Privacy Policy

Introduction

Tylia LLC ("we," "us," or "our") operates the TyliaFinance mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the App.

We reserve the right to make changes to this Privacy Policy at any time. We will alert you about material changes by updating the "Effective Date" of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed. You will be deemed to have acknowledged and agreed to changes by your continued use of the App after the date such revised Privacy Policy is posted.

Information We Collect

2.1 Information You Provide Directly

When you create an account and use the App, you may provide us with the following categories of personal information:

• Account Information: Email address and password (or credentials via Google or Apple Sign-In) used to create and access your account.
• Financial Profile Data: Gross salary, state of residence, 401(k) contributions, health insurance deductions, and filing status that you enter into the salary calculator.
• Budget Data: Budget category names, monthly targets, and actual spending amounts that you manually enter.
• Loan Information: Loan names, types (mortgage, student, auto, credit card), principal amounts, interest rates, terms, and extra payment amounts.
• Investment Holdings: Holding names, ticker symbols, asset classes, share counts, cost basis, and current prices that you manually enter.
• Retirement Planning Data: Current age, target retirement age, current savings, monthly contributions, expected return rates, inflation assumptions, and retirement spending targets.

2.2 Information Collected Automatically

When you use the App, we may automatically collect:

• Device Information: Device type, operating system version, and unique device identifiers.
• Usage Data: Features accessed, screens viewed, session duration, and interaction patterns used for product analytics.
• Crash and Performance Data: Error logs, crash reports, and performance metrics collected through our error monitoring service (Sentry).

2.3 Information We Do NOT Collect

How We Use Your Information

We use the information we collect for the following purposes:

1. Provide and maintain the App: To operate the App, save your financial data across sessions, and deliver core features including salary calculations, budgeting, loan analytics, retirement projections, and scenario modeling.
2. Personalize your experience: To generate financial insights, recommendations, and analysis tailored to your specific financial situation.
3. Process subscriptions: To manage your Standard or Premium subscription through in-app purchase platforms (Apple App Store, Google Play Store) via our payment partner RevenueCat.
4. Improve the App: To analyze usage patterns, identify bugs, and develop new features based on aggregated, anonymized usage data.
5. Communicate with you: To send you account-related notifications, financial digests (if opted in), and important updates about the App.
6. Ensure security: To detect and prevent fraud, unauthorized access, and other malicious activities.

Data Storage and Security

4.1 Where Your Data Is Stored

Your financial data is stored in a secure PostgreSQL database hosted by Supabase, a managed cloud infrastructure provider. Data is encrypted at rest using AES-256 encryption. All data transfers between the App and our servers use TLS 1.2 or higher encryption.

4.2 Authentication and Access

User authentication is managed through Supabase Auth. Authentication tokens are stored securely on your device using the operating system's secure storage (iOS Keychain / Android Keystore via expo-secure-store). Row Level Security (RLS) policies ensure that each user can only access their own data at the database level.

4.3 Security Measures

We implement reasonable administrative, technical, and physical security measures to protect your personal information. However, no method of electronic storage or transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

Third-Party Services

We use the following third-party services that may process your data:

• Supabase: Cloud database and authentication. Supabase processes your account information and financial data for storage and retrieval.
• RevenueCat: Subscription management. RevenueCat processes your subscription status and anonymous purchase identifiers. It does not have access to your financial data.
• Apple / Google: In-app purchase processing. Payment details are handled entirely by Apple or Google. We never receive or store your payment card information.
• Sentry: Error monitoring. Sentry may receive anonymized crash reports and error logs. It does not receive your financial data.
• PostHog: Product analytics. PostHog receives anonymized usage events (screens viewed, features used). It does not receive identifiable financial data.
• Yahoo Finance: Market data. When you add investment holdings with ticker symbols, current stock prices are fetched from Yahoo Finance. Only ticker symbols are transmitted; no personal or financial profile data is shared.
• Anthropic (Claude API): AI insights (Premium tier only). If you subscribe to the Premium tier, a summary of your financial data (income, budget summary, loan totals, retirement projections, net worth) is sent to Anthropic's Claude API to generate personalized financial insights. This data is not stored by Anthropic after processing. No individually identifying information such as your name or email is included in the request.

Data Retention

We retain your personal information for as long as your account is active. If you delete your account, we will delete your financial profile, budget categories, loans, holdings, and associated data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.

Backup copies may persist in our database backup systems for up to 90 days after deletion, after which they are permanently removed.

Your Rights and Choices

7.1 Access and Export

You have the right to access the personal data we hold about you. You can view all of your financial data within the App at any time. You can export a complete copy of your financial data as a structured JSON file directly from the Settings screen in the App. You may also request a data export by contacting us at the email address below.

7.2 Correction

You can update or correct your financial data directly within the App at any time.

7.3 Deletion

You can delete your account and all associated data directly from the Settings screen in the App. You may also request deletion by contacting us at ndimperio@tylia-finance.com. Account deletion is processed within 30 days of a verified request. Upon deletion, all financial profile data, budget categories, loans, holdings, and subscription metadata are permanently removed from our servers.

7.4 Opt-Out of Communications

You can opt out of push notifications through your device settings. You can unsubscribe from email digests and marketing communications using the unsubscribe link in any email.

7.5 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise these rights, contact us at the email address below.

7.6 European Economic Area, United Kingdom, and Switzerland Residents (GDPR)

If you reside in the European Economic Area, United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Lawful Basis: We process your personal data based on your consent (when you create an account and enter financial data) and on the basis of contractual necessity (to provide the services you have requested).
• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate or incomplete data.
• Right to Erasure: You may request deletion of your personal data, subject to certain legal exceptions.
• Right to Restrict Processing: You may request that we restrict processing of your data in certain circumstances.
• Right to Data Portability: You may request a copy of your data in a structured, machine-readable format. You can export your data directly from the App's Settings screen.
• Right to Object: You may object to our processing of your data for certain purposes.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time by deleting your account.

To exercise these rights, contact us at ndimperio@tylia-finance.com. We will respond to your request within 30 days.

Children's Privacy

The App is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction. By using the App, you consent to the transfer of your information to such countries.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the App or via email. The updated policy will be effective as of the new Effective Date shown at the top of this document.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: ndimperio@tylia-finance.com
Website: https://tylia-finance.com
Business: Tylia LLC