Privacy Policy

1. Introduction

Brandlino operates FinanceIQ (finance.brandlino.com). This Privacy Policy explains how we collect, use, store, and protect your personal and financial information when you use our service. By using FinanceIQ, you consent to the practices described in this policy.

2. Information We Collect

Account Information: When you register, we collect your full name, email address, and password. Your password is securely hashed and never stored in plain text.

Financial Data: Data you enter into the platform, including income records, expense records, budgets, categories, vendor/client names, transaction descriptions, and receipt images.

Business Information: Business names, currency preferences, and team member associations that you configure within the platform.

Usage Data: We automatically collect login timestamps, IP addresses, and pages visited to maintain security and improve the service.

Payment Information: Subscription payments are processed by Stripe. FinanceIQ does not store your credit card numbers, bank account details, or other payment credentials. Please refer to Stripe's Privacy Policy for details on how Stripe handles your payment data.

3. How We Use Your Information

We use your information to:

• Provide and maintain the FinanceIQ service.
• Process your financial data to generate reports, budgets, and summaries.
• Send essential communications such as email verification, password resets, and team invitations.
• Send service notifications such as budget alerts and recurring transaction reminders.
• Process subscription billing through Stripe.
• Improve the platform based on usage patterns.
• Detect and prevent fraudulent or unauthorized access.

4. Data Security

We take the security of your data seriously and implement the following measures:

• Password Hashing: All passwords are hashed using bcrypt with a high cost factor before storage.
• HTTPS Encryption: All data transmitted between your browser and our servers is encrypted.
• CSRF Protection: All forms are protected against cross-site request forgery attacks.
• Role-Based Access Control: Team members can only access data according to their assigned role (Owner, Accountant, or Viewer).
• Session Security: Sessions are regenerated on login and expire after inactivity.

5. Third-Party Services

FinanceIQ uses the following third-party services:

• Stripe — Payment processing for subscriptions. Stripe Privacy Policy
• Google Fonts — Font delivery (Inter typeface). Google Privacy Policy

We do not sell, rent, or share your personal or financial data with third parties for marketing purposes.

6. Cookies and Sessions

FinanceIQ uses essential cookies only:

• Session Cookie: Maintains your login state and preferences. Expires after your session ends or after a period of inactivity.
• CSRF Token: Protects against cross-site request forgery.

We do not use third-party tracking cookies, advertising cookies, or analytics cookies.

7. Data Retention

• Your account data is retained as long as your account remains active.
• Upon account deletion, your personal data and financial records will be removed within a reasonable period.
• Backup copies may be retained for a limited period for disaster recovery purposes.
• Payment and billing history may be retained as required by applicable tax and financial regulations.

8. Your Rights

You have the following rights regarding your data:

• Access: You can view all your data through the platform's dashboard, reports, and export features.
• Correction: You can update your personal information through your Profile settings.
• Export: You can export your income and expense data in CSV format at any time.
• Deletion: You may request deletion of your account and associated data by contacting support.
• Objection: You may object to certain processing of your data by contacting us.

9. Team and Shared Access

When using the Team feature:

• Business owners can invite team members by email to access shared business data.
• Team members can view financial data according to their assigned role (Owner, Accountant, or Viewer).
• Business owners are notified when team members make changes to shared data.
• Removing a team member immediately revokes their access to the shared business data.

10. Children's Privacy

FinanceIQ is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we discover that a user is under 18, we will take steps to delete their account and data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to your registered address. Continued use of FinanceIQ after updates are published constitutes your acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact us at support@brandlino.com.