Privacy Policy

Privacy Policy

Last updated: December 20th, 2025

1. Introduction

At FinnApp.AI, operated by Virtual Businesses Rodriguez Balma S.A., we deeply value and respect your privacy. This Privacy Policy describes in detail how we collect, use, store, and protect your personal information through our website and mobile app. By using our services, you agree to the practices described in this policy. If you have any questions or concerns about our practices, feel free to contact us.

2. Minimum Age Requirement

FinnApp.AI is intended for users who are at least 13 years of age. If you are under 13, you may only use our services with the involvement and consent of a parent or legal guardian. We do not knowingly collect personal information from children under 13 without parental consent. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information.

3. Information We Collect

We collect different types of information to provide you with the best service:

• Personal Information: Includes your full name, email address and password. These details are necessary to create and manage your account and provide support.
• Financial Information: Data related to your income, expenses, and financial transactions that you enter into the platform. We use this information exclusively to provide you with personalized financial management features.
• Technical Data: Information about your device, such as IP address, browser type, operating system, and usage data. This helps us improve and optimize our services, ensure proper functionality, and resolve technical issues.
• Cookies and Tracking Technologies: We use cookies and similar technologies to enhance your experience, remember your preferences, and collect information about how you interact with our services.

4. Use of Information

We use the collected information for the following purposes:

• Provision and Improvement of Service: To provide you with financial management features, personalized analysis, and reports, and to continuously improve our services.
• Subscription: To manage your subscription and communicate with you about matters related to your account.
• Communication: To send you important notifications, service updates, and promotional communications if you have consented to receive them. You can opt out of promotional communications at any time.
• Legal Compliance and Security: To comply with legal obligations, respond to authorities' requests, and protect the rights and safety of our users and FinnApp.AI.

5. Storage and Security of Information

Your data is securely stored on cloud servers provided by Microsoft Azure. You can review the certifications, regulations, and standards offered by their data center at https://servicetrust.microsoft.com/. We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, loss, alteration, or disclosure.

• Encryption: We use industry-standard encryption protocols to protect your data both in transit and at rest.
• Access Controls: We limit access to your personal information to employees and third parties who need access for legitimate service-related purposes.
• Monitoring: We continuously monitor our systems to detect and prevent potential vulnerabilities or security breaches.

6. Data Backup and Recovery

We perform daily backups of your information to protect your data in the event of a disaster or system failure. These backups are securely and encryptedly stored to ensure the confidentiality and integrity of your information. Backups are kept for a limited time and securely deleted once they are no longer needed.

7. Data Retention

We retain your personal information while your account is active or as needed to provide our services and comply with legal obligations. Upon account deletion request, we will process your request within 30 days and permanently delete your data within 90 days, unless there is a legal obligation to retain it for a longer period.

8. Account and Data Deletion

You have the right to delete your account and all associated data at any time. We provide two ways to request account deletion:

• In-App Deletion: Navigate to Settings → Account → Delete Account within the FinnApp.AI app. Follow the on-screen instructions to confirm deletion.
• Web-Based Deletion Request: If you no longer have access to the app, you can request account deletion by sending an email to info@finnapp.ai with the subject line "Account Deletion Request" and include the email address associated with your account.

Upon receiving your deletion request:

• We will verify your identity to protect against unauthorized deletion requests.
• Your account will be deactivated within 30 days of the request.
• All personal and financial data will be permanently deleted from our systems within 90 days.
• Backup copies will be purged according to our backup retention schedule (maximum 90 days).
• We will request deletion of your data from our third-party service providers (Microsoft Azure, OpenAI).

Note: Some data may be retained if required by law for fraud prevention, regulatory compliance, or to resolve disputes.

9. Information Sharing and Third-Party Processors

We do not sell or rent your personal information to third parties. We may share your information in the following circumstances:

• Microsoft Azure: Cloud hosting and database services. Your data is stored on Azure servers.
• OpenAI (ChatGPT): AI-powered financial insights feature. See Section 10 for details on AI data handling.
• Google Analytics: Website and app usage analytics (anonymized data only).
• Legal Compliance: If required by law, regulation, or legal process.
• Protection of Rights: To protect the rights, property, or safety of FinnApp.AI, our users, or others.

10. AI and ChatGPT Data Handling

FinnApp.AI integrates with OpenAI's ChatGPT to provide personalized financial insights. Here's how we handle your data when using this feature:

• What Data is Sent: When you use the AI feature, we may send summarized financial data (such as income/expense totals, categories, and trends) to OpenAI's API to generate personalized recommendations.
• Anonymization: We do not send your name, email address, or other directly identifying information to OpenAI. Financial data is sent in summarized, anonymized form.
• Purpose: The data is used solely to generate financial insights and recommendations for you.
• Data Retention by OpenAI: According to OpenAI's API data usage policy, data sent through the API is not used to train their models. We recommend reviewing OpenAI's API Data Usage Policies for more details.
• Your Control: Use of the AI feature is optional. You can use FinnApp.AI without enabling AI-powered insights.

11. International Data Transfers

Your information may be transferred and stored on servers located outside your country of residence, including countries that may not have the same data protection laws as your jurisdiction. We take steps to ensure that appropriate safeguards are implemented to protect your personal information in accordance with this Privacy Policy and applicable laws.

12. Your Rights

In accordance with applicable data protection laws, including the European Union's General Data Protection Regulation (GDPR) and similar legislation in the United States, you have the following rights:

• Access: You can request a copy of the personal information we hold about you.
• Rectification: You can request correction of inaccurate or incomplete data.
• Deletion: You can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected.
• Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and transmit it to another data controller.

To exercise these rights, contact us by sending an email to info@finnapp.ai. We will respond to your request in compliance with applicable laws and within the established timeframes.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about your interaction with our services. Cookies allow us to enhance your experience, remember your preferences, and deliver relevant content. You can control the use of cookies through your browser settings. However, disabling cookies may affect the functionality of our services.

14. Changes to the Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of significant changes through notices on our website or via email. The date of the last update will be indicated at the beginning of this policy. We recommend reviewing this policy regularly to stay informed about how we protect your information.

15. Information Security

We are committed to protecting the security of your personal information. We implement physical, electronic, and procedural security measures to safeguard your data. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

16. Links to Third-Party Sites

Our services may contain links to third-party websites or services that are beyond our control and not covered by this Privacy Policy. We are not responsible for the privacy practices of those sites or services. We recommend reviewing the privacy policies of each website you visit.

17. Contact

If you have questions, comments, or requests related to this Privacy Policy or how we handle your personal information, you can contact us:

• Email: info@finnapp.ai
• Address: Virtual Businesses Rodriguez Balma S.A., Guachipelin, Escazu. San Jose, Costa Rica

We will respond to your inquiries within 48 hours.