Nestyfi Privacy Policy

1. Our Commitment to Your Privacy

At nestyfi, we understand that your financial data is deeply personal and sensitive. We are committed to protecting your privacy and being transparent about how we handle your information. We do not sell your personal or financial data to anyone, ever.

2. Information We Collect

• Account Information: When you create an account, we collect your name, email address, and authentication credentials (stored securely).
• Financial Data via Plaid: When you connect your financial accounts, we use Plaid to securely access your transaction history, account balances, account names, and account types. We do not have access to your banking credentials.
• Usage Data: We collect information about how you interact with the app, including features used, time spent, and app performance metrics to improve your experience.
• Device Information: We collect device type, iOS version, app version, and unique device identifiers for app functionality and troubleshooting.
• AI Insights Data: We process your financial data using AI to provide personalized insights, spending patterns, and financial recommendations. This processing happens on secure servers with your data encrypted.

3. How We Use Your Information

• Provide Financial Tracking: Display your transactions, balances, and financial overview across all connected accounts
• Generate AI Insights: Analyze spending patterns, create budgets, identify trends, and provide personalized financial recommendations
• Send Notifications: Alert you about important financial events, unusual spending, or goal progress (if you've enabled notifications)
• Improve Our Service: Enhance app features, fix bugs, and develop new functionalities based on aggregated usage patterns
• Customer Support: Assist you with any questions or issues you may have
• Security and Fraud Prevention: Protect your account and detect unauthorized access

4. How We Work with Plaid

• Plaid is our trusted partner for securely connecting to your financial institutions. Here's what you should know:
• • Plaid acts as a secure intermediary between nestyfi and your bank
• • We never see or store your banking username or password
• • Plaid uses bank-level encryption to protect your credentials
• • You can revoke nestyfi's access to your financial accounts at any time through the app
• • Plaid's privacy policy governs their data practices: https://plaid.com/legal

5. AI and Your Financial Data

• Our AI features are designed to help you understand and improve your financial health:
• • AI processing occurs on secure servers with encrypted data
• • We use machine learning to identify spending patterns and provide insights
• • AI models are trained on aggregated, anonymized data
• • Your individual financial data is never used to train models for other users
• • AI-generated insights are personalized to your financial situation

6. Data Security

• We implement industry-standard security measures to protect your financial data:
• • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• • Authentication: Secure login with support for biometric authentication (Face ID/Touch ID)
• • Infrastructure: Hosted on secure, SOC 2 compliant servers
• • Access Controls: Strict internal access controls and regular security audits
• • Monitoring: 24/7 monitoring for suspicious activities and potential breaches

7. Data Sharing and Third Parties

• We are extremely selective about sharing your data:
• • Service Providers: We share limited data with essential service providers (Plaid for bank connections, cloud infrastructure providers) under strict confidentiality agreements
• • Legal Requirements: We may disclose data if legally required by law enforcement or court order
• • Business Transfers: In the event of a merger or acquisition, your data would be transferred with the same privacy protections
• • With Your Consent: We will only share your data with other parties if you explicitly authorize it
• • Never for Marketing: We do not and will never sell, rent, or share your data for marketing purposes

8. Data Retention

• • Active Accounts: We retain your financial data as long as your account is active to provide historical insights and trends
• • Deleted Accounts: If you delete your account, we remove your personal and financial data within 30 days, except where legally required to retain it
• • Disconnected Accounts: If you disconnect a financial account, we retain the historical data unless you request deletion

9. Your Rights and Choices

• You have control over your data:
• • Access: Request a copy of all data we have about you
• • Correction: Update or correct any inaccurate information
• • Deletion: Request deletion of your account and associated data
• • Portability: Export your financial data in a standard format
• • Opt-out: Disable specific features like AI insights while keeping basic functionality
• • Revoke Access: Disconnect financial accounts at any time
• To exercise any of these rights, contact us at support@nestyfi.com

10. Location and International Users

nestyfi is currently designed for users in the United States. Your data is processed and stored in secure facilities in the United States. If you're accessing nestyfi from outside the US, please be aware that your data will be transferred to and processed in the United States.

11. Children's Privacy

nestyfi is not intended for users under 18 years old. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a minor, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy as we add new features or requirements change. We'll notify you of significant changes through the app or email. The "Effective Date" at the top shows when this policy was last updated.