.

6. Data Retention

We retain your personal information only as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

• Active Accounts: We retain your data while your account is active
• Deleted Accounts: When you delete your account, we remove your personal data within 30 days, except where we are required to retain it for legal or regulatory reasons
• Legal Requirements: Some data may be retained longer to comply with tax, accounting, or legal obligations
• Backup Systems: Data in backup systems may persist for up to 90 days before permanent deletion

After the retention period, we securely delete or anonymize your information so it can no longer be associated with you.

7. Your Privacy Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

You can access, review, and export your personal data at any time through your account settings. If you need assistance, contact us at privacy@paynancer.com.

7.2 Correction and Updates

You can update or correct your account information directly in your profile settings. If you need help updating your information, contact our support team.

7.3 Deletion

You can delete your account at any time from your account settings. Upon deletion, we will remove your personal data within 30 days, subject to legal retention requirements. Note that deleting your account is permanent and cannot be undone.

7.4 Marketing Communications

You can opt out of promotional emails by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your notification preferences in account settings
• Contacting us at support@paynancer.com

Note: Even if you opt out of marketing emails, we will still send essential service-related notifications (e.g., security alerts, billing updates).

7.5 Cookies and Tracking

You can control cookies through your browser settings. Most browsers allow you to:

• Block all cookies
• Accept only first-party cookies
• Delete existing cookies
• Receive notifications when cookies are set

Note: Disabling cookies may affect the functionality of certain features on Paynancer.

7.6 Additional Rights (Depending on Location)

Depending on your location, you may have additional privacy rights:

• EU/EEA (GDPR): Right to object, restrict processing, data portability, and lodge complaints with supervisory authorities
• California (CCPA/CPRA): Right to know, delete, opt-out of sale (we don't sell data), and non-discrimination
• Other Jurisdictions: Contact us to learn about rights specific to your location

To exercise any of these rights, contact us at privacy@paynancer.com. We will respond within 30 days.

8. Children's Privacy

Paynancer is not intended for use by individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us immediately at privacy@paynancer.com.

9. International Data Transfers

Paynancer is based in the United States, and your information may be processed and stored on servers located in the U.S. or other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.

When we transfer data internationally, we implement appropriate safeguards to protect your information, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognized by regulatory authorities
• Other legally recognized transfer mechanisms

By using Paynancer, you consent to the transfer of your information to countries outside your country of residence.

10. Third-Party Services and Links

Our Service may contain links to third-party websites, services, or resources. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information to them.

Examples of third-party services we may link to or integrate with:

• Financial institutions or lenders
• Educational content and articles
• Social media platforms
• Payment processors

11. Analytics and Advertising

11.1 Analytics Services

We use analytics services (such as PostHog) to understand how users interact with our Service. These services collect information about your usage patterns, which helps us improve our platform. Analytics data is typically aggregated and anonymized.

11.2 Do Not Track

Some browsers have a "Do Not Track" (DNT) feature that signals websites you visit that you do not want to be tracked. We currently do not respond to DNT signals, as there is no industry standard for how to interpret them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through a prominent notice on our Service
• Request your consent if required by law

We encourage you to review this Privacy Policy periodically. Your continued use of Paynancer after changes become effective constitutes acceptance of the updated policy.