Privacy Policy

When you create an account, we collect the following through our authentication provider, Clerk:

• Full name
• Email address
• Profile photo (if you sign in with Google OAuth)

We do not collect or store your authentication passwords. Authentication credentials are managed entirely by Clerk.

When you connect your financial institutions through Plaid, we receive read-only access to:

• Account information — account name, type (checking, savings, credit card, loan, investment), current and available balances, and account and routing numbers for identity verification purposes
• Transaction data — amount, date, merchant name, category, pending status, and location (if available)
• Investment holdings — securities, quantities, current values, and cost basis
• Liability information — loan balances, annual percentage rates (APR), minimum payment amounts, and payment due dates

Your bank login credentials never touch Canopy servers. All bank authentication is handled directly by Plaid through their secure infrastructure. Canopy receives only the read-only financial data described above.

If you subscribe to a paid plan, your payment is processed by Stripe. Canopy never receives, processes, or stores your full credit card number, debit card number, or bank account number for payment purposes. Stripe provides us with limited information such as the last four digits of your card, card brand, expiration date, and billing postal code so we can display payment details in your account settings.

You may provide additional information while using the Service, including:

• Budget categories and spending targets
• Financial goals (amounts, due dates, descriptions)
• Manual account entries and balance adjustments
• Transaction recategorizations and merchant rules
• Debt details (balances, interest rates, payment amounts)
• Income source labels and group assignments
• Preferences, notification settings, and theme choices

When you use Canopy's AI-powered features (including the Command Center chat, daily financial stories, and automated recommendations), we process portions of your financial data through third-party AI models. See Section 7 for details on how we handle AI processing.

We automatically collect certain technical information when you use the Service, including:

• Pages visited, features used, and actions taken within the Service
• Browser type, operating system, and device information
• IP address and approximate geographic location
• Referring URLs and access timestamps
• Error logs and performance data

We collect information that you voluntarily provide when you create an account, connect financial institutions, configure budgets and goals, interact with the AI chat, or contact our support team.

We receive financial data from your linked institutions through Plaid, authentication data from Clerk, and payment confirmation data from Stripe. Each of these providers operates under their own privacy policies and security standards.

We collect usage and technical data automatically through server logs, cookies, and similar technologies when you access or use the Service. We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies.

Plaid connects your bank accounts to our Service and transmits your financial data to us. See Section 6 for a detailed disclosure of Plaid's role.

Stripe processes subscription payments on our behalf. Stripe receives your payment method details (credit card number, expiration date, billing address) directly. See Section 8 for details.

Clerk manages user authentication, including account creation, login sessions, and single sign-on (SSO) via Google OAuth. Clerk stores your email address, name, profile photo, and authentication credentials. You can review Clerk's privacy policy at clerk.com/legal/privacy.

Summarized financial data is sent to Google Gemini (primary) and OpenAI (fallback) to generate personalized insights, recommendations, and chat responses. See Section 7 for details on AI processing and data scrubbing.

Resend delivers transactional and summary emails on our behalf, including daily coffee briefs, weekly financial summaries, and service notifications. Resend receives your email address and the content of each email. You can review Resend's privacy policy at resend.com/legal/privacy-policy.

Supabase provides the PostgreSQL database infrastructure where your financial data, preferences, and account information are stored. All data is encrypted at rest and protected by row-level security policies. You can review Supabase's privacy policy at supabase.com/privacy.

Vercel hosts the Canopy application and processes HTTP requests. Vercel may collect standard server logs including IP addresses, request URLs, and timestamps. You can review Vercel's privacy policy at vercel.com/legal/privacy-policy.

Cloudflare provides DNS routing for our domain. Cloudflare may process IP addresses and request metadata as part of DNS resolution. You can review Cloudflare's privacy policy at cloudflare.com/privacypolicy.

We may also disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a law enforcement request. In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, and we will notify you via email or a prominent notice on the Service.

When you connect an account, Plaid may collect and transmit the following information from your financial institutions:

• Account and routing numbers for identity verification
• Account balances (current and available)
• Transaction history (amounts, dates, merchants, categories, pending status)
• Account owner information (name, address)
• Investment holdings (securities, quantities, values, cost basis)
• Liability details (loan balances, APR, minimum payments)

Plaid's use and transfer of information received from financial institutions is governed by the Plaid End User Privacy Policy. We encourage you to review this policy to understand how Plaid handles your data.

