Privacy Policy

1. Introduction

Welcome to BankMate ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

By using BankMate, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you sign in with Google, we collect your name, email address, and profile picture from your Google account.
• Financial Preferences: We collect information about your savings goals, current balance, age, card usage preferences, monthly deposit plans, and withdrawal plans to provide personalized account recommendations.
• Usage Data: Information about how you interact with our website, including pages visited, features used, and time spent on the site.

2.2 Automatically Collected Information

• Session Data: We use browser session storage to temporarily store your preferences and filter settings during your visit.
• Device Information: Browser type, operating system, device identifiers, and IP address.
• Analytics Data: We use analytics services to understand how our website is used and to improve user experience.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Personalize your experience by recommending savings accounts that match your preferences
• Process and manage your account and authentication
• Save your preferences across devices when you sign in
• Analyze usage patterns to improve our website functionality
• Communicate with you about our services, updates, or changes to our policies
• Ensure the security and integrity of our services

4. Data Storage and Security

Your data is stored securely using Supabase, a cloud-based database service. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

• Authentication: User authentication is handled securely through Google OAuth and Supabase Auth.
• Database Security: All data is encrypted in transit and at rest using industry-standard encryption.
• Access Controls: We use Row Level Security (RLS) policies to ensure users can only access their own data.
• Session Storage: For users who don't sign in, preferences are stored locally in your browser's session storage and are cleared when you close your browser.

5. Third-Party Services

We use the following third-party services:

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With your explicit consent
• To comply with legal obligations or respond to lawful requests from authorities
• To protect our rights, privacy, safety, or property
• In connection with a business transfer (merger, acquisition, etc.)
• With service providers who assist us in operating our website (under strict confidentiality agreements)

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: You can request access to the personal information we hold about you.
• Correction: You can update your preferences and account information through your account settings.
• Deletion: You can request deletion of your account and associated data by contacting us.
• Data Portability: You can request a copy of your data in a machine-readable format.
• Opt-Out: You can choose not to sign in and use our services anonymously, though some features may be limited.
• Withdraw Consent: You can withdraw your consent for data processing at any time by deleting your account.

8. Cookies and Tracking Technologies

We use browser session storage to store your preferences temporarily during your visit. This data is automatically cleared when you close your browser. For authenticated users, preferences are stored in our secure database to provide a consistent experience across devices.

We do not use persistent cookies for tracking purposes. Analytics data is collected in an anonymized format.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

11. Australian Privacy Principles

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). If you are located in Australia and have concerns about how we handle your personal information, you may contact the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au.