Privacy Policy

Solv Finance (“we”, “us”, “our”) provides a personal finance tracking application at this website. We are committed to protecting your personal data and respecting your privacy rights under applicable law, including the UK General Data Protection Regulation (UK GDPR), the EU GDPR where applicable, and similar privacy laws worldwide.

For questions about this policy, contact us at: privacy@solv.finance

You can use the app entirely in “demo mode” or as a guest without creating an account, in which case no personal data is sent to our servers at all.

3.1 Account Data (if you register)

• Name and email address — collected at registration, stored securely in Supabase (our authentication provider)
• Password — stored as a one-way bcrypt hash; we never have access to your plaintext password
• Account metadata — sign-in timestamps, account creation date

3.2 Financial Data (only if sync is enabled)

If you create an account and use the app, your financial data — including transactions, budgets, net worth entries, savings goals, investment holdings, and FIRE calculator settings — is stored in encrypted form in our database to enable cross-device sync. This data is:

• Associated with your account (identified by your user ID, not your name or email)
• Stored in Supabase with row-level security — only your account can read or write your data
• Transmitted over TLS (HTTPS) at all times
• Never sold, shared, or disclosed to third parties for marketing purposes

3.3 Solv AI Usage

When you use the Solv AI feature, your messages and a summary of your financial context are sent to Anthropic's API to generate a response. This is processed under Anthropic's privacy policy. We do not store your conversation history on our servers — conversations exist only in your browser session.

Anthropic may use API inputs to improve their models unless you opt out under their terms. We recommend reviewing Anthropic's Privacy Policy.

3.4 Technical Data

• Server logs — IP addresses and request metadata, retained for up to 30 days for security and debugging purposes
• Error logs — anonymised error reports to help us fix bugs
• Local storage — your app preferences (theme, cached data) stored in your browser's localStorage; never transmitted unless sync is enabled

3.5 What We Do NOT Collect

• We do not connect to your bank accounts or use open banking APIs
• We do not use advertising trackers, cookies for marketing, or sell data to advertisers
• We do not collect your card numbers, bank account numbers, or any payment credentials
• We do not use third-party analytics that track you across sites

Where GDPR applies, we process your data on the following legal bases:

• Contract performance — processing necessary to provide the service you signed up for (account management, data sync)
• Legitimate interests — server security logging, fraud prevention, service improvement
• Consent — Solv AI feature (you explicitly initiate each conversation)
• Legal obligation — where we are required to retain data by law

• Account data — retained until you delete your account
• Financial data — retained until you delete your account or clear your data via the Settings page
• Server logs — 30 days, then automatically purged
• AI conversation data — not retained by us (session-only in your browser)

When you delete your account, all your personal data and financial data is permanently deleted from our systems within 30 days.

Depending on your location, you may have the following rights:

• Access — request a copy of the data we hold about you
• Rectification — correct inaccurate data
• Erasure — request deletion of your data (“right to be forgotten”)
• Portability — export your data in a machine-readable format (use the Export feature in Settings)
• Restriction — request we restrict processing of your data
• Objection — object to processing based on legitimate interests
• Withdraw consent — for any consent-based processing

To exercise any right, email privacy@solv.finance. We will respond within 30 days.

If you are in the UK, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. EU residents may contact their local supervisory authority.

Our infrastructure uses Supabase (US/EU data centres) and Anthropic (US). When your data is processed outside your country, we ensure appropriate safeguards are in place, including standard contractual clauses where required by GDPR.

We implement appropriate technical and organisational measures to protect your data, including:

• TLS encryption for all data in transit
• Supabase row-level security — your data is cryptographically isolated from other users
• Bcrypt password hashing with salting
• Rate limiting on all authenticated API endpoints
• No plaintext storage of any financial credentials

No method of transmission or storage is 100% secure. If you become aware of a security issue, please report it to security@solv.finance.

Solv Finance is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, contact us and we will delete it.

We may update this policy from time to time. We will notify registered users of material changes by email. Continued use of the service after changes constitutes acceptance of the updated policy. The current version is always available at this URL.

Data controller: Solv Finance
Email: privacy@solv.finance