Finn

Privacy Policy

Last updated: August 10, 2025

Finn ("we", "us", "our") is a smart financial assistant that automatically protects money for your bills as soon as you get paid. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

Information We Collect

  • Account info: name, email, and communications with support (provided when you sign up or contact us).
  • Financial connections: we use third-party providers (e.g., Plaid) to establish secure, read-only bank connections. We do not receive or store your bank credentials.
  • Payments: we partner with regulated providers (e.g., Dwolla) for money movement. We do not hold your funds; they remain with partner banks. Card/ACH data may be handled by our payment partners.
  • Usage data: device information, app interactions, and diagnostics to improve performance and reliability.

How We Use Information

  • Provide and improve the service, including paycheck detection and bill protection automation.
  • Securely route payments to billers via our partners.
  • Detect fraud and maintain security and compliance (e.g., SOC 2 processes).
  • Communicate updates, security alerts, and important service notices.

Legal Bases (GDPR)

For individuals in the EEA/UK, we rely on the following legal bases:

  • Contract: to provide the service you request.
  • Legitimate interests: to secure and improve the service.
  • Consent: where required (e.g., certain marketing).
  • Legal obligation: to comply with applicable laws.

How We Share Information

  • Service providers and partners (e.g., Plaid, Dwolla) to operate core functionality.
  • Compliance and safety purposes where required by law or to protect our users.
  • We do not sell your personal information.

Security

We use industry-standard security, including AES-256 encryption for data at rest and in transit, least- privilege access controls, logging and monitoring, and regular security reviews. Read-only bank connections are used whenever possible.

Data Retention

We retain information for as long as needed to provide the service and meet legal obligations. You may request deletion where applicable.

Your Rights & Choices

  • Disconnect bank connections at any time from your dashboard (read-only connections are supported).
  • Request access, correction, deletion, portability, or objection to processing. See our Data Request page.
  • Manage marketing preferences via unsubscribe links in emails.

CCPA/CPRA (California)

California residents have rights to know, correct, delete, and opt out of sale or sharing of personal information. We do not sell personal information, but if you wish to opt out of sharing for cross-context behavioral advertising, visit Do Not Sell or Share.

We also honor Global Privacy Control (GPC) signals where detected.

Children’s Privacy

Finn is not directed to children under 13, and we do not knowingly collect their personal information.

Changes to This Policy

We may update this policy from time to time. We will post the updated version with a new “Last updated” date. Material changes may be notified by email or in-app notice.

Contact Us

Questions or requests? Email support@tryfinn.app.