Privacy Policy

Status: repo-owned release draft. Requires legal and provider review before final publication.

Data FlowFund Collects

• Contact info: email address and support messages.
• Financial info: account names, account types, balances, transactions, recurring bills, income signals, payment-account metadata, investment holdings, and route history.
• Identifiers: account user ID, installation ID, App Attest material, APNs device token, and StoreKit transaction identifiers.
• Purchase data: FlowFund Pro entitlement status and subscription transaction details from Apple.
• Usage and diagnostics: app events, settings, errors, and crash-origin metadata after financial fields are scrubbed.

How Bank Tokens Are Stored

Device-side bank access tokens are stored in Keychain using device-only accessibility. They are not stored in SwiftData, UserDefaults, iCloud Keychain, logs, exports, or crash reports.

Server-side provider tokens are used only for backend operations such as webhook processing, payment execution, and sweep evaluation where configured.

Third-Party Providers

FlowFund sends only the data needed for app functionality to connected providers such as Plaid, Teller, MX, Akoya/FDX providers, Pinwheel, Apple, and the configured backend platform.

Raw transaction arrays are not sent to AI model providers. Enhanced AI access is disabled by default, requires explicit opt-in, and shows an in-app provider badge when active.

How FlowFund Uses Data

FlowFund uses collected data to calculate route recommendations, detect income and bills, show alerts and forecasts, initiate user-confirmed Proposed Moves, verify subscriptions, improve reliability, and support account deletion and data export.

Deleting Account And Data

Users can start account and data deletion from Settings. Some records may remain if required for security, dispute handling, provider reconciliation, tax, accounting, or legal compliance.

Contact

Support: support@getflowfund.app
Privacy requests: privacy@getflowfund.app