BBoss Finances
Legal · Privacy

Privacy Policy

How Boss Finances collects, uses, and protects your information.

Effective: April 16, 2026Last updated: April 16, 2026
Your privacy is a core part of the Boss Finances promise.We never sell your personal data. We never share your financial information with advertisers. We are funded by subscriptions — not by monetizing you. This policy explains exactly what we collect, why, and what rights you have.

Boss Finances Inc. ("Boss Finances," "we," "us," or "our") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you visit bossfinances.ai, use the Boss Finances mobile applications, or otherwise interact with our products and services (collectively, the "Services").

This Policy applies to personal information of visitors, members, prospective members, and other individuals who interact with the Services. If you do not agree with this Policy, please do not use the Services.

1. Information We Collect

We collect information in three ways: (a) information you provide directly, (b) information we receive from financial institutions and third-party data providers with your consent, and (c) information we collect automatically through your use of the Services.

1.1 Information You Provide Directly

  • Account information: first name, last name, email address, password (stored as a salted hash), and optional profile photo.
  • Contact information: mailing address (for Founding Member swag shipping), phone number (optional, for account recovery).
  • Payment information: processed by Stripe; we do not store full credit card numbers on our servers. We receive and store only a Stripe customer identifier, the last four digits of the card, card brand, and expiration month/year.
  • Demographic and goal information: optional information you share in onboarding surveys, such as income range, financial goals, household size, credit-score band, and ZIP code.
  • User-generated content: notes you save within the Services, goal descriptions, chat messages with Boss Money AI, community posts, support tickets, and survey responses.

1.2 Financial Information from Third-Party Aggregators

With your explicit consent obtained through the Plaid Link flow (or another bank-linking provider we may offer), we access and store financial information from your connected bank accounts, credit cards, and loan accounts. This may include:

  • account names, account numbers (in tokenized or masked form), balances, and types;
  • transaction history, including merchant names, amounts, dates, and categorization;
  • credit information from Equifax, Experian, and TransUnion via a licensed credit bureau API provider, including credit score, tradelines, inquiries, and public records;
  • liability and loan data, including balances, interest rates, and payment history.

You control what is connected. You can disconnect any linked account at any time from your settings. Disconnection stops ongoing data collection and, if you request it, deletes previously collected data subject to our legal retention obligations.

1.3 Information Collected Automatically

  • Device and usage information: IP address, browser type, OS, device identifiers, screen size, approximate location derived from IP, pages or features accessed.
  • Log data: system logs, error reports, and performance metrics.
  • Cookies and similar technologies: see Section 10 for details.

1.4 Information We Do Not Collect

  • We do not collect your Social Security number, tax ID, or full bank account/routing numbers.
  • We do not collect biometric identifiers (face data, fingerprints, voice prints).
  • We do not collect information about your racial or ethnic origin, political opinions, religious beliefs, or sexual orientation.
  • We do not purchase personal information from data brokers.

2. How We Use Your Information

2.1 To Provide the Services

  • to create and manage your account;
  • to display your financial picture, budgets, credit info, and progress;
  • to generate personalized coaching recommendations through Boss Money AI;
  • to process subscription payments, renewals, and refunds;
  • to provide customer support and respond to requests.

2.2 To Improve the Services

  • to understand aggregate usage patterns and feature performance;
  • to conduct A/B testing and product research;
  • to develop new features based on aggregated (de-identified) usage insights;
  • to train and evaluate internal machine-learning models — always on de-identified data, never on content identifiable to you without your explicit opt-in consent.

2.3 To Communicate With You

  • transactional messages (receipts, security alerts, account notices);
  • product updates, educational content, and marketing (opt-out anytime);
  • invitations to Founding Member events, AMAs, and community activities.

2.4 To Protect the Services and Our Members

  • to detect and prevent fraud, unauthorized access, and abuse;
  • to enforce our Terms of Service;
  • to comply with legal obligations, regulatory requests, and court orders.
What we do NOT do with your information.We do not sell your personal information to advertisers, data brokers, or any third party. We do not share your financial data with credit card companies, insurance companies, or other financial-product providers for their own marketing purposes. We do not use your financial data to train third-party AI models. These are permanent commitments, not current-version choices.

3. How We Share Information

We share personal information only in limited circumstances: with vetted service providers under contractual confidentiality and security obligations; where required by law, subpoena, or legal process; in connection with a merger, acquisition, or business transfer (subject to this Policy); with your explicit consent; or in de-identified or aggregated form for research and benchmarking.

4. Data Retention

We retain personal information for as long as necessary to provide the Services and fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Active account data is retained for the lifetime of your account. After account deletion, we delete or de-identify your personal information within 30 days, except for records we are legally required to retain (e.g., tax, anti-fraud, or compliance records).

5. Security

We use industry-standard security measures including encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege access controls with full audit logging, and annual third-party penetration testing. We are targeting SOC 2 Type I attestation by end of Q3 2026 and SOC 2 Type II by Q2 2027.

In the event of a confirmed data breach affecting your information, we will notify you in accordance with applicable law, typically within seventy-two (72) hours of discovery. No system can be 100% secure. If you believe your account has been compromised, contact us immediately at security@bossfinances.ai.

6. Your Rights

Regardless of where you live, all Boss Finances members have the following rights:

  • Access: request a copy of the personal information we hold about you.
  • Correction: request correction of inaccurate personal information.
  • Deletion: request deletion of your personal information, subject to statutory exceptions.
  • Portability: request your data in a structured, machine-readable format.
  • Objection: object to certain types of processing.

To exercise any of these rights, email privacy@bossfinances.ai.

7. State-Specific Rights (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know, delete, correct, and opt out of "sale" or "sharing" of personal information. Boss Finances does not sell personal information and does not share personal information for cross-context behavioral advertising.

8. International Users (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, GDPR provides additional rights including the right to object to processing, restrict processing, withdraw consent, and lodge a complaint with your local data protection authority. Boss Finances is based in the United States; where required, we rely on the European Commission's Standard Contractual Clauses as the legal transfer mechanism.

9. Plaid and Bank Linking

By linking a financial account via Plaid, you also agree to Plaid's Privacy Policy and End User Privacy Policy, available at plaid.com. Plaid is the data controller for the bank authentication step; once data is transmitted to Boss Finances, we become the data controller.

10. Cookies

We use a small number of essential cookies for authentication and security, plus privacy-respecting analytics that do not track you across other sites. We do not use third-party advertising cookies.

11. Children's Privacy

The Services are not directed to individuals under 18. We do not knowingly collect personal information from anyone under 18. If we learn we have collected such information, we will delete it promptly.

12. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will update the "Last Updated" date and notify you by email or in-app notice.

13. How to Contact Us

Email: privacy@bossfinances.ai
Mail: Boss Finances Inc., Attn: Privacy Officer, 777 Brickell Avenue, Suite 500, Miami, FL 33131, USA

We respond to privacy inquiries within fifteen (15) business days.

Questions?

Talk to a human.

Email legal@bossfinances.ai for legal questions, or privacy@bossfinances.ai for privacy requests. We respond within 15 business days.

Privacy PolicyTerms of ServiceFinancial DisclosuresSecurity