Privacy Policy

Our Commitment to Your Privacy

At Audacious Money, we believe your data belongs to you. This Privacy Policy explains how we collect, use, protect, and respect your personal information when you visit our website at audacious.money (the "Site"), use our application at app.audacious.money (the "App"), or interact with our services (collectively, the "Services").

We're committed to transparency and giving you control over your information. If you have any questions about this policy, please contact us at [email protected].

1. Information We Collect

1.1 Account Information

When you sign up for email updates, early access, or create an account to use our App, we collect:

• First Name - To personalize communications and your account experience
• Last Name - To personalize communications and your account experience
• Email Address - To send you updates, account notifications, and communications about our services
• Password - Stored securely using industry-standard hashing (we cannot see your password)

1.2 Payment Information

When you subscribe to our services, we use Stripe to process payments. We receive limited payment information from Stripe, which may include:

• Last four digits of your payment method
• Payment method type (e.g., Visa, Mastercard)
• Billing email address
• Subscription status and payment history

Important: We do not store your full credit card number or payment details. All payment processing is handled securely by Stripe. See Section 4 for more information about Stripe.

1.3 Financial Data (Zero-Knowledge)

1.4 Information Collected Automatically

When you visit our Site or use our App, we may automatically collect certain technical information through standard web server logs, including:

• IP address
• Browser type and version
• Device type and operating system
• Pages visited and time spent on pages
• Referring website addresses
• App usage patterns (e.g., features used, session duration) - without accessing the content of your financial data

This information helps us understand how visitors use our Services and improve our offerings.

1.5 Cookies and Similar Technologies

Our Site does not use cookies for tracking or analytics purposes. Our App may use essential cookies or local storage necessary for authentication and core functionality. We do not use cookies for advertising or third-party tracking. If this changes in the future, we will update this Privacy Policy and provide notice.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Account Management: To create and manage your account, authenticate your access, and provide you with our App services
• Communication: To send you updates about Audacious Money, early access opportunities, product launches, account notifications, service announcements, and relevant information about our services
• Payment Processing: To process your subscription payments and manage billing through our payment provider, Stripe
• Service Delivery: To store your encrypted financial data and make it available to you across your devices (we cannot decrypt or access the content of this data)
• Service Improvement: To understand usage patterns (not content) and improve our services, fix bugs, and develop new features
• Customer Support: To respond to your inquiries, troubleshoot issues, and provide support (note: we cannot access your encrypted financial data to troubleshoot content-related issues)
• Security: To protect against fraud, unauthorized access, and security threats
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

What We Cannot Do: Due to our zero-knowledge architecture, we cannot use your financial data for analytics, marketing, profiling, targeted advertising, or any other purpose—because we cannot access it.

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We do not sell your precise geolocation data. We may share your information only in the following limited circumstances:

• Service Providers: We share information with trusted third-party service providers who help us operate our Site and deliver our services. Specifically, we use Postmark (by ActiveCampaign) for email delivery services. These providers are contractually obligated to protect your information and use it only for the purposes we specify. Upon request, we will provide you with a list of the specific third-party entities to which we have disclosed your personal data.
• Legal Requirements: We may disclose your information if required by law, court order, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: If Audacious Money is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4. Third-Party Services

Our Services use the following third-party providers:

• Stripe (Payment Processing): We use Stripe to process subscription payments and manage billing. When you subscribe, Stripe collects and processes your payment information, including credit card details, billing address, and payment history. Stripe is PCI-DSS compliant and maintains robust security measures. We receive limited information from Stripe (last 4 digits of card, payment method type, subscription status) but do not store your full payment details. Stripe's privacy policy is available at https://stripe.com/privacy.
• Postmark (ActiveCampaign): We use Postmark to send transactional emails, service updates, and account notifications. Postmark processes your email address and name to deliver our communications. Postmark's privacy policy is available at https://postmarkapp.com/privacy-policy.
• Google Fonts: We use Google Fonts to display certain typefaces on our Site and App. When you visit our Services, Google may collect information about your use. Google Fonts' privacy policy is available at https://policies.google.com/privacy.

Important: None of these third-party services have access to your encrypted financial data stored in our App. They only process the specific information necessary for their services (payment processing, email delivery, or font display).

We carefully select service providers that maintain strong privacy and security practices. However, we are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.

