Privacy Policy

1. Introduction

Welcome to Clearly ("Company," "we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Clearly budgeting application and website (collectively, the "Service").

Please read this Privacy Policy carefully. By using our Service, you consent to the practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Email address, name, and password when you create an account. If you sign in with Google, we receive your email and name from Google.
• Authentication Credentials: If you register a passkey (WebAuthn), we store the public key credential for passwordless authentication.
• Profile Information: Optional profile details you choose to provide
• Financial Data: Income amounts, expense transactions, spending categories, savings goals, and planned purchases that you manually enter
• Communications: Information you provide when contacting our support team
• Consent Preferences: Your cookie and privacy consent choices, stored for GDPR compliance

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

• Device Information: Device type, operating system, browser type, and unique device identifiers
• Usage Data: Pages visited, features used, time spent on the Service, and interaction patterns
• Log Data: IP address, access times, and referring URLs
• Cookies: Small data files stored on your device (see our Cookie Policy)

2.3 Information We Do NOT Collect

• We do not access your bank account credentials
• We do not connect directly to your financial institutions
• We do not automatically pull transactions from your bank
• All financial data in Clearly is manually entered by you

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing the Service

• Create and manage your account
• Process and display your budget data
• Calculate daily allowances, ripple spreads, and savings goals
• Sync your data across devices
• Provide customer support

3.2 Improving the Service

• Analyze usage patterns to improve features
• Fix bugs and technical issues
• Develop new features and functionality
• Conduct research and analytics

3.3 Communications

• Send service-related notices and updates
• Respond to your inquiries and requests
• Send promotional communications (with your consent)
• Notify you of changes to our policies

3.4 Security and Legal

• Detect, prevent, and address fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Protect our rights and the rights of our users

4. How We Share Your Information

We do not sell your personal information or financial data. We may share your information only in the following limited circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our Service, including:

• Hosting: Vercel (application hosting and edge functions)
• Database: Neon (PostgreSQL database with encryption at rest)
• Caching: Upstash (Redis for rate limiting and session caching)
• Authentication: Google OAuth (optional third-party sign-in)
• Error Monitoring: Sentry (application error tracking and performance monitoring)
• Analytics: Vercel Analytics (privacy-focused usage analytics, with your consent)

These providers are contractually obligated to protect your data and may only use it to provide services on our behalf. All providers are SOC 2 compliant or equivalent.

4.2 Legal Requirements

We may disclose your information if required to:

• Comply with applicable laws, regulations, or legal processes
• Respond to lawful requests from government authorities
• Enforce our Terms of Service
• Protect against legal liability

4.3 Business Transfers

If Clearly is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Security

We implement industry-standard security measures to protect your personal information. For detailed information about our security practices, please see our Data Security page.

Our security measures include:

• Encryption: Data encrypted in transit (TLS 1.3) and at rest via our database provider
• Password Security: Passwords hashed using Argon2id, a memory-hard algorithm resistant to GPU attacks
• Session Security: HTTP-only cookies with automatic session rotation
• Rate Limiting: Distributed rate limiting to prevent brute-force attacks
• Audit Trail: Hash-chained ledger for tamper-evident financial data integrity
• Secure Infrastructure: Hosted on SOC 2 compliant cloud providers (Vercel, Neon, Upstash)

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Service. Specifically:

• Account Data: Retained while your account is active
• Financial Data: Retained while your account is active, plus any legal retention period
• Usage Logs: Retained for up to 90 days
• Backup Data: Retained for up to 30 days after deletion

Upon account deletion, we will delete or anonymize your data within 30 days, except where we are required to retain it for legal, accounting, or fraud prevention purposes.

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

You can download your personal data directly from the app: go to Settings > Account > Export Data to receive a JSON file containing all your information. You can also contact us atprivacy@clearly.money for assistance.

7.2 Correction

You can update your account information directly through the app settings, or contact us to correct any inaccurate information.

7.3 Deletion

You can delete your account at any time through the app settings. Upon deletion, we will remove your personal data as described in Section 6.

7.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by updating your preferences in the app settings.

7.5 Cookies

You can manage cookie preferences through your browser settings. See our Cookie Policy for more details.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). Please see our California Privacy Notice for detailed information about your rights.

9. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

9.1 Lawful Basis for Processing

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide our budgeting service (account management, transaction tracking, calculations)
• Legitimate Interests: Improving our service, preventing fraud, ensuring security
• Consent: Marketing communications and non-essential cookies (you can withdraw consent at any time)
• Legal Obligation: Compliance with applicable laws and regulations

9.2 Your GDPR Rights

Under GDPR, you have the right to:

• Access (Art. 15): Request a copy of your personal data
• Rectification (Art. 16): Correct inaccurate or incomplete data
• Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
• Restrict Processing (Art. 18): Limit how we use your data
• Data Portability (Art. 20): Receive your data in a machine-readable format
• Object (Art. 21): Object to processing based on legitimate interests
• Withdraw Consent (Art. 7): Withdraw consent at any time for consent-based processing

9.3 Exercising Your Rights

To exercise your rights:

• Data Export: Download your data from Settings > Account > Export Data
• Account Deletion: Delete your account from Settings > Account > Delete Account
• Cookie Preferences: Manage via the cookie consent banner or browser settings
• Other Requests: Email privacy@clearly.money

We will respond to GDPR requests within 30 days. If we need more time, we will inform you of the reason and extension period.

9.4 Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

10. International Data Transfers

If you are accessing our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection. By using our Service, you acknowledge and consent to this transfer with appropriate safeguards in place.

We take steps to ensure that your data receives adequate protection in accordance with this Privacy Policy, regardless of where it is processed.

11. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete that information promptly.

If you believe we may have collected information from a child under 18, please contact us atprivacy@clearly.money.

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

For significant changes, we will provide additional notice (such as email notification or an in-app alert). Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Privacy inquiries: privacy@clearly.money
• General support: support@clearly.money
• Data requests: privacy@clearly.money

We will respond to your inquiry within 30 days.