-
Introduction
We respect your privacy. This policy explains what data we collect when you use 401 FinBalance, why, and how it is processed and protected.
-
Data Controller
List your legal business name, address, and contact details (e.g., DPO).
-
Data We Collect
-
Account Data: Name, email, password.
-
Financial Data: Linked bank accounts, transaction history.
-
Usage Data: App analytics, device type, session duration.
-
Support Data: Messages you send to support.
-
Legal Basis for Processing
- Performance of a contract—you need data to deliver services.
- Consent—for optional features (e.g. notifications).
- Legitimate interests—for security and analytics.
-
How We Use Data
- Provide and maintain services.
- Improve features.
- Prevent fraud and ensure security.
- Communicate updates and support messages.
- Comply with legal requirements.
-
Data Sharing & Transfers
-
With Service Providers: Hosting, analytics, email.
-
Legal Obligations: Government, regulators.
-
In Case of Merger/Acquisition: With notice to users.
International Transfers
If data is transferred outside the EU/EEA, we ensure adequate safeguards (e.g. standard contractual clauses).
-
Data Security
We implement encryption, secure infrastructure, access controls, and regular audits.
-
Data Retention
We retain personal data as long as necessary to provide services or comply with legal obligations—typically up to 7 years.
-
Your Rights
Under GDPR you have rights to:
- Access, rectify, erase, restrict processing.
- Data portability.
- Object to processing.
- Withdraw consent.
You can exercise these by contacting us at [DPO email].
-
Automated Decision-Making
We do not use purely automated decision-making that significantly affects you.
-
Children's Privacy
Our services are not directed to individuals under 18. We do not knowingly collect data from minors.
-
Amendments to Policy
We may update this policy. You will be notified of major changes. Effective date will be clearly stated.