Legal

Privacy Policy

Effective date: January 1, 2025

Stackr Technologies, Inc. ("Stackr," "we," "us," or "our") operates the Stackr financial planning service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information we collect

Information you provide directly

  • Account information: Name, email address, and password when you create an account.
  • Profile information: Employment type, household composition, financial goals, and preferences you enter during onboarding or in settings.
  • Communications: Messages you send to our support team or through the AI assistant.
  • Documents: Files you upload to the document vault (tax returns, pay stubs, insurance policies, etc.).

Information from connected financial accounts

When you connect a financial institution through Plaid, we receive:

  • Account names, types, and numbers (masked)
  • Account balances and transaction history
  • Institution name and routing information
  • Investment holdings and positions

We receive this information on a read-only basis. We cannot initiate transactions, move funds, or modify your accounts in any way.

Information we collect automatically

  • Usage data: Features used, pages visited, and interactions within the app.
  • Device information: Browser type, operating system, and IP address.
  • Log data: Server logs including access times and error information.

2. How we use your information

We use the information we collect to:

  • Provide and operate the Stackr service, including financial planning features, projections, and AI-powered insights
  • Sync and display your account balances and transaction history
  • Send alerts, notifications, and weekly summaries you have opted into
  • Improve our products, fix bugs, and develop new features
  • Respond to your questions and provide customer support
  • Ensure the security and integrity of our service
  • Comply with legal obligations

We do not use your financial data to serve you advertisements. We do not sell, rent, or broker your data to advertising networks or data brokers. Our revenue comes entirely from subscription fees.

3. How we share your information

We do not sell your personal information. We share your information only in these circumstances:

Service providers

We share information with third-party companies that help us operate our service:

  • Plaid: Bank account connection and data aggregation. Plaid Privacy Policy ↗
  • Stripe: Payment processing for subscriptions. Stripe Privacy Policy ↗
  • Anthropic: AI model powering the financial coach. Conversation content is sent to Anthropic to generate responses. Anthropic Privacy Policy ↗
  • Cloud infrastructure providers: Hosting, storage, and database services for application operation.

Legal requirements

We may disclose your information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of Stackr, our users, or others.

Business transfers

If Stackr is acquired, merged, or sold, your information may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

With your consent

We may share your information with third parties when you explicitly request it, such as when you generate a share link to send a document to a financial advisor.

4. Data security

We implement industry-standard security measures to protect your information:

  • Encryption in transit: All data transmitted between your device and our servers uses TLS 1.3.
  • Encryption at rest: Sensitive data stored in our databases is encrypted using AES-256.
  • Token security: Financial institution access tokens from Plaid are encrypted with a separate key before storage.
  • Access controls: Employee access to user data is restricted to those with a legitimate need and is logged.
  • Household isolation: Every database query is scoped to your household. No user can access another user's data.

No method of transmission or storage is 100% secure. If you have reason to believe your account has been compromised, please contact us immediately at privacy@stackr.app.

5. Bank account connections

Stackr uses Plaid Technologies, Inc. to connect your financial accounts. When you connect a bank account:

  • You authenticate directly with your financial institution through Plaid's interface.
  • Your bank login credentials are never sent to or stored by Stackr.
  • Plaid provides Stackr with a read-only access token.
  • Stackr uses this token to retrieve account balances, transaction history, and investment holdings.

You can disconnect a financial institution at any time from your Accounts settings page. Disconnecting will stop future data syncing and, upon your request, we will delete the previously synced data.

By connecting your accounts, you also agree to Plaid's End User Privacy Policy ↗.

6. Data retention

We retain your information for as long as your account is active or as needed to provide you the service. If you delete your account:

  • Your profile and financial data will be permanently deleted within 30 days.
  • Uploaded documents will be deleted from our storage within 30 days.
  • Backup copies may persist for up to 90 days before being purged from all systems.
  • We may retain de-identified, aggregated data that cannot be linked back to you.
  • We may retain certain records for longer if required by law (e.g., billing records for 7 years).

7. Your rights

Depending on your location, you may have the following rights:

All users

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Request a machine-readable export of your data.
  • Opt-out of notifications: Manage notification preferences from Settings.

California residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to opt-out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising these rights.

European residents (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation including the right to restrict processing, object to processing, and lodge a complaint with your supervisory authority. Our lawful basis for processing is contract performance (to provide you the service you signed up for) and legitimate interests (to improve our service and prevent fraud).

To exercise any of these rights, contact us at privacy@stackr.app. We will respond within 30 days.

8. Cookies and tracking

We use a minimal set of cookies:

  • Session cookies: Required for authentication. These expire when you close your browser.
  • Preference cookies: Remember your settings (e.g., notification preferences). These persist until cleared.

We do not use third-party advertising cookies, tracking pixels, or analytics services that share data with ad networks. We do not participate in cross-site tracking.

9. Children's privacy

Stackr is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Sending an email to your registered address at least 30 days before changes take effect
  • Displaying a notice in the Stackr application
  • Updating the "Effective date" at the top of this page

Your continued use of Stackr after changes take effect constitutes acceptance of the updated policy. If you do not agree to the changes, you should delete your account before they take effect.

11. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy:

Stackr Technologies, Inc.

Email: privacy@stackr.app

We respond to all privacy-related inquiries within 5 business days.