Effective Date: June 18, 2026
This Privacy Policy applies to services provided by Waypoint Budget Inc., a Canadian corporation registered in Alberta, Canada (Corporate Access Number 2027869235; Business Number 705761963). References in this policy to"Waypoint Budget,""we,""us," or"our" refer to Waypoint Budget Inc.
1. Information We Collect
We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support. We limit our collection of personal information to what is reasonably necessary to provide and improve the Service.
Personal Information
- Name and email address (to create your account and send transactional emails)
- Account credentials and authentication information (managed by Clerk, our auth provider)
- Financial data you choose to input — budgets, transactions, goals, categories (to power the budgeting features you signed up for)
- Communication preferences (to honor your choices for transactional notifications and any future marketing emails)
- Region and currency preferences (to display amounts and registered-account types relevant to your country)
Automatically Collected Information
- Device information and IP address (for security, fraud prevention, and to detect approximate region)
- Usage patterns and app interactions (to improve the product — see Section 7)
- Security logs and access attempts (to protect your account)
- Cookies and similar tracking technologies (see Section 8 and our Cookie Policy)
Bank-Synced Data (Paid Plans Only) — Sensitive Personal Information
Bank-synced financial data is treated as sensitive personal information under Quebec Law 25 and US state privacy laws. We apply heightened consent and protection standards: you must explicitly authorize the bank connection on a dedicated consent screen before any data is retrieved.
When you connect a bank account via Plaid or Flinks (available on Waypoint Plus and Pro plans), we receive and store:
- Account names, types, masked account numbers, and current balances (to display your accounts and net worth)
- Transaction details — date, amount, merchant/description, category (to power transaction tracking, budgeting, and Money Coach)
- Financial institution name and logo (to identify which bank each account belongs to)
We do not receive or store your banking passwords, login credentials, or security questions. These remain with the bank connection provider (Plaid or Flinks) and are never transmitted to Waypoint. For Flinks connections, we have opted out of identity data collection (addresses, phone numbers, employment information) — we only receive transaction and balance data.
About per-account display preferences: In-app toggles on the Banks page (such as"Syncing" and"Included balance") control what each account shows in your transactions feed, reports, and net-worth view. They are display filters and do not stop data synchronization at the source — your bank connection continues to deliver balance and transaction updates to Waypoint while it is active. To stop ongoing data collection from a specific bank, disconnect that bank via the Banks page.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Process transactions and manage your account
- Send you technical notices and support messages
- Respond to your comments and questions
- Monitor and analyze usage patterns for security purposes
- Detect and prevent fraud and abuse
- Comply with legal obligations
AI Chat Features - Local Storage Only
Important: Your conversations with Waypoint Budget's AI features (Money Coach and Waypoint Guide) are stored exclusively in your browser's local storage and are never saved to our servers or database.
- No server storage - Chat messages remain on your device only
- Automatically cleared - Clearing your browser data will delete all chat history
- Not backed up - Chat history is not included in any backups
- Device-specific - Chat history is unique to each device/browser you use
- Fresh start - Each new device or browser starts with a clean conversation
Note: Messages are sent through OpenRouter (an AI routing service) to Google's Gemini AI for processing. The providers in our current routing chain (OpenRouter and Google) do not train on or retain your messages after generating a response, per their published policies. We may change AI providers from time to time as the market evolves; material changes to which providers we use will be reflected here. This processing may occur on servers outside of Canada.
3. Information Sharing and Disclosure
We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances:
- Service Providers: We may share information with trusted third parties who assist us in operating our service, conducting our business, or serving our users
- Legal Requirements: We may disclose information when required by law or to protect our rights, property, or safety
- Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction
- Consent: We may share information with your explicit consent
Third-Party Service Providers
We use the following third-party service providers who may process your personal information. Each acts as our service provider (processor) — they process data on our behalf and under our instructions, not for their own independent purposes.
Plaid Inc. (Bank Connection Service)
- Role: Plaid Inc. acts as Waypoint Budget's service provider for bank connectivity (available on paid plans — Waypoint Plus and Pro). Plaid is not an independent controller of your data when used through Waypoint.
