Privacy Policy
FundFlow Group Pty Ltd ABN 36 694 667 386 Last Updated: 29 June 2026
1. Introduction
FundFlow Group Pty Ltd ("FundFlow", "we", "us", or "our") operates the FundFlow mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the App.
FundFlow is a personal finance application that helps you organize your spending through customizable category trees and multi-currency support. We connect to your bank accounts through a trusted third-party aggregator (Plaid) to retrieve your financial data, and we use artificial intelligence to help categorize your spending and generate insights.
Where we operate. The App is offered to users in the United States and Canada. FundFlow Group Pty Ltd is an Australian company; our team operates from Australia and may access your information to provide and support the service (see Section 10, International Data Transfers).
By using FundFlow, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use the App.
2. Information We Collect
2.1 Account Information
When you create a FundFlow account, we collect:
- Email address
- Password (securely hashed; we never store plaintext passwords), or the identity information you authorize when you sign in with Google or Apple (email, name, and a provider account identifier)
- Name
- Date of birth (used to confirm eligibility and as an input to spending categorization)
- Base currency and timezone preferences
2.2 Onboarding Profile
During onboarding you may answer a short questionnaire so we can tailor the experience. We store:
- Why you're using FundFlow (a single-select answer, e.g. "I'm spending more than I'd like")
- How your income arrives (e.g. steady, casual, mixed, freelance)
- Your notification permission choice
These are self-reported preferences. The questionnaire uses fixed choices; we do not collect free-text financial disclosures here.
2.3 Financial Data
When you connect a bank account through Plaid, we receive and store:
- Account names, types, and masked account numbers
- Account balances and balance history
- Transaction details including amounts, dates, descriptions (including the raw transaction descriptor from your bank), merchant names, categories, and locations (where available)
- Bank connection metadata (connection status, last sync time)
We also store information you create in the App: your category tree, vendor rules, categorization choices, and detected recurring-payment patterns.
Important: Your bank login credentials are never stored on or transmitted through FundFlow's servers. All credential handling occurs directly within Plaid's secure environment. We store an access token that lets us retrieve your data; that token is encrypted at rest (see Section 7).
2.4 Subscription Data
FundFlow is a paid app. Payments are processed by Apple through in-app purchase. FundFlow never receives or stores your card or payment-method details. We store your subscription and trial status and a subscription-provider customer identifier so we can give you access to paid features (see Section 6).
2.5 AI-Generated Data
We store the insights and summaries that our AI features generate about your finances (for example, your Weekly Review documents and suggested categories), together with the financial summary used to produce them. See Section 5 for how AI is used.
2.6 Usage and Analytics Data
We collect information about how you use the App:
- Features accessed and actions taken
- App performance data
- Device type and operating system
- Session duration and frequency of use
- Push notification token: if you enable notifications, we register and store your device's push notification token (delivered via Expo) so we can send the notifications you have opted into.
2.7 Technical Data
We automatically collect (in production and staging builds only):
- Error reports and crash data
- App version and configuration
- General device information
2.8 Information We Do NOT Collect
- Device contacts, photos, or files
- Precise location data
- Biometric data (Face ID/Touch ID is processed entirely on your device; biometric data is never transmitted to FundFlow)
- Social media profiles
3. How We Collect Information
3.1 Directly From You
- When you register, sign in, or update your profile or preferences
- When you answer onboarding questions
- When you contact us for support
3.2 From Plaid (Bank Aggregation)
When you connect a bank account, we receive your financial data through Plaid, a regulated financial-data aggregator serving the United States and Canada. Plaid connects directly to your financial institution using industry-standard security. Your bank credentials are handled exclusively by Plaid and are never accessible to FundFlow. Plaid's handling of your data is governed by Plaid's own privacy policy: https://plaid.com/legal/.
3.3 From Our AI Providers' Processing
To power categorization and insights, we send portions of your financial data to AI providers for processing and receive the results. See Section 5.
3.4 Automatically
- Product analytics via PostHog
- Error and crash reports via Sentry (production/staging only)
- Subscription status via our payment and subscription providers (Apple, RevenueCat)
4. Bank Connections
4.1 How Bank Connections Work
FundFlow uses Plaid, a licensed, regulated bank aggregator, to securely connect to your financial institutions. When you link an account:
- You are redirected to Plaid's secure interface
- You enter your bank credentials directly with Plaid
- Plaid establishes a secure connection with your bank
- We receive only your financial data, never your login credentials
Plaid is a leading financial data aggregator with SOC 2 Type 2 and ISO 27001 certifications. Privacy Policy: https://plaid.com/legal/.
4.2 Managing Bank Connections
You can disconnect any bank connection at any time through the App. When you disconnect:
- We stop syncing new data from that institution
- The Plaid connection is revoked
- Historical data may be retained unless you request deletion (see Section 8)
5. How We Use Your Information, Including Artificial Intelligence
5.1 Provide and Improve the Service
We use your information to display your accounts and transactions, sync your financial data, categorize your spending, generate insights and reviews, and improve the App.
