Privacy Policy

Finilo Subscription Manager (PIPEDA, GDPR, CCPA Compliant)

Finilo Privacy Policy explains how we collect, use, and protect your personal data when you use our subscription management and reminder app. This policy is designed to comply with Canadian privacy law (PIPEDA), as well as GDPR and CCPA requirements.

Effective Date: March 19, 2026

Last Updated: March 19, 2026

Finilo ("Finilo", "we", "our", or "us") is committed to protecting your privacy in accordance with applicable laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA), where applicable.

1. Information We Collect

As a subscription management app, Finilo collects only the information necessary to help you track subscriptions and receive reminders. We collect the following categories of information:

  • Account Information: name, email, authentication data
  • Financial Metadata: subscription names, billing cycles, reminder settings (we do NOT access bank accounts unless explicitly integrated in the future)
  • Usage Data: interactions, feature usage, logs
  • Device & Technical Data: IP address, device type, OS, browser

2. Legal Basis (GDPR)

We process data based on:

  • Contractual necessity (to provide the service)
  • Legitimate interest (product improvement, fraud prevention)
  • Consent (notifications, optional features)

3. How We Use Information

We use your information to operate Finilo as a subscription tracking and reminder service.

  • Provide and operate Finilo
  • Send reminders and notifications
  • Improve features and reliability
  • Provide customer support
  • Detect fraud and abuse

4. Sharing of Information

We do NOT sell personal data.

We may share data with:

  • Cloud providers and infrastructure partners
  • Analytics providers
  • Legal authorities when required by law

5. International Transfers

Your data may be processed outside Canada. We ensure appropriate safeguards (e.g., standard contractual clauses).

6. Data Retention

We retain data only as long as necessary:

  • Active accounts: retained while account is active
  • Deleted accounts: data deleted within a reasonable period unless legally required

7. Your Rights

Depending on your jurisdiction, you may:

  • Access your data
  • Request correction or deletion
  • Withdraw consent
  • Request data portability
  • Opt out of data sale (CCPA – although we do not sell data)

Requests: support@finiloapp.xyz

8. Security

We use industry-standard safeguards including encryption in transit (HTTPS), secure authentication, and access controls. However, no system is completely secure.

9. Data Storage & Architecture

Finilo is a cloud-based application:

  • Backend: Node.js/Express services
  • Database: Secure cloud-hosted databases (e.g., PostgreSQL)
  • Mobile App: React Native (Expo)
  • Web App: Next.js

We do not store banking credentials or directly access financial accounts.

10. Children's Privacy

Finilo is not intended for users under 13 (or 16 in certain jurisdictions).

11. Changes

We may update this policy. Continued use constitutes acceptance.

12. Contact

107-1 Bow Ridge Rd, Cochrane, AB T4C 2J1, Canada

support@finiloapp.xyz

Finilo

Copyright 2026. All Rights Reserved.