Privacy Policy
Privacy Policy
Granite Finance ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application, Granite (the "Service").
Introduction
By accessing or using our Service, you agree to the collection and use of information in accordance with this policy. We are committed to protecting your privacy and ensuring your personal information is handled responsibly.
1. Information We Collect
We collect information in the following ways:
- Information You Provide Directly: This includes your email address when you create an account, as well as any financial information you manually enter, such as your monthly income, fixed expenses, and savings or investment goals.
- Financial Information via Plaid: When you connect your financial accounts to our Service, we use a third-party service provider, Plaid Inc. ("Plaid"), to retrieve transaction data. This includes information about your account balance, transaction history, merchant names, amounts, and categories. We do not receive or store your bank account login credentials.
- Usage Information: With your consent, we collect analytics data through Google Analytics to understand how you interact with the Service. This includes information such as pages visited, time on page, device type, and general location derived from your IP address. We only load Google Analytics after you accept our cookie notice, and you can change that preference at any time via the cookie settings button in the footer.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To provide, operate, and maintain our Service, including calculating your daily budget.
- To personalize your experience.
- To communicate with you, including sending optional notifications and responding to your inquiries.
- To monitor and analyze usage to improve and enhance the Service.
- To enforce our Terms and Conditions.
4. Data Security
We use administrative, technical, and physical security measures to help protect your personal information. We rely on the security infrastructure of our provider, which includes industry-standard security practices. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that no security measures are perfect or impenetrable.
5. Google Sign-In Data
If you choose to sign in with your Google account, this section explains how we handle your Google data:
Data Accessed
If you choose to sign in with your Google account, we access limited profile information provided by Google, specifically your name, email address, and profile image (if available). No other Google user data (such as Gmail, Drive, Calendar, or Contacts) is accessed.
Data Usage
This information is used solely to authenticate your account, personalize your profile within the app, and facilitate secure login. We do not use your Google data for advertising purposes.
Data Sharing
We do not share Google user data with any third parties except as required to operate the Service (e.g., our backend server). These providers process data only on our behalf and under strict confidentiality obligations.
Data Storage & Protection
Google user data is securely stored on Supabase servers located in the United States. All data is encrypted both in transit (HTTPS/TLS) and at rest. Access is limited to authorized personnel who need the information to operate and maintain the Service.
Data Retention & Deletion
We retain Google user data only while your account is active. When you delete your account or request data deletion, all associated Google user data is permanently deleted from our servers within 30 days.
To request deletion, email hi@granitefinance.io with the subject line "Delete My Data."
6. Your Rights and Choices
You have the right to review, update, or delete the personal information you provide in your account settings. You can also disconnect your financial accounts at any time. If you wish to permanently delete your account and all associated data, please contact us.
7. Data Retention and Deletion
We retain your information as long as your account is active. When you delete your account, all associated data is permanently deleted from our servers within 30 days.
Apple Subscription Notice
Subscriptions purchased through Apple are managed by Apple. Deleting your Granite account does not cancel an Apple subscription. You can manage or cancel Apple subscriptions at https://apps.apple.com/account/subscriptions.
We may retain limited records when required by law or for legitimate business purposes (for example, payment processor transaction records needed for tax, accounting, chargeback, or fraud prevention obligations). These records are access-limited and retained only as long as required.
You can request data deletion at any time by emailing hi@granitefinance.io with the subject line "Delete My Data." You can also submit a request at granitefinance.io/delete-account.
8. Children Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children.
9. Third-Party Services
We use third-party providers like Plaid (see Plaid's Privacy Policy), Supabase for backend hosting and data storage, and Google Analytics for product analytics (only after you consent to analytics cookies).
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
11. Contact Us
If you have any questions about this Privacy Policy, please email hi@granitefinance.io.