5. Data Security

We take the security of your information seriously and implement multiple layers of protection:

5.1 Zero-Knowledge Encryption

Your financial data is protected by client-side, zero-knowledge encryption:

• Client-Side Encryption: Your financial data is encrypted on your device before transmission using industry-standard encryption algorithms
• Your Encryption Key: Only you have the key to decrypt your financial data. We do not have access to your encryption key
• Zero-Knowledge Architecture: Even if our servers were compromised, your encrypted financial data would remain unreadable without your encryption key

5.2 General Security Measures

We also implement these security measures for all data we process:

• Secure data transmission using HTTPS/TLS encryption for all connections
• Secure password storage using industry-standard hashing algorithms (bcrypt or similar)
• Access controls limiting employee access to only necessary systems
• Regular security assessments and updates
• Secure hosting infrastructure with redundancy and backups
• Monitoring for suspicious activity and security threats

5.3 Payment Security

All payment processing is handled by Stripe, which is certified as a PCI Service Provider Level 1—the highest level of certification in the payments industry. We do not store your full credit card details on our servers.

While we implement robust security measures and our zero-knowledge architecture provides exceptional protection for your financial data, no method of transmission over the Internet or electronic storage is 100% secure. We continuously work to maintain and improve our security practices.

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: You can request a copy of the personal information we hold about you
• Correction: You can request that we correct any inaccurate or incomplete information
• Deletion: You can request that we delete your personal information, subject to certain legal exceptions
• Data Portability: You can request to obtain your personal information in a portable and readily usable format
• Unsubscribe: You can unsubscribe from our email communications at any time by clicking the "unsubscribe" link in any email or by contacting us directly
• Opt-Out of Targeted Advertising: You can opt out of the processing of your personal data for targeted advertising purposes (we do not currently engage in targeted advertising)
• Opt-Out of Sales: You can opt out of the sale of your personal information (we do not sell personal information)
• Opt-Out of Profiling: You can opt out of profiling in furtherance of decisions that produce legal or similarly significant effects (we do not currently engage in such profiling)
• Universal Opt-Out: We honor universal opt-out preference signals, such as Global Privacy Control (GPC), that you may enable in your browser
• List of Third Parties: You can request a list of the specific third-party entities to which we have disclosed your personal data

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 45 days.

You have the right not to receive discriminatory treatment for exercising any of these rights.

Account Deletion

You can delete your account at any time through your account settings or by contacting us. When you delete your account:

• Your account information will be deleted within 30 days
• Your encrypted financial data will be permanently deleted from our servers
• Your subscription will be cancelled (no refunds for partial months)
• Payment records may be retained as required for tax compliance
• Data in encrypted backups will be removed within 90 days

Data Export

You can export your financial data at any time from within the App. Since your data is encrypted client-side, you have full control over exporting and backing up your information.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected:

• Email Subscribers: As long as you remain subscribed to our email updates, or until you request deletion
• Active Accounts: As long as your account remains active
• Encrypted Financial Data: Stored while your account is active and for a reasonable period after account closure to allow for reactivation. You can request deletion at any time
• Closed Accounts: Account information may be retained for up to 30 days after account closure to prevent accidental deletion, unless you request immediate deletion
• Payment Records: Retained as required for tax and financial compliance, typically 7 years
• Legal Obligations: As required to comply with applicable laws and regulations
• Dispute Resolution: As needed to resolve disputes or enforce our agreements

When we delete your information, we securely delete or anonymize it. Note that even if we delete your encrypted financial data from our servers, we never had the ability to read it in the first place due to our zero-knowledge architecture.

Backup Data: Deleted data may persist in encrypted backups for up to 90 days before being permanently removed. These backups are also encrypted and we cannot access the content of your financial data in backups.

8. Children's Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information as soon as possible. If you believe we have collected information from a child under 13, please contact us at [email protected].

9. Oregon Privacy Rights

If you are an Oregon resident, you have rights under the Oregon Consumer Privacy Act (OCPA), which took effect on July 1, 2024. These rights include:

• Right to confirm whether we are processing your personal data and to access that data
• Right to correct inaccuracies in your personal data
• Right to delete your personal data
• Right to obtain a copy of your personal data in a portable and readily usable format
• Right to opt out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling
• Right to receive a list of the specific third-party entities to which we have disclosed your personal data

Important Oregon-Specific Protections:

• We do not sell precise geolocation data, as prohibited by Oregon law
• We do not process personal data of consumers under 16 years of age for targeted advertising, selling personal data, or profiling
• We honor universal opt-out preference signals such as Global Privacy Control (GPC)

To exercise these rights, contact us at [email protected]. We will respond within 45 days as required by Oregon law.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect, use, and disclose
• Right to request deletion of your personal information
• Right to opt-out of the sale of your personal information (note: we do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

To exercise these rights, contact us at [email protected].

11. International Users

Our services are operated from the United States. If you are accessing our Site from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our database is operated. By using our services, you consent to this transfer, storage, and processing.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes, we will update the "Last Updated" date at the top of this policy.

If we make material changes to this Privacy Policy, we will notify you by email (if you have provided your email address) or by posting a prominent notice on our Site prior to the changes becoming effective.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: