Privacy Policy
This Privacy Policy explains how FinNote handles information within the application experience.
Information we process
- Account information such as name, email address, and login timestamps.
- Financial records that users create, including expenses, income, categories, goals, and saved calculations.
- Administrative metadata such as audit-log events and access-control changes.
Why information is used
We use stored information to operate the product features that users expect.
- Authenticate access to protected routes.
- Display dashboards, history, and planning summaries.
- Support security review and administrative oversight.
- Preserve records that users intentionally save inside the workspace.
Data visibility
- Standard users should only see their own records.
- Administrative users may see broader operational data when their roles and permissions allow it.
- Public visitors do not have access to authenticated account data.
Security expectations
- Passwords are hashed with Argon2id.
- State-changing requests rely on CSRF protection.
- Access-sensitive routes use authentication and role checks.
Questions
If you need help understanding this policy or want support guidance, visit the Support page.