TãLFIN — Privacy Policy
Last updated: [PUBLISH DATE]
1. Who we are
TãLFIN is operated by [YOUR FULL LEGAL NAME], a sole proprietor (jednoosobowa działalność gospodarcza) registered in Poland, [REGISTERED ADDRESS], NIP [NIP NUMBER], REGON [REGON NUMBER].
For anything in this policy, contact: contact@talfin.app.
This policy covers the TãLFIN marketing site (talfin.app), the free public tools under
talfin.app/tools/* (mortgage/overpayment calculators and similar), and the app itself
(my.talfin.app).
2. What data we collect
If you just use a free public tool (e.g. the mortgage overpayment calculator) without creating an account: your calculator inputs are processed in your browser or via a stateless request and are not tied to an identity. We do not require an account, email, or any personal identifier to use these tools.
If you create a TãLFIN account, we collect:
- Account data — email address and authentication credentials, handled by Supabase Auth (we never see or store your raw password).
- Financial data you enter — accounts, balances, transactions, categories, forecasts, check-in snapshots, and (for business profiles) business-related financial records. Amounts are stored as you enter them, in their original currency.
- Documents you upload for extraction — if you use the “extract from PDF” assist feature, the file is sent directly to our AI processor for one-time extraction and is not stored by us afterward (see §5).
- Usage/product analytics — page views and in-app events, collected without cookies or cross-site tracking identifiers (see §6).
- Aggregate comparison stats, population-wide — we may compute simple cross-user comparisons (e.g. “you spend less than 80% of TãLFIN users”) using only the financial data already described above — no separate data collection. These are population-wide figures, not segmented by any personal characteristic, and are never shown or traceable back to any individual user’s data.
- Aggregated benchmarking data, cohort-based (planned) — if we later ask for optional profile details (e.g. age, country, household size) to power segmented comparisons (e.g. “you spend less than others your age, in your country”), those cohorts will be built from ranges (e.g. age bands), not identities, and any cohort too small to protect anonymity will be merged or suppressed so no comparison can be traced back to an individual. This bullet will be updated with the actual fields collected once built. [DECIDE: let users opt out of contributing to benchmark cohorts, independent of using the comparison feature itself.]
- Diagnostic data — if the app errors, technical details (e.g. stack trace, the URL you were on, and your IP address at that moment) are sent to our error-monitoring tool so we can fix the bug. This is not linked to your financial data.
- Billing data — if you subscribe to a paid tier, payment is handled by our payment processor directly; we store only subscription status and invoice records (an invoice may be emailed to you via our transactional email provider).
We do not collect bank login credentials. TãLFIN does not connect to your bank accounts on your behalf; all balances/transactions are entered manually or reviewed by you before saving.
3. Why we process this data (legal basis)
- Performance of a contract — storing and calculating your financial data is the core service you signed up for.
- Legitimate interest — error monitoring, abuse/fraud prevention, aggregate product analytics, population-wide comparison stats built from existing financial data, and (if/when cohort-based benchmarking ships) anonymized cross-user cohorts — none of which we use to build an advertising profile of you or to identify you to other users.
- Consent — only where we explicitly ask for it (e.g. optional marketing email, if we ever add one — none exists today).
We do not sell your data, and we do not share your financial data with advertisers.
4. Who else processes your data (sub-processors)
| Purpose | Provider | What they see |
|---|---|---|
| Database, authentication, file storage, scheduled jobs | Supabase | All account and financial data you store |
| Hosting | Vercel | Web traffic to serve the app/site |
| One-time PDF data extraction | Anthropic (Claude API) | The document you choose to upload, discarded after the response — not retained by us or, per Anthropic’s API terms, used to train their models |
| Product analytics | OpenPanel (self-hosted) | Anonymous usage events, no cookies |
| Error monitoring | GlitchTip (self-hosted) | Crash reports, may include IP address |
| Transactional email (invoices) | Resend | Your email address, invoice content |
| Payment processing | [PAYMENT PROCESSOR — TBD once billing is built] | Payment details (never seen by us directly) |
We choose sub-processors that don’t resell data and require confidentiality. If this list changes materially, we’ll update this policy and note the change date.
5. Document extraction — no storage, by design
When you upload a PDF for data extraction, the file goes straight to our AI processor via a server-side function, gets parsed into structured fields, and the original file is discarded — we don’t keep a copy. This is a deliberate design choice, not an afterthought, and it’s the reason this feature is available even before you create an account.
6. Cookies and analytics
TãLFIN does not use cookies for analytics or advertising. Our analytics (OpenPanel) is self-hosted and cookieless — it doesn’t set a tracking identifier on your device and doesn’t follow you across other sites. Because of this, we don’t show a cookie-consent banner; there’s nothing non-essential to consent to. Authentication itself uses a session token required to keep you logged in (strictly necessary, not a tracking cookie).
7. How long we keep your data
- Financial records are soft-deleted when you delete them in the app (marked, not immediately erased) so that edits, undo, and historical analytics stay consistent.
- If you delete your account, your data is deactivated immediately and permanently purged after a 30-day grace period — this window exists so an accidental account deletion can still be reversed if you contact us in time. After 30 days, the purge is irreversible and covers your profile, accounts, transactions, forecasts, check-in history, and your authentication record.
- Diagnostic/error logs are retained for [RETENTION — e.g. 30–90 days] and then rotated out automatically by the error-monitoring tool.
8. Your rights
Wherever GDPR or another applicable law gives you these rights, you can:
- Access — request a copy of the personal data we hold about you.
- Export — download your financial data (in-app export feature, or by emailing us).
- Correct — fix inaccurate data directly in the app.
- Delete — delete your account (see §7) or request deletion of specific records.
- Object/restrict — object to processing based on legitimate interest.
To exercise any of these, email contact@talfin.app. We’ll respond within the time required by applicable law (typically one month under GDPR).
9. Security
Access to your data is restricted by row-level security policies scoped to your account, and administrative access to the underlying database is limited to [YOU / operator]. No method of storage or transmission is 100% secure, but we don’t store raw bank credentials, and payment details never pass through our own servers.
10. Children
TãLFIN is not directed at, and is not intended for use by, anyone under 18.
11. International data transfers
Our infrastructure providers (Supabase, Vercel, Anthropic) may process data outside your country of residence, including outside the EEA. Where that happens, we rely on the safeguards those providers offer (e.g. Standard Contractual Clauses) for the transfer.
12. Changes to this policy
We’ll update the “Last updated” date above and, for material changes, notify active account holders by email or in-app notice.
13. Contact
[YOUR FULL LEGAL NAME] — contact@talfin.app — [REGISTERED ADDRESS]