This Privacy Policy explains how FinCoach AI (“FinCoach AI”, “we”, “us”) collects, uses, and protects your information when you use our website at www.fincoach.pro and the FinCoach application (together, the “Service”). We take the privacy of your financial information seriously and only collect what we need to run the Service.
1. Who we are
The Service is operated by the team behind FinCoach AI (“we”, “us”, the operator). For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, the operator is the data controller of your personal data. You can reach the person responsible for data protection using the contact details below.
You can reach us about privacy at [email protected].
2. What data we collect
We collect the following categories of data:
- Account data — your email address and authentication details, created when you sign up. Authentication is handled by our provider, Supabase.
- Financial & portfolio data you provide — broker and exchange statements you upload, holdings, transactions, options and crypto positions, and any notes or goals you enter. This can include sensitive financial detail about your investments.
- Preferences — settings such as your chosen display language and currency.
- Technical data — IP address, browser type, device information, and approximate location (country/region) derived from your IP, used to serve the site, keep it secure, and choose your default language.
- Support communications — messages you send us by email.
We do not intentionally collect special-category data (such as health, religion, or political views). Please do not upload documents containing such information.
3. How and why we use your data
We use your data to:
- Create and secure your account and log you in;
- Import and parse your statements and build your portfolio view;
- Generate portfolio analysis, behavioral insights, and AI coaching based on your positions;
- Retrieve live market data for the tickers you track or research;
- Show the site in your language and remember your preferences;
- Maintain security, prevent abuse, debug, and improve the Service;
- Respond to your support requests and legal obligations.
We do not sell your personal data, and we do not use it for third-party advertising.
4. AI processing of your data
A core feature of the Service is AI-generated analysis. To produce it, the portfolio and market data relevant to your request is sent to our AI provider, Anthropic (the Claude API), which processes it to generate the response and returns it to us. We send the minimum context needed to answer your request. Under Anthropic’s commercial terms, data submitted through the API is not used to train their models.
AI output can be incomplete or wrong. It is generated automatically and is educational information, not financial, investment, tax, or legal advice. See our Terms & Conditions for the full disclaimer.
5. Legal bases for processing (GDPR)
Where the GDPR applies, we rely on the following legal bases:
- Performance of a contract — to provide the Service you asked for (your account, imports, analysis).
- Legitimate interests — to secure, maintain, and improve the Service and prevent abuse, balanced against your rights.
- Consent — where required, for example any optional processing; you may withdraw consent at any time.
- Legal obligation — where we must retain or disclose data by law.
6. Who we share data with
We share data only with service providers (“processors”) that help us run the Service, under contracts that require them to protect it and use it only on our instructions:
| Provider | Purpose | Region |
|---|---|---|
| Supabase | Account authentication and database hosting (stores your account and portfolio data) | EU / US |
| DigitalOcean | Application hosting and infrastructure | EU / US |
| Anthropic (Claude) | AI processing that generates portfolio analysis and coaching from the data you submit | US |
| Market-data providers (Finnhub, Financial Modeling Prep, and similar) | Live quotes, fundamentals and news for tickers you look up (ticker symbols only — not your personal data) | US |
| Interactive Brokers (IBKR) | Market data and, if you connect an account, brokerage data retrieval | US / global |
We may also disclose data if required by law, to enforce our Terms, or in connection with a business transfer (such as a merger or acquisition), in which case we will notify you.
7. International data transfers
Some of our providers are located outside your country, including in the United States. Where we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision, so that your data continues to be protected.
8. How long we keep your data
We keep your account and portfolio data for as long as your account is active. If you delete your account, we delete or anonymize your personal data within a reasonable period, except where we must retain some information to meet legal obligations or resolve disputes. You can ask us to delete your data at any time (see “Your rights”).
9. Security
We use technical and organizational measures to protect your data, including encryption in transit, access controls, and reputable infrastructure providers. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your information and to respond promptly to any incident.
10. Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you;
- Correct inaccurate data;
- Delete your data (“right to be forgotten”);
- Restrict or object to certain processing;
- Receive your data in a portable format;
- Withdraw consent where processing is based on consent;
- Lodge a complaint with your local data protection authority.
To exercise any of these rights, email us at [email protected]. We will respond within the timeframe required by applicable law.
11. Children
The Service is not directed to children under 16 (or the minimum age in your country), and we do not knowingly collect their data. If you believe a child has provided us data, contact us and we will delete it.
12. Changes to this policy
We may update this policy from time to time. We will post the updated version here with a new “Last updated” date and, for material changes, take reasonable steps to notify you.
13. Contact
Questions about this policy or your data? Email [email protected].
FinCoach AI provides educational tools and AI-generated information about your portfolio. It is not a bank, broker, or registered investment adviser, and nothing in the Service is financial, investment, tax, or legal advice. See our Terms & Conditions.