Privacy Policy

1. Information We Collect

When you use Finenture products, we may collect the following types of information:

• Account Information: Name, email address, company name, and role when you sign up.
• Financial Data: When you connect an accounting platform (e.g., Zoho Books), we access financial data (P&L, balance sheet, invoices, bills, aging reports) via OAuth 2.0 with read-only scopes. We never store your Zoho credentials. OAuth tokens are encrypted with AES-256-GCM at the application layer.
• Usage Data: Pages visited, features used, and interactions to improve our products.
• Device Information: Browser type, operating system, and IP address.

2. How We Use Your Information

• To provide and improve our financial dashboard services.
• To display your financial data securely within your dashboard.
• To send important account notifications and product updates.
• To respond to support requests and inquiries.
• To analyze usage patterns and improve user experience.

3. Data Security

We take data security seriously and implement multiple layers of protection:

• Encryption at Rest: All OAuth tokens are encrypted at the application layer using AES-256-GCM before database storage. The database itself provides an additional layer of AES-256 encryption.
• Encryption in Transit: All connections are enforced via TLS/SSL.
• Password Security: Passwords are hashed using bcrypt (cost factor 12) and never stored in plaintext.
• Read-Only Access: We connect to your accounting software with read-only OAuth scopes. We never create, modify, or delete your accounting records.
• Rate Limiting: 8 API endpoints are protected with per-IP rate limiting to prevent abuse and brute-force attacks.
• Log Redaction: 9 sensitive data patterns (tokens, emails, API keys) are automatically redacted in production logs.
• Infrastructure: Hosted on SOC 2 Type II compliant providers (Vercel, Neon PostgreSQL). Payments processed by Stripe (PCI DSS Level 1).

4. Data Sharing

We do not sell, trade, or rent your personal or financial data to third parties. We may share data with service providers who help us operate our services (e.g., hosting providers, analytics), subject to strict confidentiality agreements.

5. Your Rights

You have the right to:

• Access your personal data stored with us.
• Request correction of inaccurate data.
• Request deletion of your account and associated data by contacting us at support@finenture.com.
• Disconnect your accounting software at any time from your dashboard.
• Request export of your data by contacting us at support@finenture.com.

6. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies to understand how our products are used. You can control cookie settings through your browser.

7. Contact Us

If you have questions about this Privacy Policy, please contact us at Connect@cfodashboard.io.