Privacy Policy
Last Updated: January 25, 2026
────────────────────────────────────────
1. INTRODUCTION
1.1 KeepItSimplr ("we," "our," or "us") respects your privacy and is committed to protecting your personal information.
1.2 This Privacy Policy explains how we collect, use, store, and protect your information when you use the KeepItSimplr service ("Service").
1.3 By using the Service, you consent to the practices described in this Privacy Policy.
────────────────────────────────────────
2. INFORMATION WE COLLECT
2.1 Account Information
• Email address (required for cloud sync)
• Account creation date
• Subscription status
2.2 Financial Data You Provide
• Income information
• Expense details
• Savings goals
• Investment account information
• Account balances
2.3 Technical Information
• Browser type and version
• Device type
• IP address (for security purposes)
• Usage patterns and feature interactions
2.4 Payment Information
• Payment processing is handled entirely by Stripe
• We do not store credit card numbers or banking details
• We receive only transaction confirmations and subscription status
────────────────────────────────────────
3. HOW WE PROTECT YOUR DATA
3.1 Encryption
• All financial data you enter is encrypted using AES-256 encryption before storage
• Data is encrypted client-side before transmission
• We cannot read or access your financial data in its unencrypted form
• Data is decrypted only when you access it with your authenticated session
3.2 Secure Transmission
• All data transmitted between your device and our servers uses HTTPS/TLS encryption
3.3 Authentication
• We use email-based one-time passcode (OTP) authentication
• OTP codes expire after 10 minutes
• Rate limiting protects against brute-force attacks
3.4 Infrastructure
• Data is stored on secure, industry-standard cloud infrastructure (Supabase)
• Regular security updates and monitoring
────────────────────────────────────────
4. HOW WE USE YOUR INFORMATION
4.1 We use your information to:
• Provide and maintain the Service
• Authenticate your account
• Sync your data across devices
• Process subscription payments
• Send transactional emails (OTP codes, account notifications)
• Improve the Service based on usage patterns
• Respond to support requests
4.2 We DO NOT:
• Sell your personal information to third parties
• Share your financial data with advertisers
• Use your data for targeted advertising
• Access or read your encrypted financial data
────────────────────────────────────────
5. DATA SHARING
5.1 We share information only with:
• Stripe – for payment processing
• Supabase – for secure data storage
• Postmark – for transactional email delivery
• Render – for application hosting
5.2 All third-party providers are bound by their own privacy policies and data protection agreements.
5.3 We may disclose information if required by law, court order, or government request.
────────────────────────────────────────
6. DATA RETENTION
6.1 Active Accounts
• Your data is retained as long as your account remains active
6.2 Account Deletion
• When you delete your account, all associated data is permanently removed within 31 days
• This grace period allows for accidental deletion recovery
6.3 Inactive Accounts
• Accounts inactive for more than 24 months may be flagged for deletion
• We will attempt to notify you via email before deletion
6.4 Subscription Cancellation
• If your subscription lapses, your data remains encrypted and stored
• You can resubscribe to regain access
• After 12 months of lapsed subscription, data may be deleted
────────────────────────────────────────
7. YOUR RIGHTS
7.1 You have the right to:
• Access your personal data
• Correct inaccurate data
• Delete your account and all associated data
• Export your data
• Withdraw consent at any time
7.2 To exercise these rights, use the account management features in the Service or contact us at support@keepitsimplr.com.
────────────────────────────────────────
8. COOKIES AND LOCAL STORAGE
8.1 We use:
• Session tokens stored in localStorage for authentication
• Preference flags for UI state (popup dismissals, etc.)
8.2 We do not use:
• Third-party tracking cookies
• Advertising cookies
• Analytics cookies that identify individuals
────────────────────────────────────────
9. CHILDREN'S PRIVACY
9.1 The Service is not intended for users under 18 years of age.
9.2 We do not knowingly collect personal information from children under 18.
9.3 If we discover that a child under 18 has provided personal information, we will delete it promptly.
────────────────────────────────────────
10. INTERNATIONAL DATA TRANSFERS
10.1 Your data may be processed and stored in the United States.
10.2 By using the Service, you consent to the transfer of your information to the United States.
10.3 We implement appropriate safeguards for international data transfers in compliance with applicable laws.
────────────────────────────────────────
11. CALIFORNIA PRIVACY RIGHTS
11.1 California residents have additional rights under the California Consumer Privacy Act (CCPA):
• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights
────────────────────────────────────────
12. EUROPEAN PRIVACY RIGHTS
12.1 If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
12.2 Our legal basis for processing:
• Consent (for account creation and data storage)
• Contract performance (for providing the Service)
• Legitimate interests (for security and service improvement)
────────────────────────────────────────
13. CHANGES TO THIS POLICY
13.1 We may update this Privacy Policy from time to time.
13.2 Material changes will be communicated via email or prominent notice in the Service.
13.3 Continued use after changes constitutes acceptance of the updated policy.
────────────────────────────────────────
14. CONTACT US
14.1 For privacy-related questions or concerns:
• Email: privacy@keepitsimplr.com
14.2 For general support:
• Email: support@keepitsimplr.com
────────────────────────────────────────
15. DATA PROTECTION OFFICER
15.1 For GDPR-related inquiries, contact our Data Protection Officer at:
• Email: dpo@keepitsimplr.com
────────────────────────────────────────
By using KeepItSimplr, you acknowledge that you have read and understood this Privacy Policy.