Privacy Policy

Last Updated: March 9, 2026

This Privacy Policy describes how finever.ai (“we,” “us,” or “our”) collects, uses, discloses, and otherwise processes personal information in connection with our websites, applications, and related services that link to this policy (collectively, the “Services”). It should be read together with our Terms of Service.

If you do not agree with this Privacy Policy, please do not use the Services.

Scope and our role

We determine how and why personal information is processed for the Services described here and act as a data controller (or equivalent under applicable law) for that processing, except where we process information solely as a processor or service provider on behalf of another organization under their instructions (for example, certain enterprise arrangements). In those cases, that organization’s privacy notice governs, and you should contact them with questions.

Personal information we collect

The categories we collect depend on how you use the Services.

Information you provide

  • Account and profile. When you sign in or create an account (for example, through our authentication provider), we receive identifiers such as your name, email address, and user ID, and related account metadata.
  • Tax return and planning inputs. If you upload documents or enter information to generate planning materials, we process the contents of those files and fields. This may include tax, financial, and identifying information contained in a federal or other tax return or supporting schedules, depending on what you submit.
  • Payment information. Purchases are handled by our payment processor. We receive limited payment-related information (for example, subscription status, customer identifiers, and transaction records), not your full card number.
  • Communications. When you contact us, we collect the information you send (such as message content and contact details) and related support metadata.

Information collected automatically

  • Device and log data. Such as IP address, browser type, device identifiers, dates and times of access, and diagnostic or error data.
  • Usage data. Such as pages viewed, features used, and interactions with the Services.
  • Cookies and similar technologies. We and our vendors may use cookies, local storage, pixels, and similar technologies for security, preferences, analytics, and (where applicable) marketing measurement. You can control some cookies through your browser settings.

Information from third parties

  • Authentication provider. We use Clerk to manage sign-in and account security. Clerk processes information according to its own policies when you authenticate.
  • Analytics. We use PostHog to understand product usage and improve the Services. PostHog may receive device and usage information. See PostHog’s privacy information.
  • Advertising measurement. When we run paid campaigns, we may use Google Ads tags to measure ad performance and conversions. Google may receive cookie identifiers, click IDs (such as gclid), page URLs, and conversion-related events. See Google’s privacy policy and your Google ad settings.
  • Payment processor. Stripe processes payments and billing according to Stripe’s privacy policy.
  • Other service providers. We use vendors for hosting, security, email delivery, and other business functions. They may process personal information only to provide services to us.

How we use personal information

We use personal information to:

  • Provide, operate, maintain, and secure the Services (including generating educational planning outputs from materials you submit).
  • Authenticate users, process transactions, and manage subscriptions.
  • Communicate with you about the Services, updates, and support.
  • Improve and develop features, including through analytics, troubleshooting, and aggregated or de-identified analysis.
  • Detect, investigate, and help prevent fraud, abuse, and security incidents.
  • Comply with law, respond to lawful requests, and enforce our Terms of Service.
  • Fulfill other purposes described when information is collected or with your consent where required.

Artificial intelligence and automated processing

Parts of the Services may use automated methods (including machine learning or other computational techniques) to analyze information you provide and to generate summaries, recommendations, or structured planning content. You should treat outputs as educational and informational, not as tax, legal, or financial advice. See our Terms of Service and site disclaimers.

How we disclose personal information

We may disclose personal information:

  • To service providers and subprocessors who assist us under contractual obligations (for example, hosting, authentication, payments, analytics, and customer support tools).
  • For legal reasons when we believe disclosure is required by law, regulation, legal process, or governmental request, or to protect the rights, safety, and security of users, the public, or finever.ai.
  • In connection with a business transaction such as a merger, acquisition, financing, or sale of assets, subject to appropriate confidentiality safeguards.
  • With your direction or consent when you ask us to share information or connect integrations.

We do not sell your personal information for money. We may allow certain partners to place technologies on our sites for analytics or advertising measurement as described in this policy and applicable law.

Your privacy rights and choices

Depending on where you live, you may have rights to access, correct, delete, or export personal information; to opt out of certain processing (including targeted advertising or “sale”/“sharing” as defined under U.S. state laws, where applicable); to appeal our responses; or to lodge a complaint with a supervisory authority.

You may also:

  • Adjust cookie preferences where we offer controls.
  • Manage marketing communications using unsubscribe links or account settings, where available.
  • Use browser or platform signals (such as Global Privacy Control) where we honor them for applicable opt-outs.

To exercise rights, contact us through our Support page. We may need to verify your request. Agents may submit requests on your behalf where permitted by law, with appropriate authorization.

U.S. state privacy notices (summary)

California and other states with comprehensive privacy laws may grant residents additional rights. In the preceding twelve months, we may have collected identifiers, commercial information, internet or network activity, financial information (as reflected in documents you choose to upload), and inferences drawn from the above, depending on your use of the Services. Sources include you, your device, our vendors, and authentication/payment partners. We use this information for the purposes in How we use personal information. We disclose information to the categories of recipients in How we disclose personal information.

We do not knowingly sell personal information of minors under 16. We do not use or disclose “sensitive personal information” for purposes other than permitted business purposes under applicable state law, where those concepts apply.

For California “Shine the Light” requests regarding personal information disclosed to third parties for their direct marketing, contact us through Support.

International users

We are based in the United States. If you access the Services from other countries, your information may be processed in the U.S. and other locations where we or our vendors operate. Where required, we use appropriate safeguards (such as standard contractual clauses approved by relevant regulators) for cross-border transfers.

Data retention

We retain personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary depending on the nature of the data and legal requirements. When retention ends, we delete or de-identify information where feasible.

Security

We implement technical and organizational measures designed to protect personal information. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

Children

The Services are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us.

Third-party sites and services

The Services may contain links to third-party websites or integrations. Their privacy practices are governed by their own policies. We encourage you to read them before providing information.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version and revise the “Last Updated” date. If changes are material, we will provide additional notice as required by law.

How to contact us

For privacy-related questions or requests, use the contact options on our Support page.