Privacy Policy — Handled.

1 Introduction

Handled is a personal finance management application operated by Jack Frater, sole proprietor. We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy outlines how we collect, use, store, and protect your personal and financial information. Please read this policy carefully to understand our practices regarding your data.

2 Information We Collect

2.1 Information You Provide

When you create an account with Handled, we collect the following information directly from you:

Account Information: Your name and email address, provided through Google OAuth authentication
Financial Account Credentials: Bank account credentials entered through Plaid Link. These credentials are securely transmitted to Plaid and are never stored on Handled servers

2.2 Information Collected Automatically

Once you link your financial accounts through Plaid, we automatically collect and retain the following information:

Transaction Data: Merchant names, transaction amounts, dates, and merchant categories provided by Plaid
Recurring Transaction Data: Information about your recurring bills, subscriptions, and transfers
Account Balances: Current and historical balance information from your linked accounts
Device Information: Browser type, operating system, device type, and IP address

2.3 Information from Third Parties

We may receive information about you from third-party services:

Google OAuth: Your name and email address during account creation
Plaid: Financial account data, transaction history, and account information

3 How We Use Your Information

We use the information we collect for the following purposes:

Provide Core Services: To deliver the personal finance management features and functionality you expect from Handled
Authentication: To verify your identity and maintain the security of your account
Service Improvement: To analyze usage patterns and improve our application's features and performance
Communication: To send you important notifications about your account, security updates, or service changes

        Important: We do NOT sell, rent, share, or lease your personal or financial data to third parties for marketing purposes. Your data is used solely to provide and improve the Handled service.
      

4 Data Sharing and Third-Party Services

Handled integrates with carefully selected third-party services to provide you with comprehensive financial management capabilities. Here's how your data is shared:

Service Provider	Purpose	Data Shared
Plaid Inc	Bank account linking and transaction retrieval	Bank credentials (temporarily), financial account data, transactions
Google / Firebase	Authentication and user management	Email address, name, authentication tokens
Stripe Inc	Payment processing (if applicable)	Payment information (processed securely, not stored by Handled)
Railway	Application hosting and data storage	All application data (encrypted in transit and at rest)

Each of these services has its own privacy policy and data protection practices. We encourage you to review their policies to understand how they handle your information.

5 Data Security

We implement comprehensive security measures to protect your personal and financial information:

Encryption in Transit: All data transmitted between your device and our servers uses TLS 1.2 or higher encryption
Encryption at Rest: Data stored in our Railway PostgreSQL database is encrypted at rest using industry-standard encryption
Access Controls: Access to user data is restricted to authorized personnel and protected by multi-factor authentication (MFA)
Token Security: Authentication tokens are generated and validated server-side only, never stored locally on your device
No Local Credential Storage: Financial account credentials are never cached, stored, or saved on your device or our servers

While we employ robust security measures, no system is completely immune to all security risks. We encourage you to maintain strong, unique passwords and enable two-factor authentication on your accounts.

6 Data Retention

We retain your information for as long as your account remains active. When you delete your account, we retain your data for 30 days to allow for account recovery or to address any outstanding issues. After 30 days, all personal and financial data associated with your account is permanently deleted from our systems.

For more detailed information about data deletion and retention policies, please see our Data Deletion and Retention Policy.

7 Your Rights

You have the following rights regarding your personal and financial information:

Right to Access: You can request a copy of all personal data we hold about you
Right to Correction: You can request correction of inaccurate or incomplete information
Right to Deletion: You can request deletion of your account and all associated data
Right to Disconnect: You can disconnect your bank accounts from Handled at any time without losing access to your historical data
Right to Portability: You can request your data in a portable format

To exercise any of these rights, please contact us at buyol17@gmail.com.

8 Children's Privacy

Handled is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

9 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy and, where required by law, by sending you a notification or requiring your consent.

Your continued use of Handled after any modifications to this Privacy Policy constitutes your acceptance of the updated terms.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please don't hesitate to contact us:

Jack Frater
Handled — Personal Finance Management
Email: buyol17@gmail.com
Website: https://joinhandled.com

We typically respond to privacy inquiries within 5 business days.