Privacy Policy

1. Introduction and Commitment

Vine Finance ("we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our comprehensive financial management platform (the "Service").

We understand that financial information is highly sensitive and personal. We are committed to maintaining the highest standards of data protection and privacy compliance. This policy applies to all users of our Service, including visitors to our website and registered users.

2. Information We Collect

We collect several types of information to provide and improve our Service:

Personal Information

• Account Information: Name, email address, phone number, and account credentials
• Profile Information: Date of birth, address, employment information, and financial goals
• Communication Data: Messages, support requests, and feedback you send to us

Financial Information

• Asset Data: Information about your bank accounts, investments, real estate, and other assets
• Liability Data: Information about your debts, loans, mortgages, and other liabilities
• Transaction Data: Financial transactions and spending patterns (when connected to financial institutions)
• Financial Goals: Your savings targets, retirement plans, and other financial objectives

Technical Information

• Device Information: IP address, browser type, operating system, and device identifiers
• Usage Data: How you interact with our Service, pages visited, and features used
• Log Data: Server logs, error reports, and performance metrics

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and maintain the Service: To deliver our financial management platform and ensure it works properly
• Personalize your experience: To customize features and content based on your preferences
• Process payments and billing: To handle subscription payments and manage your account
• Send important updates: To communicate service changes, security alerts, and account notifications
• Improve our Service: To analyze usage patterns and enhance our platform
• Ensure security: To protect against fraud, abuse, and security threats
• Comply with legal obligations: To meet regulatory requirements and respond to legal requests

4. How We Share Information

We are committed to protecting your privacy and only share your information in limited circumstances:

Service Providers

We work with trusted third-party service providers who help us operate our Service:

• Cloud Infrastructure: Secure data hosting and storage services
• Financial Data Providers: Services like Plaid for secure account connections
• Payment Processors: Secure payment processing services
• Analytics Services: Anonymous usage analytics to improve our Service
• Customer Support: Help desk and support services

Legal Requirements

We may disclose your information when required by law, including:

• To comply with legal processes or government requests
• To protect our rights, property, or safety
• To investigate potential violations of our Terms of Service
• To prevent fraud or security threats

5. Data Security and Protection

We implement comprehensive security measures to protect your information:

Technical Security Measures

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Multi-factor authentication and role-based access controls
• Network Security: Firewalls, intrusion detection, and regular security audits
• Data Centers: Secure, SOC 2 compliant hosting facilities

Organizational Security

• Employee Training: Regular security awareness training for all staff
• Background Checks: Comprehensive screening for employees with data access
• Incident Response: Established procedures for security incident handling
• Regular Audits: Third-party security assessments and penetration testing

6. Data Retention and Deletion

We retain your information only as long as necessary to provide our Service and comply with legal obligations:

Retention Periods

• Active Accounts: Data retained while your account is active
• Inactive Accounts: Data retained for 2 years after last activity
• Financial Records: Retained for 7 years to comply with tax and regulatory requirements
• Security Logs: Retained for 1 year for security monitoring

Data Deletion

You can request deletion of your account and personal data at any time. Upon deletion:

• Your account will be permanently deactivated
• Personal information will be deleted within 30 days
• Financial data will be anonymized or deleted as permitted by law
• Some information may be retained for legal compliance

7. Your Rights and Choices

You have several rights regarding your personal information:

Access and Control

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your information

Communication Preferences

• Marketing Communications: Opt out of promotional emails
• Service Updates: Control notifications about service changes
• Security Alerts: Manage security and account notifications

8. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal information from a child under 18, we will immediately delete the information and take steps to prevent future collection.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We implement appropriate safeguards to protect your data during international transfers, including:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions for countries with equivalent privacy protection
• Certification programs and codes of conduct
• Compliance with applicable local privacy laws

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Types of Cookies We Use

• Essential Cookies: Required for basic Service functionality
• Performance Cookies: Help us understand how you use our Service
• Functional Cookies: Remember your preferences and settings
• Security Cookies: Help protect against fraud and security threats

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Displaying a notice within the Service

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

12. Legal Basis and Compliance

We process your information based on the following legal grounds:

• Contract Performance: To provide our Service and fulfill our obligations
• Legitimate Interest: To improve our Service and ensure security
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

We comply with applicable privacy laws and regulations, including GDPR, CCPA, and other state and federal privacy laws.