Privacy Policy

Last updated: August 3, 2025

At Zeinto, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial portfolio tracking platform.

1. Information We Collect

Personal Information

  • Account Information: Name, email address, phone number, and encrypted password
  • Financial Data: Portfolio holdings, asset values, transaction history, account balances
  • Bank Connection Data: When you connect accounts through Plaid, we securely access read-only financial data
  • Identity Verification: Information required for compliance with financial regulations

Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on platform
  • Device Information: IP address, browser type, operating system, device identifiers
  • Security Logs: Login attempts, authentication events, security-related activities
  • Cookies and Tracking: Session management, security, and analytics cookies

2. How We Use Your Information

Core Platform Services

  • Provide portfolio tracking and wealth management tools
  • Generate AI-powered financial insights and recommendations
  • Calculate net worth, asset allocation, and performance metrics
  • Deliver real-time market data and portfolio updates
  • Process subscription payments and billing

Security and Compliance

  • Authenticate user identity and prevent unauthorized access
  • Monitor for fraudulent activity and security threats
  • Comply with financial regulations (SOX, PCI DSS, GDPR)
  • Maintain audit trails for regulatory compliance
  • Implement multi-factor authentication and encryption

Communication and Support

  • Send account notifications, security alerts, and service updates
  • Provide customer support and technical assistance
  • Deliver optional email summaries and portfolio reports
  • Send marketing communications (with your consent)

3. Data Security and Protection

Encryption and Storage

  • End-to-End Encryption: All sensitive data encrypted with AES-256-GCM
  • Secure Transmission: HTTPS/TLS 1.3 for all data in transit
  • Database Security: Encrypted PostgreSQL with access controls
  • Key Management: Hardware security modules for encryption keys

Access Controls

  • Role-based access controls for internal systems
  • Multi-factor authentication for all accounts
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance monitoring

Data Retention

  • Personal data retained only as long as necessary for services
  • Financial data kept for 7 years per regulatory requirements
  • Security logs maintained for 3 years for audit purposes
  • Deleted accounts purged within 30 days of closure

4. Information Sharing and Disclosure

We Do NOT Sell Your Data

Zeinto never sells, rents, or trades your personal or financial information to third parties for marketing purposes.

Limited Sharing for Service Delivery

  • Plaid: Secure bank connection service (read-only access)
  • Stripe: Payment processing (minimal billing information only)
  • OpenAI: AI insights (anonymized, non-personal data only)
  • Postmark: Transactional email delivery

Legal Requirements

We may disclose information when required by law, court order, or regulatory authority, or to protect the security and integrity of our platform.

5. Your Privacy Rights

Access and Control

  • Data Access: View all personal data we have about you
  • Data Portability: Export your portfolio data in standard formats
  • Correction: Update or correct inaccurate information
  • Deletion: Request complete account and data deletion

Communication Preferences

  • Opt out of marketing emails at any time
  • Customize notification preferences in your account settings
  • Control frequency of portfolio summary emails
  • Disable non-essential cookies through browser settings

GDPR Rights (EU Residents)

  • Right to access, rectification, and erasure
  • Right to data portability and restriction of processing
  • Right to object to processing and automated decision-making
  • Right to lodge complaints with supervisory authorities

6. Cookies and Tracking Technologies

Essential Cookies

  • Authentication and session management
  • Security and fraud prevention
  • Platform functionality and user preferences

Analytics Cookies

  • Google Analytics for usage statistics (anonymized)
  • Performance monitoring and error tracking
  • Feature usage analytics for product improvement

Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may impact platform functionality.

7. Children's Privacy

Zeinto is designed for adults and we do not knowingly collect personal information from children under 18. If we become aware that a child has provided personal information, we will take steps to delete such information promptly.

8. International Data Transfers

Your data is primarily stored and processed in the United States. For EU residents, we ensure adequate protection through appropriate safeguards including standard contractual clauses and adherence to GDPR requirements.

9. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email and prominently displayed on our platform. Your continued use of Zeinto after such changes constitutes acceptance of the updated policy.

10. Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact us:

  • Email: privacy@zeinto.com
  • Support: support@zeinto.com
  • Mail: Zeinto Privacy Officer, [Address to be provided]

We will respond to privacy requests within 30 days of receipt.

11. Compliance Certifications

  • SOC 2 Type II: Annual security and availability audits
  • PCI DSS: Payment card industry compliance
  • GDPR: European Union data protection compliance
  • SOX: Financial reporting controls and procedures

This Privacy Policy is effective as of August 3, 2025. Previous versions are available upon request.

Get Started Contact Us