PortfolioFlow logo
BlogLog inGet Started
← Back to home

Privacy Policy

Last updated: January 26, 2025

Portfolio Flow ("we," "us," or "our") operates the portfolioflow.ai website and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By accessing or using the Service, you agree to this Privacy Policy.

1. Information We Collect

1.1 Personal Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Profile preferences (age range, risk tolerance, investment time horizon)
  • Account credentials managed through our authentication provider (Clerk)

1.2 Financial Information

When you connect brokerage or bank accounts through Plaid, we access:

  • Account names, types, and masked account numbers
  • Holdings information (securities, quantities, prices, values)
  • Account balances
  • Institution names

Important: We request read-only access only. We cannot execute trades, transfer funds, or make any changes to your accounts. Your brokerage login credentials are never transmitted to or stored on our servers—Plaid handles authentication directly with your financial institution.

1.3 Usage Information

We automatically collect:

  • Device information (browser type, operating system)
  • IP address and approximate location
  • Pages visited and features used
  • Date and time of access
  • Referring URLs

1.4 AI Chat Data

When you use the AI chat feature, we process your questions along with your portfolio data to generate responses. Chat history may be retained to improve the Service and provide context for follow-up questions within a session.

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Display your aggregated portfolio holdings and allocation
  • Calculate and display daily portfolio value changes
  • Generate AI-powered insights based on your actual holdings
  • Provide personalized allocation recommendations based on your profile
  • Process subscription payments and manage your account
  • Send transactional emails (account verification, payment receipts, important updates)
  • Respond to your inquiries and support requests
  • Detect, prevent, and address technical issues or fraudulent activity
  • Comply with legal obligations

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We share information only in the following circumstances:

3.1 Service Providers

We use trusted third-party services to operate the Service:

  • Plaid Inc. — For secure connection to your financial accounts. Plaid's use of your data is governed by their privacy policy at plaid.com/legal.
  • Stripe Inc. — For payment processing. Stripe's privacy policy is at stripe.com/privacy.
  • Clerk Inc. — For user authentication. Clerk's privacy policy is at clerk.com/privacy.
  • Vercel Inc. — For hosting and infrastructure.
  • OpenAI / Anthropic — For AI-powered chat features. Your portfolio data may be sent to AI providers to generate responses. These providers process data according to their respective privacy policies and data processing agreements.

3.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

4. Data Security

We implement industry-standard security measures to protect your information:

  • All data is transmitted over HTTPS/TLS encryption
  • Data at rest is encrypted using AES-256 encryption
  • We use secure, SOC 2 compliant infrastructure providers
  • Access to user data is restricted to authorized personnel only
  • We do not store your brokerage login credentials—authentication is handled directly by Plaid

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal and financial information for as long as your account is active or as needed to provide the Service. Historical portfolio snapshots are retained to enable performance tracking. If you delete your account, we will delete or anonymize your information within 30 days, except where retention is required for legal, accounting, or legitimate business purposes.

6. Your Rights and Choices

You have the following rights regarding your data:

  • Access: You can view your data through the dashboard at any time.
  • Correction: You can update your profile information through your account settings.
  • Deletion: You can delete individual connected accounts or your entire account from the Settings page. This removes your data from our systems.
  • Disconnect: You can disconnect linked financial accounts at any time, which stops data syncing from those accounts.
  • Export: You can request a copy of your data by contacting us.
  • Revoke Plaid Access: You can revoke Plaid's access to your financial accounts through Plaid's portal at my.plaid.com.

7. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. We may use analytics tools to understand how the Service is used. You can control cookies through your browser settings, though disabling essential cookies may prevent the Service from functioning properly.

8. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will delete it promptly.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. By using the Service, you consent to such transfers.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, request deletion, and opt out of sales (though we do not sell personal information). To exercise these rights, contact us using the information below.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

neejbiz@gmail.com

Back to home
Privacy Policy | Portfolio Flow