Privacy Policy

Version 2026-03-12 · Effective 2026-03-12

FiniteHour is a personal finance tool. You share sensitive financial information with us, and we take that seriously. This policy explains what we collect, why we collect it, who can see it, and what you can do about it. We've written it in plain language — no legalese, no surprises.

When you create an account

When you sign up, we collect your email address. If you use Google or Apple sign-in, we receive whichever email address is associated with that account. Your password is yours alone — we never see it; it is processed directly by our authentication provider.

We record that you accepted this Privacy Policy and our Terms of Service, including the date and version number. This is our legal basis for processing your data under the contract you enter with us at signup.

When you use FiniteHour

The financial data you enter — income streams, accounts, transactions, obligations, reserves, and goals — is stored and used exclusively to calculate your hourly rate and power your dashboard. This data is never shared with advertisers and is never sold, full stop.

If you create a household, we store the names and email addresses of anyone you invite. When you invite someone, we send them an email with your invitation on your behalf. They must create their own account and accept this Privacy Policy before any financial data is shared between household members.

When a household member leaves or is removed, their personal data is removed from the household. Shared data — such as joint transactions — is retained for the remaining members. If you delete your account while in a household, your personal financial data is removed within 30 days. See the Terms of Service for full details on household data handling.

When you pay

Payments are handled by Stripe. We store your subscription status and billing history — we never see or store your card number. Stripe processes payment data under their own privacy policy, which you can read at stripe.com/privacy.

How we improve FiniteHour

With your consent, we collect usage patterns linked to your account — pages you visit, features you use, and how you interact with the app. This helps us understand what's working and where to improve. You can opt out at any time from Settings or by choosing “Essential only” on the cookie banner.

We collect error reports to help us fix bugs. Financial figures are masked in error captures — we see that an error occurred, not the number that caused it. Performance metrics help us keep the app fast and reliable.

Who has access to your data

We work with five third-party services. Here's what each one does and what data it receives:

ServiceWhat it doesData it receivesLegal basis
SupabaseStores your data securelyAccount info, financial dataContract
StripeProcesses paymentsBilling details (not card numbers)Contract
PostHogHelps us improve the appUsage patterns (opt-out available)Consent
SentryCatches errorsError reports (financial data masked)Legitimate interest
VercelHosts the applicationStandard web request dataContract

No other parties receive your personal or financial data. We do not sell your data. We do not share it for advertising purposes.

Your rights and choices

  • See your data. Download everything as JSON from Settings › Account › Export my data.
  • Delete your data. Request deletion in Settings. We will remove your personal data within 30 days of your request.
  • Opt out of analytics. Use the toggle in Settings › Privacy, or choose “Essential only” on the cookie banner when you first visit.
  • Correct your data. Edit your information directly in the app. For anything you can't change yourself, email us and we'll sort it out.
  • Do not sell. We do not sell or share your personal information for cross-context behavioral advertising. If you'd like to opt out of analytics tracking, use the toggle in Settings › Privacy.

Cookies

We use two types of cookies. An authentication cookie keeps you signed in — it's essential and always active. An analytics cookie enables usage tracking by PostHog — it's optional and controlled by your consent choice. You can change your preference at any time from Settings › Privacy.

Data retention

We keep your data for as long as your account is active. After you request deletion, your personal data is removed within 30 days. Billing records may be retained for up to 7 years for tax and legal compliance, even after your account is closed. Accounts inactive for 24 months may be flagged for deletion with 30 days' notice. Database backups are retained for a limited period consistent with our disaster recovery needs.

Other details

Age. FiniteHour is intended for adults 18 and older (see Terms of Service). We do not knowingly collect data from anyone under 16. If you believe a child has created an account, please contact us and we will remove it promptly.

International transfers. Your data is processed in the United States. For transfers of personal data from the European Economic Area, we rely on Standard Contractual Clauses or the EU–US Data Privacy Framework as applicable.

Changes to this policy. We version this policy and will notify you of material changes before they take effect. The version number and effective date are shown at the top of this page. Continued use of FiniteHour after a material change constitutes acceptance of the updated policy.

Contact

Privacy questions, data requests, or anything else: email us at privacy@finitehour.com. We aim to respond within 5 business days.

← Back to FiniteHour