- Plaid Products We Use: Transactions only. We use Plaid's Transactions Sync API to retrieve transaction history and balance updates. We do not use Plaid Auth, Plaid Identity, Plaid Investments, Plaid Liabilities, Plaid Income, or Plaid Consumer Report — none of those products are enabled on our integration.
- Data Shared: When you connect your bank, you provide your banking credentials directly to Plaid (not to us). Plaid then shares transaction details (date, amount, merchant, category), balances, account names and types, and masked account numbers with us.
- Data Storage: Plaid stores your banking credentials securely. We never see or have access to your banking login information.
- US Consumer Report Disclosure: Waypoint Budget does not use Plaid to obtain a"consumer report" as defined under the US Fair Credit Reporting Act (FCRA). We only use Plaid's transaction data products, which are not consumer reports.
- Manage at Plaid: You can view and revoke Plaid connections directly at my.plaid.com.
- Plaid End User Privacy Policy: plaid.com/legal/#end-user-privacy-policy
Flinks Technology Inc. (Bank Connection Service — Canadian Institutions)
- Role: Flinks acts as Waypoint Budget's service provider for Canadian bank connectivity that Plaid cannot reliably support (available on paid plans — Waypoint Plus and Pro). Used as an alternate or backup provider alongside Plaid.
- Data Shared: When you connect your bank through Flinks, you provide your banking credentials directly to Flinks (not to us). Flinks then shares account details and transactions (date, amount, merchant, category) with us.
- Data Storage: Flinks stores credentials and connection data securely on Canadian infrastructure. We never see or have access to your banking login information.
- Data Minimization: We have opted out of Flinks's optional identity data collection. We do not receive account holder addresses, phone numbers, dates of birth, or employment information — only the transaction and balance data necessary to power budgeting features.
- Territory: Canada only. Flinks is a Montreal-based Canadian company regulated under Canadian privacy laws (PIPEDA).
- End-User Agreement: Flinks End-User Agreement
- Manage at Flinks: To revoke a Flinks connection, disconnect it from the Banks page in Waypoint. Flinks does not currently expose a separate end-user portal; contact us at support@waypointbudget.com if you need help disconnecting.
- Privacy Policy: flinks.com/privacy-policy
OpenRouter & Google Gemini AI (AI Features)
- Purpose: Powers Waypoint's AI ("smart") features: automatic transaction categorization, receipt and statement scanning, spending insights, AI budget generation, subscription detection, Money Coach (AI budget analysis), and Waypoint Guide (in-app help assistant).
- How It Works: Messages are routed through OpenRouter (an AI routing service) to Google's Gemini AI models for processing. Today we route primarily to Google Gemini 2.5 Flash and Gemini 2.5 Flash Lite.
- Data We Send: Depending on the feature, we send transaction details (description, amount, date), budget and category context, spending totals, and goals — and, when you choose to scan one, receipt or statement images. Money Coach sends a snapshot of this financial data alongside your question. We never send your name, email, or bank login credentials to AI providers.
- Waypoint Guide Data: Only your help question, current page, and subscription tier are sent — no financial data is shared.
- Zero Data Retention, No Training: OpenRouter and Google act solely as data processors on our behalf. We send your data under a zero-data-retention configuration: your inputs and the AI's outputs are not stored after a response is generated, and are never used to train or improve their models, per their published terms (see links below). Both provide protections equivalent to those described in this policy. We may change AI providers from time to time as the market evolves; material changes will be reflected here.
- Your Consent & Control: In our iOS app, AI features are off until you explicitly turn them on, and you can disable them at any time in Settings. When AI is off, transactions are categorized by your own rules instead.
- Chat History: Stored locally in your browser only — we do not have access to your chat history.
- Cross-Border Processing: Your messages may be processed on servers located in the United States or other countries where AI providers operate.
- Privacy Policies: openrouter.ai/privacy | policies.google.com/privacy
Stripe, Inc. (Payment Processing)
- Purpose: Processes subscription payments for Waypoint Plus and Waypoint Pro on web, iOS, and Android (we do not use Apple In-App Purchase or Google Play Billing — see Terms §7).
