Loading...

Privacy Policy

Last Updated: November 18, 2025

1. Information We Collect

1.1 Account Information

When you register for MATVIO GOALS, we collect:

  • Email address
  • Name (first and last)
  • Password (stored as encrypted hash)
  • 4-digit security code (encrypted)
  • Tenant/household name

1.2 Financial Data

You voluntarily provide financial information including:

  • Account balances and transactions
  • Income and expense categories
  • Budget and financial goals
  • Debt and asset information
  • Scheduled transactions and bills
  • Notes and reminders

1.3 Usage Information

We automatically collect:

  • Login history (IP addresses, timestamps, user agents)
  • Device type and browser information
  • Pages visited and features used
  • Session duration and activity patterns

1.4 Cookies and Tracking

We use cookies for:

  • Session management (keeping you logged in)
  • Security (preventing unauthorized access)
  • User preferences (timezone, display settings)
  • Analytics (understanding how users interact with the Service)

2. How We Use Your Information

2.1 To Provide the Service

  • Create and maintain your account
  • Store and process your financial data
  • Generate forecasts, charts, and reports
  • Send notifications and reminders
  • Provide customer support

2.2 To Improve the Service

  • Analyze usage patterns to improve features
  • Identify and fix technical issues
  • Develop new functionality based on user needs
  • Optimize performance and user experience

2.3 For Security and Fraud Prevention

  • Monitor for suspicious login activity
  • Prevent unauthorized access
  • Protect against security threats
  • Comply with legal obligations

2.4 Communications

  • Send service-related emails (password resets, notifications)
  • Respond to support requests
  • Provide important updates about the Service
  • Send optional newsletters (with your consent)

3. Data Storage and Security

3.1 Multi-Tenant Architecture

We use a multi-tenant database architecture where:

  • Each household/family has their own isolated database
  • Your data is completely separate from other users
  • No cross-tenant data access is possible
  • Tenant ID verification occurs on every database query

3.2 Encryption

  • In Transit: All data transmitted between your device and our servers uses SSL/TLS encryption
  • At Rest: Passwords are hashed using industry-standard bcrypt algorithm
  • Security Codes: 4-digit codes are encrypted and never stored in plain text

3.3 Access Controls

  • Database access is restricted to authorized personnel only
  • Administrative access requires multi-factor authentication
  • All administrative actions are logged
  • Regular security audits are performed

3.4 Backups

  • Regular automated backups are performed
  • Backups are encrypted and stored securely
  • You can export your own data at any time

4. Data Sharing and Disclosure

4.1 We DO NOT Sell Your Data

We will never sell, rent, or trade your personal or financial information to third parties for marketing purposes.

4.2 Limited Sharing

We may share information only in these limited circumstances:

  • Service Providers: With trusted third-party service providers who help us operate the Service (hosting, email delivery, payment processing) - all bound by confidentiality agreements
  • Legal Requirements: When required by law, subpoena, or court order
  • Protection of Rights: To protect our rights, property, or safety, or that of our users
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)

4.3 Family Sharing

Multiple users within your household can access shared financial data. You control who has access to your household account.

5. Your Rights and Choices

5.1 Access and Portability

  • View all your data at any time through the application
  • Export your data in CSV format
  • Request a complete copy of your data

5.2 Correction and Deletion

  • Update your profile information at any time
  • Edit or delete financial transactions
  • Request account deletion (data removed within 30 days)

5.3 Cookie Preferences

  • Manage cookie preferences through your browser settings
  • Note: Essential cookies required for service functionality cannot be disabled

5.4 Communication Preferences

  • Opt out of non-essential emails
  • Service-critical communications cannot be disabled

6. Data Retention

We retain your data:

  • Active Accounts: For as long as your account is active
  • Canceled Accounts: Up to 30 days after cancellation (to allow account recovery)
  • Backup Copies: May exist in backups for up to 90 days
  • Legal Requirements: Longer if required by law or legitimate business needs

7. Children's Privacy

MATVIO GOALS is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it immediately.

8. International Users

Your information may be transferred to and processed in countries other than your country of residence. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place to protect your data.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Email to your registered address
  • Prominent notice within the application
  • Updating the "Last Updated" date

Continued use after changes constitutes acceptance of the updated policy.

10. California Privacy Rights

California residents have additional rights under CCPA:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information (we don't sell data)
  • Right to deletion of personal information
  • Right to non-discrimination for exercising privacy rights

11. Contact Us

For privacy-related questions or concerns:

  • Email: info@matvio.com
  • Help Desk: Submit a ticket through the application

12. Security Breach Notification

In the unlikely event of a data breach that may affect your personal information, we will:

  • Notify affected users within 72 hours
  • Describe the nature of the breach
  • Provide guidance on protective measures
  • Report to relevant authorities as required by law