Privacy Policy

Simple Money is a product of Simple Money, Inc. (“we,” “us,” or “our”), located at 131 Continental Dr, Suite 305, Newark, DE 19713 US. This Privacy Policy explains how we collect, use, store, and share your information when you use the Simple Money application and website (collectively, the “Service”).

By using the Service, you agree to the practices described in this policy.

1. Information We Collect

We collect the following categories of information:

Account Information: When you create a Simple Money account, we collect your name, email address, and authentication credentials managed through our authentication provider, Supabase Auth.

Financial Data: When you connect a financial account through Plaid, we access the following information with your explicit consent: account name, type, and balances; transaction history including date, amount, merchant, and category. We request read-only access. We cannot initiate transactions, transfers, or payments on your linked accounts.

Usage Data: We collect standard usage information such as device type, browser, IP address, and interactions with the Service to improve functionality and performance.

2. How We Collect Financial Data

We use Plaid Inc. (“Plaid”) to connect to your financial institutions. When you link an account, you authenticate directly with your financial institution through Plaid’s secure interface. Plaid transmits your financial data to us in accordance with Plaid’s own privacy policy, available at https://plaid.com/legal/#end-user-privacy-policy.

We do not see, access, or store your bank login credentials at any point.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Simple Money financial coaching and planning service
• Display your financial accounts, balances, and transactions within the application
• Generate personalized financial insights and recommendations
• Communicate with you about your account and the Service
• Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information or financial data to third parties.

We may share information with the following categories of service providers who process data on our behalf: Plaid (financial data aggregation), Supabase (database hosting and authentication), Vercel (application hosting), PostHog (privacy-focused product analytics), Upstash (rate limiting and security), and Anthropic (AI-powered financial insights and recommendations). These providers are contractually obligated to use your data only to provide their services to us and to maintain appropriate security measures.

We may also disclose information if required by law, regulation, legal process, or governmental request.

5. Data Retention

We retain your financial data only for as long as your account is active and it is necessary to provide the Service. You may request deletion of your data at any time (see Section 8). Upon account deletion or data deletion request, we revoke the associated Plaid access tokens and purge your financial data from our systems within 30 days.

6. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption of all data in transit using TLS 1.2 or higher
• Encryption of data at rest using AES-256
• Role-based access controls and multi-factor authentication on all internal systems
• Row-level database security to isolate user data

No security system is completely impenetrable. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights Under California Law (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of your personal information
• Opt out of the sale of personal information (we do not sell your data)
• Not be discriminated against for exercising your privacy rights

To exercise any of these rights, contact us at the email address listed below.

8. Account Deletion and Data Requests

You may request deletion of your account and all associated data by contacting us at vb@thesimplemoney.com. Upon receiving a verified request, we will:

• Revoke your Plaid access tokens
• Delete your financial data from our database
• Delete your account information

This process will be completed within 30 days.

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

10. Children’s Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or by email. The “Last Updated” date at the top reflects the most recent revision.

12. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of laws principles.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: