Privacy Policy

We store only the planning information needed to operate the product: profile preferences, financial plans, income, expenses, savings, assets, liabilities, goals, calculator inputs, and assessment results.

Do not enter bank account numbers, card numbers, tax identifiers, government identity numbers, broker credentials, passwords, or other unnecessary sensitive identifiers.

Private planning data is scoped to the signed-in user and is intended to be protected by Supabase Row Level Security. Public calculators do not require sign-in unless you choose to save results.

You can export your saved planning data from the authenticated dashboard before permanently deleting your account. Account deletion requires a fresh Google sign-in and removes user-owned planning records through database cascades.

Minimal audit and security events are stripped of direct identity, retained under a documented legal basis and retention category, and automatically erased when their retention period ends.

Ordinary audit events are retained for one year. Security events are retained for at least 180 days. A longer legal hold is used only when required by applicable Indian law or a lawful direction.

Operational logs should never include financial request bodies. Preview deployments should use isolated or preview-safe Supabase credentials.