- Data Shared: Email, billing address, and payment method information
- Data Storage: Stripe securely stores your payment information. We never see your full credit card details
- Retention: Stripe may retain anonymized transaction records for 7 years for legal compliance (tax reporting, audits)
- Privacy Policy: stripe.com/privacy
Clerk (Authentication)
- Purpose: Manages user authentication, account creation, login sessions, multi-factor authentication, and OAuth sign-in (Google, Apple, and any other providers we enable)
- Data Shared: Email, name, profile image (if provided), authentication credentials, and OAuth identifiers from any social login you choose to use
- Data Storage: Clerk stores authentication data securely on your behalf
- Privacy Policy: clerk.com/legal/privacy
Supabase (Database Hosting)
- Purpose: Hosts the PostgreSQL database that stores all your financial data, budgets, transactions, and account information
- Data Location: Canadian servers (AWS Canada Central — Montreal region)
- Data Shared: All user data entered into the application
- Security: SOC 2 Type II certified for security and availability
- Privacy Policy: supabase.com/privacy
PostHog (Product Analytics) — Loads Only With Consent
- Purpose: Analyzes user behavior and product usage to improve the application
- Data Location: US servers (PostHog Cloud — US region)
- Data Shared: Pageviews, click events, user interactions, device information, IP address, geographic location (city/country)
- Consent Required: Yes — PostHog does not initialize until you accept analytics cookies on our consent banner. Declining or ignoring the banner means PostHog never runs and no analytics events are captured.
- Session Recording: Disabled. We do not record your screen, keystrokes, or form inputs (verified in our PostHog configuration:
disable_session_recording: true). - Person Profiles: Only created for identified (signed-in) users (
person_profiles: 'identified_only'). - Privacy Policy: posthog.com/privacy
Meta Pixel (Facebook Pixel) — Loads Only With Consent
- Purpose: Tracks advertising conversions and user engagement from Facebook/Instagram ads
- Data Shared: Pageviews, button clicks, sign-ups, bank connections, subscription purchases, device information, IP address, browser data
- Data Storage: Meta (Facebook) servers worldwide
- Consent Required: Yes — Meta Pixel does not load until you accept analytics cookies on our consent banner. Declining or ignoring the banner means Meta Pixel never runs.
- Used For: Measuring ad campaign effectiveness, creating remarketing audiences, optimizing ad delivery
- Privacy Policy: facebook.com/privacy/policy
Google Ads Conversion Tracking — Loads Only With Consent
- Purpose: Tracks advertising conversions and measures Google Ads campaign performance
- Data Shared: Pageviews, conversion events (sign-ups, subscriptions), device information, IP address, browser data
- Data Storage: Google servers worldwide
- Consent Required: Yes — Google Ads gtag.js does not load until you accept analytics cookies on our consent banner. Declining or ignoring the banner means Google Ads conversion tracking never runs. You can also opt out via Google's ad personalization settings or send a Global Privacy Control (GPC) signal at any time — see Section 8.
- Used For: Measuring ad effectiveness, conversion tracking, remarketing
- Privacy Policy: policies.google.com/privacy
Resend (Transactional Email)
- Purpose: Delivers transactional emails such as contact-form responses, support replies, and account notifications
- Data Shared: Your email address, the contents of the relevant transactional message, and basic metadata required to deliver it
- Privacy Policy: resend.com/legal/privacy-policy
Service Provider Review: Before engaging any of the service providers listed above, we evaluate their privacy practices, security posture, and applicable certifications. We continue to monitor their public commitments and update this policy if a provider materially changes how personal information is handled.
Note: All third-party service providers are required to comply with applicable privacy laws and use your information only for the purposes described above.
4. Data Security
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication systems
- Monitoring and logging of system access
- Employee training on data protection
- Secure data centers and infrastructure
5. Data Retention and Account Deletion
We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
How to Delete Your Account
In the Waypoint Budget app or on the web:
- Sign in and open Profile.
- On the Privacy & Security card, click Manage.
- Open the Security tab.
- Click Delete account and confirm.
This works identically on web, the iOS app, and the Android app. If you can't access the app for any reason, visit waypointbudget.com/delete-account for written instructions and an email-based deletion request option.
When You Delete Your Account
When you delete your account, we begin deletion of your personal information from our systems immediately, including:
- Your profile information (name, email, preferences)
- All budgets, transactions, and financial data you created
- Connected bank account information and settings
- Savings goals, financial goals, and custom categories
- Chat history with AI features (stored locally on your device — cleared by clearing browser data)
Backup Retention: When you delete your account, your personal data is purged immediately from our active systems. Encrypted database backups managed by our infrastructure provider (Supabase) follow their standard retention policy and will eventually purge any remaining copies on that schedule. We do not retain manual backups of user data.
Retention Windows During Active Use
- Bank transaction history: We pull up to 90 days of historical transactions when you first connect a bank. Ongoing sync stores transactions for the lifetime of your account, so you can review your full history within Waypoint.
- Inactive bank connections: If a bank connection remains in an error state for 30 or more days without being reconnected, we automatically remove it along with its associated transactions.
- Account deletion: Personal data is purged immediately from our active systems. Any remaining copies in encrypted infrastructure backups (Supabase) are subject to their standard retention schedule.
Payment and Subscription Data
Important: If you have an active subscription, deleting your account will automatically cancel all subscriptions and remove your payment information from our payment processor, Stripe.
- Immediate cancellation - All active subscriptions are canceled when you delete your account
- Payment data removed - Your payment methods (credit cards, etc.) are deleted from Stripe
- Personal information cleared - Email, billing address, and customer profile are removed from Stripe
- Financial records retained - Transaction history may be retained by Stripe for legal compliance (tax reporting, audits) as required by law, typically for 7 years
- Anonymized records - Any retained financial records are anonymized and no longer linked to your identity
This retention of anonymized financial records is required by tax authorities and financial regulations in Canada and the United States, and is standard practice for all payment processors.
For any questions about data deletion or retention, please contact us at support@waypointbudget.com
6. Your Rights, Consent, and Choices
You have the right to:
- Access and update your personal information
- Request correction of inaccurate or incomplete personal information
- Request deletion of your personal information
- Request a copy of your data in a portable format
- Opt out of certain communications
- Withdraw consent for data processing (see below)
- File a complaint with privacy authorities
Express Consent for Sensitive Data
Bank-synced financial data is treated as sensitive personal information. Before any bank connection is made, you are presented with a dedicated consent screen that names the provider (Plaid or Flinks), explains what data will be retrieved, and requires your express opt-in. You may decline at any time, and you may withdraw consent later by disconnecting the bank.
How to Withdraw Consent
You may withdraw your consent for specific processing activities by:
- (a) Disconnect a bank: Open the Banks page in Waypoint and disconnect the relevant institution to stop all further bank-synced data collection from that provider.
- (b) Cookie banner: Decline analytics cookies on first visit, or change your choice at any time from our Cookie Policy page. Declining prevents Meta Pixel from loading.
- (c) Email opt-out: Email support@waypointbudget.com to opt out of any non-transactional emails, or to make a general consent-withdrawal request.
- (d) Delete your account: Use Profile → Manage → Security → Delete account to withdraw consent for all processing and remove your data.
Consequences of withdrawal: Some withdrawals will limit functionality. For example, disconnecting your bank stops automatic transaction sync (you can still use manual entry). Deleting your account ends all access to the Service. We will tell you in plain language what changes when you withdraw consent.
Response Time
We respond to verified privacy requests (access, correction, deletion, portability, consent withdrawal) within 30 days of receipt. If we need additional time due to the complexity of a request, we will tell you within the first 30 days and explain why.
To exercise these rights, please contact us at support@waypointbudget.com
6A. Data Accuracy
We take reasonable steps to keep the personal information we hold about you accurate, complete, and up to date for the purposes for which it is used:
- You can update your name, email, profile image, and preferences at any time from Profile → Manage.
- You can edit, recategorize, or delete any transaction you have imported, entered, or synced.
- If you spot incorrect data we hold about you that you cannot fix yourself, email support@waypointbudget.com and we will correct it.
- For bank-synced data, please remember that the source of truth is your financial institution — we display what Plaid or Flinks returns. If a transaction is wrong at the source, contact your bank.
6B. Automated Decision-Making
Under Quebec Law 25 article 12.1, we disclose the following automated processing of your personal information. None of these decisions have legal effects on you or significantly affect you in the legal sense — they are convenience features you can override.
- Transaction auto-categorization: When transactions arrive from your bank, we apply rule-based logic and an AI model (Google Gemini via OpenRouter) to suggest a category for each transaction. The category is based on the transaction's merchant, amount, and description, plus your existing categorization rules. You can change any suggested category at any time, and the system will learn from your correction.
- Money Coach AI suggestions: When you ask Money Coach a question, it analyzes your spending, budget, and goals to generate a personalized response. The data used for each query is described in Section 3 (OpenRouter & Google Gemini AI). Money Coach output is informational only and is never executed automatically against your account.
- Auto-disconnect of bank connections: If a bank connection remains in a persistent error state for 30 or more days without being reconnected, we automatically remove it along with its associated transactions. While the connection is broken, an in-app banner on the Banks page surfaces the issue so you can reconnect at any time.
Quebec residents: You may request additional information about the personal information used for any of these automated decisions, the principal factors and parameters that led to the decision, and the right to submit observations to a Waypoint Budget employee to review the decision. Contact our Privacy Officer at jamal@waypointbudget.com.
6C. Data Portability (Quebec Law 25 art. 27)
You have the right to receive a copy of the personal information you have provided to us in a structured, commonly used, technological format, and to have it transmitted to another organization where technically feasible.
- You can export your transactions and account data at any time from your Profile page in CSV format.
- For a complete data export (profile + budgets + transactions + goals + categories), email support@waypointbudget.com and we will provide a JSON/CSV bundle within 30 days.
- Transmission to another organization is supported on a best-efforts basis and depends on the receiving organization's technical ability to ingest the format.
6D. Email Communications (CASL)
We comply with Canada's Anti-Spam Legislation (CASL) and US email-marketing rules (CAN-SPAM). All commercial electronic messages we send identify Waypoint Budget Inc. as the sender, include our mailing address (Alberta, Canada), and include a clear unsubscribe link.
- Transactional emails (account confirmation, password resets, payment receipts, security alerts, support replies) are sent regardless of marketing consent because they relate directly to the Service you signed up for. These are required to operate your account and have no unsubscribe option.
- Marketing emails (newsletters, feature announcements, promotional offers) are sent only with your express consent. If we add marketing email programs in future, you will receive a separate opt-in prompt before we send any.
- Unsubscribe: Every marketing email includes a one-click unsubscribe link. We process unsubscribes within 10 business days as required by CASL.
6E. California Privacy Rights (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) gives you the following rights:
- Right to know what personal information we collect about you, the sources we collect it from, the purposes for which we use it, and the third parties we share it with
- Right to delete the personal information we have collected about you (subject to certain legal exceptions)
- Right to correct inaccurate personal information we hold about you
- Right to limit use and disclosure of sensitive personal information — applies to financial account data; you can disconnect bank connections at any time
- Right to opt out of sale or sharing for cross-context behavioral advertising
- Right to non-discrimination for exercising any of the above rights
We do not sell your personal information. We do not"sell" or"share" personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.
To exercise California rights: Email support@waypointbudget.com with the subject line"California Privacy Request" or use the in-app account deletion flow described in Section 5. We may need to verify your identity before responding to a verifiable consumer request. You may also designate an authorized agent to make a request on your behalf.
Other US states: We extend equivalent access, deletion, correction, and portability rights to residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), and other US states with comparable laws. Use the same contact method above.
7. Analytics
We use analytics services to understand and improve your experience:
Vercel Analytics & Speed Insights
We use Vercel Analytics and Speed Insights to monitor basic website performance and traffic:
- Anonymous page views and visit counts
- Website performance metrics (load times, responsiveness)
- General traffic sources and referrers
- Device and browser types (aggregated)
No consent required: Vercel Analytics is privacy-first by design, uses no tracking cookies, collects no personal data, and cannot identify individual users. This is considered"strictly necessary" analytics for technical operation.
PostHog (Product Analytics)
- Purpose: Product analytics and user behavior insights to improve app functionality and user experience
- Data Collected: Pageviews, click events, user interactions, device information, IP address, geographic location (city/country), browser type, screen resolution, referrer URLs
- User Identification: Anonymous for visitors. Identified profiles are only created when you are signed in (
person_profiles: 'identified_only'). - Features Enabled:
- Autocapture: Automatically tracks clicks, button presses, and page interactions
- Page Tracking: Records page visits and navigation patterns
- Page Leave: Tracks when you leave a page
- Session Recording: Disabled — we do NOT record your screen or keystrokes
- Surveys: Disabled
- Data Storage: PostHog stores analytics data on US servers (PostHog Cloud — US region)
- Consent Required: Yes — PostHog does not initialize until you accept analytics cookies on our consent banner. Declining or ignoring the banner means PostHog never runs and no analytics events, cookies, or pageviews are captured. You can also block analytics with browser-level tracking protection (e.g., Brave Shields, Firefox ETP, uBlock Origin) or by sending a Global Privacy Control (GPC) signal at any time — see Section 8. For a server-side opt-out request, email support@waypointbudget.com.
- Cookies Used: PostHog cookies (
ph_phc_*_posthog) are only set after you accept the analytics cookie banner. See Cookie Policy for details. - Privacy Policy: posthog.com/privacy
Meta Pixel (Facebook Pixel) — Advertising Analytics
- Purpose: Measures effectiveness of our Facebook and Instagram advertising campaigns
- Data Collected: Pageviews, conversion events (sign-ups, bank connections, subscriptions), button clicks, device information, IP address, browser data
- Data Storage: Meta (Facebook) servers worldwide
- Consent Required: Yes — Meta Pixel only loads after you accept analytics cookies on our consent banner. Declining or ignoring the banner means Meta Pixel never runs.
- How We Use It: Track which ads bring visitors to our site, measure conversion rates, create remarketing audiences, optimize ad delivery
- Privacy Policy: facebook.com/privacy/policy
Google Ads Conversion Tracking — Advertising Analytics
- Purpose: Measures effectiveness of our Google advertising campaigns
- Data Collected: Pageviews, conversion events (sign-ups, subscriptions), device information, IP address, browser data
- Data Storage: Google servers worldwide
- Consent Required: Yes — Google's gtag.js does not load until you accept analytics cookies on our consent banner. Declining or ignoring the banner means Google Ads conversion tracking never runs. You can also opt out via Google's ad personalization settings or send a Global Privacy Control (GPC) signal at any time — see Section 8.
- How We Use It: Track Google Ads performance, measure conversion rates, create remarketing lists
- Privacy Policy: policies.google.com/privacy
Summary: PostHog, Meta Pixel, and Google Ads conversion tracking are all gated by your cookie-banner choice — none of them load, set cookies, or fire events until you click "Accept" on the consent banner. Declining or ignoring the banner means no third-party analytics or advertising trackers run. Vercel Analytics and Vercel Speed Insights load as first-party measurement (no third-party cookies, no individual identification) and operate as strictly-necessary site analytics.
For more details about cookies we use, see our Cookie Policy.
8. Cookies, Tracking, and Global Privacy Control
We use cookies and similar technologies to enhance your experience, analyze usage, and improve our services. You can control cookie settings through your browser preferences and our in-app cookie banner.
We do not share cookie data with third parties for cross-context behavioral advertising.
Global Privacy Control (GPC)
We honor the Global Privacy Control browser signal. If your browser sends a GPC header, we treat it as an opt-out of any"sale" or"sharing" of personal information under the CCPA/CPRA and equivalent US state laws, and as a withdrawal of consent for non-essential advertising trackers (such as Meta Pixel). Note that you do not need to send GPC for us to comply with those laws — we already do not sell or share your data.
