Privacy policy
Updated 2026-06-30
Finkavo is built for people who care about their tax and admin data — which means we care about it too. This page explains what we collect, what we don't, and what you can do about it. It's not a legal wall of text; it's the actual arrangement.
What we collect
Your account details (name, email, password hash via Better-Auth). Your onboarding responses (residency status, employment type, tax regime). Every ask you send and answer you get back. Letters and vault documents you upload (encrypted at rest — end-to-end encrypted if you opt in). Saved searches, calendar events, dashboard preferences. Session cookies. If you opt in to analytics, PostHog events (identified by your user id, never by email).
What we don't collect
Third-party trackers. Advertising IDs. Cross-site cookies. Marketing pixels. Your NIF, IBAN, or any tax-authority credentials — Finkavo has no login to Portal das Finanças, no scraping, no direct-connect to AT.
How long we keep it
Everything is tied to your account. When you delete your account from settings, every row is wiped within minutes (R2 blobs first, then DB). No soft-delete, no grave marker. If we ever need to keep something for legal reasons (fraud investigation, court order) we'll say so — that hasn't happened.
Who we share it with
Only the vendors we need to run the app: CockroachDB Serverless (Frankfurt) for the database, Cloudflare R2 (EU) for encrypted file storage, Cloudflare Workers AI for embeddings, OpenAI for LLM inference, Resend for transactional email, PostHog EU for analytics (opt-in only), Stripe for payments (once you subscribe). All bound by DPAs. No data broker sales.
Your rights
Under RGPD you can access, correct, export, or delete your data. Access + correction: /app/settings/profile. Export: same page, Danger Zone → Export my data (JSON). Delete: same page, Danger Zone → Delete my account. You don't need to ask anyone.
Contact
hello@finkavo.abosh.io. We'll respond within 3 business days. For RGPD-specific requests we'll respond within the 30-day statutory window.