Want to check out the full policy in all its glory? Dig in below!
Let's get this one out there right away so you know where we stand: Our incentives are aligned with our users because we don't sell their information to advertisers, or mine their data to show them "offers" that are just ads in disguise. We don't even store any of their data, even if they've decided to connect their financial accounts to be automatically synced. The only way we make money is if a user decides to upgrade to our premium service through the App Store.
For users that manually enter their financial transactions, their data is stored only in their iCloud account, where they keep their Contacts, Calendars, Photos, etc. This way, the data can be securely synced between their devices, and backed up for safe-keeping.
A user (owner) may choose to invite a family member (participant) to collaborate in DashFlow by sending them an invitation via iCloud. The data is still synced by iCloud and remains in the owner’s iCloud Storage. The participant can view and edit all data. The owner may revoke access for the participant at any time, which disables syncing of future data to the participant’s devices, but it does not automatically delete the previously shared data.
DashFlow uses a server, managed by Syncano.io, to securely connect with Plaid.com and transfer data to the user’s iOS device, where it is stored in Core Data and synced between devices by iCloud. When new transactions are available, they are retrieved from Plaid and passed through the server to the iOS device over an encrypted SSL connection. These transaction and account balance details remain on the server for a few seconds and are deleted as soon as the iOS device receives them. The data is connected to the anonymous Plaid.com access token, which is not connected to any personally identifiable information. The user’s financial data is never logged in any form.
No, we do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. Non-personally identifiable website visitor information may be provided to other parties for marketing, advertising, or other uses (e.g. Anonymous website traffic analytics, etc). We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.
We only use basic anonymous analytics to help make better decisions and improve our app.
When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
Last Edited on Feb 16, 2017.