{FinKode}
Log inStart free trial

Legal

Privacy policy

Effective date: June 9, 2026

1. Who we are

FinKode provides AI-powered, compliance-checked content generation for independent financial advisors and their firms. This policy describes the personal information we collect when you use the FinKode platform, how we use it, who we share it with, and the choices you have. It applies to our website and the FinKode application.

2. Information we collect

  • Account data: your name, email address, password (stored as a salted hash by our authentication provider), and role within your organization.
  • Firm profile data: your firm's name, registration type, CRD number, services offered, target audience, disclaimers, and brand voice preferences. This data is used to tailor generated content and compliance rules to your firm.
  • Generated content: the topics, briefs, and content you generate, along with compliance scores, flagged issues, version history, and approval records.
  • Billing data: subscription tier, billing status, and payment records. Card details are collected and stored by Stripe, never by FinKode.
  • Usage data: pieces generated, token usage, and audit log events used to operate the service and enforce plan limits.

3. How we use your information

  • To provide, maintain, and improve the FinKode platform.
  • To generate content tailored to your firm profile and apply the appropriate compliance rules to each generation.
  • To process subscriptions and payments through Stripe.
  • To maintain compliance audit trails of generated content, scores, and approvals for your firm's records.
  • To communicate with you about your account, security, and service updates.

We do not sell your personal information, and we do not use your firm profile data or generated content to train AI models.

4. Subprocessors

We rely on a small set of service providers to operate FinKode. Each processes data only as needed to provide their service:

  • Supabase — database hosting, authentication, and storage for account, firm profile, and content data.
  • Stripe — payment processing and subscription billing. Stripe handles all card data under PCI DSS.
  • Anthropic — AI model provider used to generate and review content. Prompts include your firm profile context and content requests.

5. Data retention

We retain your account, firm profile, and generated content for as long as your organization maintains an active account, so that your content library and compliance audit trail remain available to you. If you close your account, we delete or anonymize your data within 90 days, except where we are required to retain records for legal, tax, or regulatory purposes. Billing records are retained per applicable financial recordkeeping requirements.

6. Your rights (GDPR and CCPA)

Depending on where you live, you may have the right to:

  • Access a copy of the personal information we hold about you.
  • Correct inaccurate personal information.
  • Delete your personal information.
  • Export your data in a portable format.
  • Object to or restrict certain processing, and withdraw consent where processing is based on consent.
  • Not be discriminated against for exercising any of these rights.

To exercise any of these rights, contact us at privacy@finkode.io. We respond to verified requests within the timelines required by applicable law.

7. Security

We protect your data with row-level security that isolates each firm's data, encryption in transit, and audit logging. See our security overview for details.

8. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify account owners by email before the changes take effect. The effective date at the top of this page reflects the latest revision.

9. Contact

Questions about this policy or our data practices? Email privacy@finkode.io or visit our contact page.