Finn

Privacy Policy

Last updated: October 27, 2025

Finn ("we", "us", "our") is a smart financial assistant that automatically protects money for your bills as soon as you get paid. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

Information We Collect

  • Account info: name, email, and communications with support (provided when you sign up or contact us).
  • Financial connections: we use third-party providers (e.g., Plaid) to establish secure, read-only bank connections. We do not receive or store your bank credentials.
  • Payments: we partner with regulated providers (e.g., Dwolla) for money movement. We do not hold your funds; they remain with partner banks. Card/ACH data may be handled by our payment partners.
  • Usage data: device information, app interactions, and diagnostics to improve performance and reliability.

Information from Third Parties

When you connect your financial account, we receive account and transaction data from our third-party providers (such as Plaid or Stripe Financial Connections) with your permission. This may include account balances, deposit history, and transaction descriptions, which we use solely to provide Finn's features (e.g., paycheck detection, bill automation).

How We Use Information

  • Provide and improve the service, including paycheck detection and bill protection automation.
  • Securely route payments to billers via our partners.
  • Detect fraud and maintain security and compliance (e.g., SOC 2 processes).
  • Communicate updates, security alerts, and important service notices.

Legal Bases (GDPR)

For individuals in the EEA/UK, we rely on the following legal bases:

  • Contract: to provide the service you request.
  • Legitimate interests: to secure and improve the service.
  • Consent: where required (e.g., certain marketing).
  • Legal obligation: to comply with applicable laws.

How We Share Information

Finn acts as the data controller for user account information and as a data processor when processing data on behalf of partners or payment networks.

  • Service providers and partners (e.g., Plaid, Dwolla) to operate core functionality.
  • Compliance and safety purposes where required by law or to protect our users.
  • We do not sell your personal information.

Partner-Specific Disclosures

When you link a financial account, the connection and associated data sharing are governed by the partner's terms and privacy policy (e.g., Plaid's Privacy Policy and Stripe's Financial Connections Terms).

Security

We use industry-standard security, including AES-256 encryption for data at rest and in transit, least- privilege access controls, logging and monitoring, and regular security reviews. Read-only bank connections are used whenever possible.

Data Storage & Location

We store and process information in the United States using secure cloud providers (e.g., AWS). Where required, data may be transferred internationally under standard contractual clauses or equivalent safeguards.

Data Retention

We retain information for as long as needed to provide the service and meet legal obligations. You may request deletion where applicable.

Cookies & Analytics

We use cookies and analytics tools (such as Google Analytics) to understand aggregate usage patterns. You can disable cookies in your browser settings.

Your Rights & Choices

  • Disconnect bank connections at any time from your dashboard (read-only connections are supported).
  • Request access, correction, deletion, portability, or objection to processing. See our Data Request page.
  • Manage marketing preferences via unsubscribe links in emails.

CCPA/CPRA (California)

California residents have rights to know, correct, delete, and opt out of sale or sharing of personal information. We do not sell personal information, but if you wish to opt out of sharing for cross-context behavioral advertising, visit Do Not Sell or Share.

We also honor Global Privacy Control (GPC) signals where detected.

Children’s Privacy

Finn is not directed to children under 13, and we do not knowingly collect their personal information.

Changes to This Policy

We may update this policy from time to time. We will post the updated version with a new “Last updated” date. Material changes may be notified by email or in-app notice.

Contact Us

For privacy-related inquiries, contact privacy@tryfinn.app or email support@tryfinn.app.