Effective Date: December 23, 2025
Last Updated: December 23, 2025
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Business, for the purpose of CCPA/CPRA, refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers' personal information, that does business in the State of California.
CCPA and/or CPRA refers to the California Consumer Privacy Act (the "CCPA") as amended by the California Privacy Rights Act of 2020 (the "CPRA").
Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to VerusinvestitioLLC, 18377 Beach Blvd, Huntington Beach, CA 92648.
Consumer, for the purpose of the CCPA/CPRA, means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: California, United States
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
Personal Data is any information that relates to an identified or identifiable individual.
For the purposes of the CCPA/CPRA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
Service refers to the Website.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Website refers to Finy, accessible from JoinFiny.com
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:
Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies on the Free Privacy Policy website article.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third-Parties
Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how our users react to them.
For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
Third-Party SDKs and Analytics
Finy uses essential cookies and third-party software development kits (SDKs), including analytics services and Plaid connection logs, to improve performance, analyze usage patterns, and provide core functionality. These SDKs may collect device information, usage data, and performance metrics. Users can disable cookies in their browser settings, though this may limit some functionality of the Service.
The Company may use Personal Data for the following purposes:
We may share Your personal information in the following situations:
We collect certain categories of sensitive personal data, including but not limited to account login credentials and password information. This data is necessary to provide our services. We take additional measures to ensure the security and confidentiality of this sensitive data, such as encrypting the information during transmission using SSL/TLS protocols and encrypting it at rest using AES-256 encryption. We limit the use and disclosure of this data to what is strictly necessary for performing our services or providing goods reasonably expected by the average consumer.
In the event of a data breach, we will notify affected individuals as soon as possible, but no later than 30 days after we become aware of the breach, in compliance with applicable U.S. state laws. Affected users will be informed via in-app notification and email to the address associated with their account. We will provide information about the nature of the breach, the types of information compromised, and steps you can take to protect yourself. We will also notify any relevant regulatory authorities as required by law.
We do not currently use any automated decision-making processes that produce legal effects concerning individuals or significantly affect individuals in a similar manner. All decisions related to financial recommendations or data analysis involve human oversight. If automated decision-making is introduced in the future, users will be informed in advance and may opt out where legally required. We will update this Privacy Policy to provide you with appropriate opt-out mechanisms and information about the logic involved in such decisions.
Our Service does not currently respond to Do Not Track (DNT) signals. However, Finy honors Global Privacy Control (GPC) signals as an opt-out request under the California Privacy Rights Act (CPRA). When we detect a GPC signal from your browser, we will treat it as a valid request to opt out of the sale or sharing of your personal information. You may also set your browser to refuse certain cookies or alert you when cookies are being sent. If you do not accept cookies, some parts of our Service may be unavailable to you.
We retain your personal data for as long as your account remains active or as necessary to fulfill the purposes outlined in this Privacy Policy. We do not retain transaction data after you delete your account — it is permanently deleted immediately upon account deletion. Server logs and backup data are retained for 90 days and then deleted or anonymized. Sensitive personal information will be retained for the minimum necessary period, and we will delete or anonymize it when no longer required by law or for legitimate business purposes.
You have the right to opt-out of receiving marketing communications from us at any time. To exercise this right, you can use the unsubscribe link found in the footer of our emails, or you can contact us directly at finydba@gmail.com. Once you opt-out, we will stop sending you marketing communications, but we may still contact you regarding service-related updates.
We do not sell or share personal information for cross-context behavioral advertising as defined under the California Privacy Rights Act (CPRA). We may share limited data with service providers for operational or analytics purposes, but this does not constitute a sale or sharing under CPRA definitions. You may opt out of such data sharing by contacting us directly at finydba@gmail.com.
We use third-party service providers to facilitate our Service, including cloud infrastructure, banking integrations, analytics, and feature-specific services. These service providers may have access to your personal information in order to perform their tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Third-Party Liability: While the Company is not responsible for the security or privacy practices of third-party service providers, we ensure that all third-party vendors meet industry-standard security requirements and are contractually obligated to protect your data. Each provider's use of your information is governed by their own privacy policy.
Plaid API Banking
We use Plaid API to connect your financial accounts to our Service and securely access your financial data. By using our Service, you authorize Finy to access and retrieve your financial information through Plaid. Plaid’s use of your information is governed by their own privacy policy, which we encourage you to review. For more information about Plaid’s privacy practices, please visit: Plaid Privacy Policy.
DigitalOcean
We use DigitalOcean as our cloud infrastructure provider to host and store your data securely. DigitalOcean stores your data on its servers, which are subject to their privacy and security practices. DigitalOcean takes appropriate measures to protect your personal information. For more information about DigitalOcean’s privacy practices, please visit: DigitalOcean Privacy Policy.
ImageKit.io
We use ImageKit.io as our media management and delivery service for our custom tags feature. When you create custom tags, associated log files and images may be uploaded to and stored on ImageKit.io's servers. ImageKit.io processes this data on our behalf to provide image optimization, storage, and delivery services. For more information about ImageKit.io's privacy practices, please visit: ImageKit.io Privacy Policy.
Render.com
We use Render.com as a cloud hosting provider to power our AI categorization feature. When you use our AI-powered transaction categorization, your transaction data is processed through Render.com's infrastructure to provide intelligent categorization suggestions. Render.com acts as our service provider and processes data solely on our behalf. For more information about Render.com's privacy practices, please visit: Render.com Privacy Policy.
We comply with the Children's Online Privacy Protection Act (COPPA). Our Service is not intended for individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately at finydba@gmail.com. Upon verification, we will delete any collected data immediately and take steps to prevent future collection. Parents have the right to review, delete, and refuse further collection of their child's information.
California residents have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
To exercise any of these rights, please contact us at finydba@gmail.com. We will respond to your request within 45 days.
How to Opt-Out: Users may opt out of certain data-sharing activities through Settings > Privacy > Data Controls within the app, or by emailing finydba@gmail.com with your request.
We implement industry-standard security measures to protect your personal information, including:
While we take these precautions, no method of transmission over the internet or electronic storage is 100% secure. Users are encouraged to keep their login credentials confidential and to notify us immediately of any unauthorized access to their accounts.
Finy is intended for U.S. users. If you are a resident of the European Union (EU) or European Economic Area (EEA), you may have additional rights under the General Data Protection Regulation (GDPR). EU residents may contact us at finydba@gmail.com to exercise rights under the GDPR, including rights to access, rectification, erasure, restriction of processing, data portability, and objection to processing.
EU Representative / Data Protection Officer: For GDPR-related inquiries, EU residents may contact our designated representative at finydba@gmail.com. We will respond to all GDPR requests within the required timeframes under EU law.
We are committed to making our Privacy Policy accessible to all users. This Privacy Policy is available in alternative accessible formats upon request. If you require this document in a different format, please contact us at finydba@gmail.com and we will work to accommodate your needs.
All data collected through our Service is stored on servers located in the United States. Our company is based in California, and we primarily serve U.S. users. If data is transferred internationally for any reason, it will be protected under appropriate safeguards such as Standard Contractual Clauses (SCCs) or other mechanisms approved by applicable data protection authorities to ensure your information remains secure.
This Privacy Policy and any disputes arising from it shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of law provisions. Any disputes related to this Privacy Policy or our privacy practices shall be resolved through binding arbitration in California, in accordance with the rules of the American Arbitration Association. You agree to waive any right to a jury trial or to participate in a class action lawsuit. Notwithstanding the foregoing, we may seek injunctive or other equitable relief in any court of competent jurisdiction.
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the revised policy. We encourage you to review this Privacy Policy periodically.