Your bank login credentials are never transmitted to, stored on, or accessible by Canopy servers. When you link an account, you authenticate directly with your financial institution through Plaid's secure interface. Canopy receives only the read-only financial data described above — we cannot initiate transfers, move money, or make changes to your accounts.

You can review and manage your connected financial accounts at any time through:

• Within Canopy — visit the Accounts page in your dashboard to unlink any connected institution
• Plaid Portal — visit my.plaid.com to view all applications connected to your financial accounts through Plaid and revoke access to any of them

We use Google Gemini as our primary AI model, with OpenAI as a fallback. These providers process financial data summaries to generate:

• Daily financial stories (Pulse)
• Chat responses to your financial questions
• Spending insights and budget recommendations
• Debt optimization strategies
• Subscription waste detection
• Cash buffer and emergency fund recommendations

Before sending data to AI providers, we scrub personally identifiable information (PII) from the financial summaries. The following categories of information are removed before AI processing:

• Phone numbers
• Social Security numbers
• Full account numbers and routing numbers
• Physical addresses

AI providers receive aggregated and summarized financial data (such as spending totals by category, account balance ranges, and transaction patterns) rather than raw transaction-level detail wherever possible.

We do not permit AI providers to use your financial data for training their models. Data sent to Google Gemini and OpenAI is processed under their respective API terms of service, which prohibit using API inputs for model training. We use these services through their API interfaces, not consumer-facing products.

We retain your personal information and financial data for as long as your account is active and as needed to provide you with the Service. Financial transaction data is retained to provide historical reporting, trend analysis, and year-over-year comparisons.

If you delete your account, we will delete your personal information and financial data from our active systems within 30 days. This includes:

• Your profile information and preferences
• All linked financial account data
• Transaction history and categorizations
• Budgets, goals, and debt tracking data
• AI chat history and generated recommendations
• Email communication preferences

Certain information may be retained beyond 30 days where required by law (such as billing records for tax purposes) or where necessary to resolve disputes or enforce our agreements. Backup copies may persist in our backup systems for up to 90 days before being automatically purged.

Deleting your Canopy account will disconnect your linked financial institutions. You can also independently revoke Canopy's access to your financial data through the Plaid Portal.

Aggregated, anonymized data that cannot be used to identify you may be retained indefinitely for analytical and service-improvement purposes.

You can request a copy of the personal and financial data we hold about you. Much of this data is already accessible directly through your Canopy dashboard.

You can request deletion of your account and all associated data. You can initiate account deletion from your Settings page or by contacting us at support@canopymoneyos.com. Deletion will be completed within 30 days.

Pro and Family plan subscribers can export their financial data in CSV format directly from the Canopy dashboard. If you need a data export in another format, contact us and we will accommodate your request within a reasonable timeframe.

You can update or correct inaccurate personal information through your Canopy dashboard Settings page. For corrections to data that cannot be modified through the dashboard, contact us at support@canopymoneyos.com.

You can disconnect any linked financial institution at any time through the Accounts page in your dashboard. You can also revoke Canopy's access to your financial data through the Plaid Portal.

You can opt out of non-essential email communications (daily coffee briefs, weekly summaries, and balance nudge reminders) at any time through your Settings page or by clicking the unsubscribe link in any email. Service-critical communications (such as security alerts and billing notifications) cannot be opted out of while your account is active.

In the preceding 12 months, we have collected the following categories of personal information:

• Identifiers — name, email address, IP address, account identifiers
• Financial information — bank account details, transaction history, investment holdings, loan information (obtained through Plaid)
• Commercial information — subscription purchase history, payment records
• Internet or electronic network activity — browsing history within the Service, feature usage, interaction data
• Inferences drawn from the above — AI-generated financial insights, spending patterns, budget recommendations

We do not sell your personal information. We have not sold personal information in the preceding 12 months, and we have no plans to sell personal information. We do not share personal information for cross-context behavioral advertising.

As a California resident, you have the right to:

• Know — request that we disclose the categories and specific pieces of personal information we have collected about you
• Delete — request deletion of your personal information, subject to certain exceptions
• Correct — request correction of inaccurate personal information
• Non-discrimination — we will not discriminate against you for exercising any of your CCPA rights

To submit a CCPA request, email us at support@canopymoneyos.com with the subject line "CCPA Request." We will verify your identity before processing your request and respond within 45 days as required by law.