5.2 How We Use AI
FundFlow uses third-party AI ("large language model") providers to help with several features:
- Spending categorization: suggesting categories for your transactions and vendors
- Onboarding: generating an example category structure
- Weekly Review / insights: producing a plain-language summary of your spending
- Recurring-payment detection: identifying subscriptions and recurring bills
To do this, we send only the information needed to produce the result, which may include: merchant and vendor names, transaction amounts and dates, the transaction descriptors from your bank, the city associated with a transaction (where your bank provides it), your category names, your prior categorization choices, and your country, base currency, and age. We do not send your name, email address, full account numbers, bank credentials, or access tokens, and we limit what we send so that you are not directly identifiable from it.
Our AI providers are:
- Anthropic (primary)
- OpenAI (fallback, used for categorization and onboarding if Anthropic is temporarily unavailable)
Our AI providers process this data to return a result to us; under our commercial API agreements with them, your data is not used to train their models. Some of the AI-generated results, and the financial summary used to create them, are stored in your FundFlow account so the features work and so you can revisit past insights.
We do not use AI to make automated decisions that produce legal or similarly significant effects about you (for example, AI is not used to approve or deny credit).
5.3 Communicate With You
- Send service-related notifications
- Deliver push notifications you have enabled (for example, your Weekly Review)
- Respond to support requests
- Send marketing communications (only with your opt-in consent)
5.4 Ensure Security and Compliance
- Detect and prevent fraud
- Maintain the security of our systems
- Comply with legal obligations
5.5 Analytics and Research
- Understand how users interact with the App
- Identify areas for improvement
- Conduct aggregated, de-identified analysis
6. Subscriptions and Payments
FundFlow is offered on a paid subscription basis, typically following a free trial. Billing is handled entirely through Apple's in-app purchase system, subject to your agreement with Apple. FundFlow does not collect, receive, or store your payment card or banking details for subscriptions.
To manage entitlements, we use:
- RevenueCat: subscription/entitlement management. We provide RevenueCat with your FundFlow account identifier; RevenueCat receives your purchase and subscription status from Apple.
We store your trial and subscription status and a subscription-provider customer identifier in your FundFlow account so we can grant access to paid features.
7. Data Security
We implement industry-standard security measures to protect your data:
7.1 Encryption
- All data transmitted between your device and our servers uses TLS/HTTPS encryption
- Bank connection access tokens are encrypted at rest using authenticated AES-256-GCM encryption
- Passwords are securely hashed (never stored in plaintext)
7.2 Access Controls
- Row-Level Security (RLS) ensures users can only access their own data
- Database access is restricted and audited
- Personnel access to production data is limited and logged
7.3 Secure Storage on Your Device
- Session tokens are stored using platform-native secure storage (iOS Keychain, Android Keystore)
- Sensitive data is never stored in plaintext on your device
7.4 Infrastructure Security
- Our database is hosted on Supabase with enterprise-grade security
- Regular security updates and patches are applied
- We conduct periodic security reviews
8. Data Retention and Deletion
8.1 Active Accounts
We retain your data for as long as your account is active and as needed to provide our services.
8.2 Account Deletion
You can delete your account through the App or by contacting us. When you delete your account:
- Your personal data is deleted from our systems, including your transactions, insights, and AI-generated content, generally within 30 days
- We instruct our service providers to delete associated data; some providers retain data for a limited period under their own retention schedules and backup policies
- We may retain de-identified, aggregated data, and we may retain certain records where required by law (see Section 8.4)
8.3 Inactive Accounts
We may delete accounts that have been inactive for an extended period after providing notice.
8.4 Legal and Financial-Records Requirements
We may retain certain information longer where required by law or for legitimate business purposes such as fraud prevention, dispute resolution, and financial-records obligations.
9. Data Sharing and Disclosure
9.1 Service Providers (Sub-Processors)
We share data with trusted service providers who help us operate the App:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database and authentication | All account and financial data |
| Plaid | Bank connections | User identifiers, financial data |
| Anthropic | AI categorization and insights (primary) | Financial content as described in Section 5 |
| OpenAI | AI categorization and onboarding (fallback) | Financial content as described in Section 5 |
| PostHog | Product analytics | Usage data, account identifier |
| Sentry | Error and crash monitoring | Error data and stack traces (no intentional personal data) |
| RevenueCat | Subscription management | Account identifier, subscription/purchase status |
| Apple | In-app purchase / payment processing | Payment and purchase data (handled by Apple) |
| Railway | Backend application hosting | All data in transit/processing |
| Expo (EAS) | Mobile app builds and updates; push notification delivery | App update delivery data; push notification token and message content |
| Google / Apple | Sign-in (if you use social login) | Email, name, account identifier |
9.2 Legal Requirements
We may disclose your information if required by law, court order, or government request, or to comply with legal obligations, protect our rights or property, prevent fraud or illegal activity, or protect the safety of users or the public.
