← Back to Home
AI Ledger ("we," "us," or "our") operates the expense.blackfyre.us website and mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
Important: By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.
1. Information We Collect
1.1 Personal Information
We collect information that identifies, relates to, or could reasonably be linked with you ("Personal Information"), including:
- Account Information: Email address, password (encrypted), full name
- Financial Information: Bank account numbers, transaction data, account balances (when you connect via Plaid)
- Payment Information: Billing details processed through Stripe (we do not store credit card numbers)
- Document Data: PDF bank statements and receipts you upload
- Usage Data: IP address, browser type, device information, pages visited, time stamps
1.2 Automatically Collected Information
When you access the Service, we automatically collect:
- Device information (operating system, unique device identifiers)
- Log data (IP address, browser type, pages viewed, time spent)
- Cookies and similar tracking technologies
- Location data (if you grant permission)
1.3 Information from Third-Party Services
We receive information from:
- Plaid: Bank account and transaction data when you link your accounts
- Stripe: Payment and subscription status information
- OpenAI: Processed data from AI analysis (anonymized)
2. How We Use Your Information
We use your information for the following purposes:
| Purpose |
Information Used |
| Provide and maintain the Service |
Account info, financial data, uploaded documents |
| Process bank statements with AI |
PDF documents, transaction data |
| Sync bank transactions |
Plaid access tokens, account data |
| Process payments and subscriptions |
Email, payment info via Stripe |
| Send important notifications |
Email address |
| Improve and optimize the Service |
Usage data, feedback |
| Prevent fraud and ensure security |
IP address, device info, usage patterns |
| Comply with legal obligations |
All collected information as required |
3. How We Share Your Information
We do NOT sell your personal information. We may share your information only in the following circumstances:
3.1 Service Providers
- Plaid Inc. - Bank account connection and transaction data retrieval
- Stripe Inc. - Payment processing and subscription management
- OpenAI - AI-powered document processing (data anonymized)
- Cloud Hosting - Infrastructure providers for data storage
3.2 Legal Requirements
We may disclose your information if required by law or in response to:
- Valid legal processes (subpoenas, court orders)
- Government requests
- Protection of our rights and property
- Prevention of fraud or security issues
3.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
4. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All data transmitted using TLS/SSL encryption (HTTPS)
- Password Protection: Passwords hashed using bcrypt
- Database Security: Encrypted at rest, regular backups
- Access Controls: Limited employee access on need-to-know basis
- Regular Security Audits: Ongoing monitoring and testing
Note: While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
5. Data Retention
We retain your information for as long as necessary to provide the Service and comply with legal obligations:
- Account Data: Retained while your account is active
- Financial Records: 7 years (for tax and legal compliance)
- Transaction Data: Until you request deletion or close your account
- Usage Logs: 90 days
6. Your Privacy Rights
Depending on your location, you may have the following rights:
6.1 Access and Portability
- Request a copy of your personal information
- Export your data in a portable format
6.2 Correction and Deletion
- Update or correct inaccurate information
- Request deletion of your account and data
6.3 Opt-Out Rights
- Unsubscribe from marketing emails
- Disable cookies (may affect functionality)
- Disconnect bank accounts via Plaid
6.4 California Privacy Rights (CCPA)
California residents have additional rights:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale (we do not sell information)
- Right to deletion
- Right to non-discrimination for exercising privacy rights
6.5 European Privacy Rights (GDPR)
EU/EEA residents have rights under GDPR:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
To exercise these rights, contact us at: privacy@blackfyre.us
7. Children's Privacy
Our Service is NOT intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.
8. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Essential Cookies: Required for login and security
- Functional Cookies: Remember your preferences
- Analytics Cookies: Understand how you use the Service
You can control cookies through your browser settings. Note that disabling cookies may limit Service functionality.
9. Third-Party Services
9.1 Plaid
When you connect your bank account, Plaid's privacy policy applies. Learn more: https://plaid.com/legal/
9.2 Stripe
Payment processing is governed by Stripe's privacy policy: https://stripe.com/privacy
9.3 OpenAI
AI processing is subject to OpenAI's terms. Your documents are processed but not used to train AI models.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by relevant authorities
- Appropriate security measures
11. Do Not Track Signals
Our Service does not currently respond to "Do Not Track" (DNT) browser signals. We will update this policy if we implement DNT support in the future.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be notified via:
- Email notification to registered users
- Prominent notice on the Service
- In-app notification (mobile app)
Your continued use of the Service after changes constitutes acceptance of the updated policy.
13. Data Breach Notification
In the event of a data breach affecting your personal information, we will:
- Notify you within 72 hours of discovery
- Inform relevant authorities as required by law
- Provide information about the breach and remedial actions
14. Your Consent
By using our Service, you consent to:
- Collection and use of information as described in this policy
- Processing of your financial data by AI systems
- Transfer of data to third-party service providers
- Use of cookies and tracking technologies
15. Compliance Certifications
This Privacy Policy is designed to comply with:
- California Consumer Privacy Act (CCPA)
- General Data Protection Regulation (GDPR)
- Children's Online Privacy Protection Act (COPPA)
- Google Play Store Privacy Requirements
- Apple App Store Privacy Requirements
- Financial data protection regulations
© 2025 Blackfyre LLC. All rights reserved.
Home |
Terms of Service |
Privacy Policy