Privacy Policy

Last updated: March 2026

Summary: We collect only what we need to run the Service. We never sell your data. You own your financial data and can request deletion at any time.

1. Who We Are

Fintoit ("we", "us", "our") is a financial management platform for early-stage startups, operated by Pranav Kethireddy & Vishruth Bejugam. If you have any questions about this policy, contact us at fintoit.com/contact.

2. Information We Collect

Information you provide directly:

  • Account information — name, email address, password (stored as a secure hash)
  • Company information — company name, starting cash balance
  • Financial data — transactions, invoices, bills, budgets, goals
  • Business data — employee records, payroll, cap table, vendor information
  • Tax documents and uploaded files (PDFs, images, CSVs)
  • Job applications including resumes and supporting documents
  • Feedback and contact form submissions
  • Email settings (SMTP credentials stored encrypted)

Information collected automatically:

  • Session data to keep you logged in
  • Basic usage logs for debugging and security purposes

3. How We Use Your Information

We use your information to:

  • Provide, operate, and improve the Fintoit Service
  • Generate AI-powered financial insights from your financial data
  • Send invoices and emails on your behalf when you configure email settings
  • Send transactional emails such as password reset links
  • Respond to your support requests and feedback
  • Review job applications submitted through our careers page
  • Detect and prevent fraud, abuse, and security incidents

4. AI and Your Data

Fintoit uses AI to generate financial insights, auto-categorize transactions, and produce investor reports. When you use these AI features:

  • Aggregated financial summaries (not raw transaction data) are sent to the AI provider
  • We do not send personally identifiable information to AI providers unless necessary
  • AI responses are not stored permanently and are governed by Groq's privacy policy

5. Data Sharing

We do not sell your personal data. We may share your data only in these limited circumstances:

  • Service providers — we use Groq for AI processing and PostgreSQL for database hosting. These providers are bound by data processing agreements.
  • Legal requirements — we may disclose data if required by law, court order, or to protect our legal rights.
  • Business transfer — if Fintoit is acquired or merged, your data may be transferred as part of that transaction with prior notice to you.

6. Data Security

We take security seriously. Your password is stored as a bcrypt hash — never in plain text. All data is stored in a secured PostgreSQL database. Uploaded files are stored as binary data in the database. However, no system is completely secure and we cannot guarantee absolute security. We encourage you to use a strong, unique password.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your data within 30 days, except where we are required by law to retain it longer. Some anonymized aggregated data may be retained for analytics purposes.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access — request a copy of the data we hold about you
  • Correction — request that we correct inaccurate data
  • Deletion — request that we delete your account and associated data
  • Portability — request your data in a machine-readable format (CSV export is available in the app)
  • Objection — object to certain types of processing

To exercise any of these rights, contact us at fintoit.com/contact. We will respond within 30 days.

9. Cookies

Fintoit uses only essential session cookies to keep you logged in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

10. Children's Privacy

Fintoit is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with their data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice in the app. The "last updated" date at the top of this page reflects the most recent revision.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at fintoit.com/contact.