FinGoal.ai Privacy Policy

Effective Date: 16th July, 2025
Last Updated: 15th July, 2025

1. Introduction

This Privacy Policy explains how FinGoal.ai ("FinGoal.ai," "we," "our," or "us") collects, uses, stores, discloses, and protects your personal information when you use our services. We are committed to ensuring full compliance with the UK General Data Protection Regulation (UK GDPR), the EU GDPR, the Data Protection Act 2018, and applicable ePrivacy laws.

By accessing or using the FinGoal.ai website, mobile application, or any related services (collectively, the "Services"), you agree to the terms outlined in this Privacy Policy.

2. Data Controller

FinGoal.ai is the data controller of your personal data. If you have any questions about this policy or your rights under applicable data protection laws, please contact:

FinGoal.ai
Email: contactus@fingoalai.com

3. Information We Collect

a. Personal Information:

  • Full name, email address, phone number

  • Login credentials (securely stored)

b. Financial Data (via Open Banking APIs):

  • Masked bank account numbers

  • Transaction data, balances, and account types

  • Categorised spending data and patterns

c. Technical & Usage Information:

  • IP address, device and browser information

  • Operating system, session duration, app usage logs

  • Cookies and other tracking technologies

d. AI Interaction Data:

  • User chat prompts and responses

  • Goal-setting inputs and preferences

  • Behavioural and lifestyle analytics

4. Lawful Basis for Processing

Your personal data is processed based on the following legal grounds:

  • Consent (e.g., for cookies, marketing, account linking)

  • Performance of a Contract (e.g., delivery of services)

  • Legal Obligation (e.g., regulatory compliance, fraud detection)

  • Legitimate Interests (e.g., service improvement, product optimisation)

5. Purpose of Data Processing

We use your data to:

  • Provide, personalise, and improve FinGoal.ai’s services

  • Facilitate user registration, account access, and goal-tracking functionality

  • Deliver real-time insights and behavioural nudges through AI models

  • Perform diagnostics, analytics, and system security monitoring

  • Comply with applicable financial, legal, and regulatory obligations

6. Sharing and Disclosure of Data

We do not sell or lease your personal data. We may share data with:

  • Service Providers (e.g., cloud hosting, analytics platforms, payment processors)

  • Open Banking Partners (e.g., TrueLayer), with your explicit consent

  • Regulatory and Legal Authorities where disclosure is required by law

  • Successors and Assigns in the event of a merger, acquisition, or asset transfer

All third-party processors are bound by contractual obligations to safeguard your data.

7. International Transfers

Where data is transferred outside the UK or EEA, we ensure one of the following safeguards is in place:

  • Standard Contractual Clauses (SCCs) approved by the UK/EU

  • Binding Corporate Rules (BCRs)

  • UK Addendum to the EU SCCs

  • Approved international data transfer mechanisms and adequacy decisions

8. Data Security Measures

We apply industry-leading security protocols to protect your data:

  • AES-256 encryption for data at rest and TLS for data in transit

  • OAuth2.0 with PKCE for authentication and access tokens

  • Role-based access controls and secure key management

  • Regular vulnerability scans and security audits

9. Retention of Data

We retain data only as long as necessary for the purposes for which it was collected, including:

  • While you have an active FinGoal.ai account

  • To comply with financial regulations (e.g., PSD2, FCA guidelines)

  • To address disputes, fraud, or legal proceedings

When data is no longer required, it is securely deleted or anonymised.

10. Your Rights Under UK & EU Law

You have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete information

  • Erase your data (right to be forgotten)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time (without affecting prior lawful processing)

  • Lodge a complaint with the Information Commissioner's Office (ICO)

To exercise any of these rights, email us at [Insert Contact Email]. We will respond within 30 days as mandated.

11. Cookies and Similar Technologies

We use cookies to:

  • Improve site functionality and performance

  • Measure user interactions and traffic

  • Offer personalised experiences and content

Essential cookies are always active. Non-essential cookies (e.g., analytics, marketing) are used only with your explicit consent. You may manage cookie preferences via the provided banner or browser settings.

12. Children's Privacy

FinGoal.ai does not knowingly collect data from individuals under the age of 18. If such data is inadvertently collected, we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in legislation, technology, or data use. We will notify users of material changes via email, in-app notification, or on our website.

14. Contact Us

For inquiries, complaints, or requests, contact:

FinGoal.ai
Email: contactus@fingoalai.com

By using our services, you confirm that you have read, understood, and agreed to this Privacy Policy.