9.3 Business Transfers
If FundFlow is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
9.4 What We Do NOT Do
- We do NOT sell your personal information
- We do NOT share your personal information for cross-context behavioral advertising
- We do NOT share your financial data for advertising purposes
- We do NOT allow third parties to use your data for their own marketing
10. International Data Transfers
FundFlow primarily stores and processes the personal information of US and Canadian users on infrastructure located in the United States / North America. Some of our service providers process data in other locations. For example, error-monitoring (Sentry) processing occurs in the European Union (Germany). In addition, because FundFlow Group Pty Ltd is an Australian company, our personnel in Australia may access your information to operate and support the service.
Where data is transferred across borders, we rely on appropriate safeguards, including data processing agreements with our service providers and recognized transfer mechanisms, and we require our providers to protect your information consistent with this policy.
11. Children's Privacy
FundFlow is a financial application intended for adults. You must be at least 18 years old (or the age of majority in your jurisdiction) to use the App. We do not knowingly collect personal information from anyone under 18, and we do not knowingly collect personal information from children under 13 within the meaning of the U.S. Children's Online Privacy Protection Act (COPPA).
If we become aware that we have collected personal information from someone under 18, we will take steps to delete it promptly. If you believe a minor has provided us with personal information, please contact us at admin@fundflow.dev.
12. Marketing Communications
We will only send you marketing communications if you have opted in. You can unsubscribe at any time by clicking the unsubscribe link in any marketing email, updating your preferences in the App, or contacting us at admin@fundflow.dev. We will continue to send essential service-related communications regardless of your marketing preferences.
13. Your Privacy Rights
Depending on where you live, you may have some or all of the following rights. To exercise any of them, contact us at admin@fundflow.dev or use the in-app controls. We will not discriminate against you for exercising your rights.
- Access / Know: request a copy of, or information about, the personal data we hold about you
- Correction: request correction of inaccurate or incomplete data
- Deletion: request deletion of your personal data (delete your account in-app or contact us)
- Portability: request your data in a structured, commonly used format
- Opt out of sale/sharing: we do not sell or share your personal information for advertising, but you may direct us not to
- Limit use of sensitive personal information: we use sensitive personal information only to provide the service and as described here
- Withdraw consent: for marketing (unsubscribe), bank connections (disconnect in-app), or analytics (contact us)
You may also authorize an agent to make a request on your behalf, and we may need to verify your identity before fulfilling a request.
14. Region-Specific Disclosures
14.1 United States
We comply with applicable U.S. federal and state privacy laws. As a provider of financial services, certain of your information may be subject to the Gramm-Leach-Bliley Act (GLBA) and related rules; where GLBA applies, we maintain administrative, technical, and physical safeguards designed to protect your information.
California residents (CCPA/CPRA). You have the right to know what personal information we collect and how we use and disclose it, to access and delete your personal information, to correct inaccurate information, to opt out of the "sale" or "sharing" of personal information (we do not sell or share personal information for cross-context behavioral advertising), and to limit the use of sensitive personal information. We do not knowingly sell the personal information of any consumer. You will not receive discriminatory treatment for exercising your rights.
Residents of other U.S. states with comprehensive privacy laws may have similar rights to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising and sale; contact us to exercise them.
14.2 Canada (PIPEDA and provincial law)
We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws (including Quebec's Law 25). Canadian users have the right to:
- Access the personal information we hold about you
- Challenge the accuracy and completeness of your information and request correction
- Withdraw consent for the collection, use, or disclosure of your information (subject to legal or contractual restrictions)
- Lodge a complaint with the Office of the Privacy Commissioner of Canada (https://www.priv.gc.ca/) or your provincial privacy regulator
We obtain consent for the collection, use, and disclosure of personal information, and we transfer personal information to service providers (including in the United States) for processing under contractual protections; while held by a provider in another country, your information may be accessible to that country's authorities under its laws.
15. Cookies and Tracking
15.1 Mobile App
The FundFlow mobile app does not use cookies. We use PostHog for analytics, as described in Section 2.6.
15.2 Website (if applicable)
If you visit our website, we may use essential cookies for basic functionality and analytics cookies (PostHog) to understand how visitors use our site. You can control cookies through your browser settings.
16. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes:
- We will update the "Last Updated" date at the top of this policy
- We will notify you via email or in-app notification
- We may ask for your consent where required by law
We encourage you to review this policy periodically.
17. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Email: admin@fundflow.dev
Mailing Address: FundFlow Group Pty Ltd ABN 36 694 667 386 Australia
Complaints. If you are in the United States and believe your privacy rights have been violated, you may contact your state Attorney General or the Federal Trade Commission (https://www.ftc.gov/). If you are in Canada, you may contact the Office of the Privacy Commissioner of Canada (https://www.priv.gc.ca/) or your provincial regulator.
This Privacy Policy is effective as of 27 June 2026.