9. Children's Privacy
Our Service is not directed to children. You must be at least 16 years of age to create a Waypoint Budget account. In Quebec, the minimum age is the higher of 14 or any age set by Quebec law for consent to the processing of personal information.
We do not knowingly collect personal information from children under 16 (or under 14 in Quebec). If we become aware that we have collected personal information from a child under these ages without verifiable parental or guardian consent, we will delete it.
Google Play Families Policy: Waypoint Budget is not enrolled in Google Play's"Designed for Families" program. The app is not designed for or targeted to children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@waypointbudget.com and we will take steps to delete it.
10. Data Storage Location
Your Data Stays in Canada: Your data is stored on secure servers located in Canada (AWS Canada Central - Montreal region) through our database provider, Supabase.
- Data Location: All user data, including budgets, transactions, and financial information, is stored on servers in Canada
- Why: We use Supabase database hosting services for reliability, performance, and cost-effectiveness. Their Canadian data centers provide enterprise-grade infrastructure while keeping your data within Canada
- Privacy Protection: By storing data in Canada, your information is subject to Canadian privacy laws (PIPEDA, Quebec Law 25) and protected by Canada's strong privacy framework
- Limited Cross-Border Processing: Your stored financial data (budgets, transactions, goals) remains in Canada. However, when you use AI features (Money Coach and Waypoint Guide), your chat messages are processed by third-party AI providers whose servers may be located in the United States. No financial data is sent to AI providers through Waypoint Guide; Money Coach sends only the specific budget context needed to answer your question
- Plaid Cross-Border Processing Caveat: When you connect a bank via Plaid (primarily for US banks, but also available for some Canadian institutions), transaction data is processed through Plaid's US-based infrastructure before being stored in our Canadian database. By contrast, connections made via Flinks remain entirely within Canadian infrastructure — from your bank to Flinks (Montreal, Canada) to our Canadian Supabase database. Canadian users who want their bank data to stay within Canadian infrastructure end-to-end can choose to connect via Flinks.
Security Safeguards
We implement comprehensive security measures to protect your information:
- Encryption in Transit: All data transmitted between your device and our servers is encrypted using industry-standard TLS/SSL protocols
- Encryption at Rest: Your data is encrypted when stored in our database
- Access Controls: Strict authentication and authorization controls limit who can access your data
- SOC 2 Compliance: Our database provider (Supabase) maintains SOC 2 Type II certification for security and availability
- Regular Audits: We conduct regular security assessments and vulnerability scans
- Data Minimization: We only collect and store data necessary to provide our services
Your Rights Under Canadian Privacy Laws
Under PIPEDA, Quebec Law 25, and provincial privacy laws, you have the right to:
- Know where your data is stored (disclosed above)
- Access and update your personal information
- Request correction of inaccurate personal information
- Request deletion of your account and all associated data
- Request a copy of your data in a portable format
- Request information about security measures protecting your data
- Request information about, and to submit observations on, decisions made about you exclusively by automated processing
- File a complaint with the Privacy Commissioner of Canada or the Commission d'accès à l'information du Québec if you have concerns
For questions about data storage or to exercise your privacy rights, contact us at support@waypointbudget.com
11. Data Breach Notification
In the unlikely event of a data breach that poses a real risk of significant harm to you, we are committed to transparent and timely communication.
Our Commitment
If a data breach occurs:
- We will notify affected users as soon as feasible after we determine that a breach has occurred and poses a real risk of significant harm, via email to the address associated with your account.
- We will notify the Privacy Commissioner of Canada as soon as feasible, as required by PIPEDA (Personal Information Protection and Electronic Documents Act, s.10.1).
- We will notify the Commission d'accès à l'information du Québec (CAI) promptly where Quebec Law 25 applies.
- We will notify applicable US state Attorneys General where required by state breach notification laws.
- We will disclose:
- What data was affected by the breach
- What we are doing to address and contain the breach
- Steps you should take to protect yourself
- Contact information for questions or concerns
Your Rights
- Right to be informed about data breaches that may affect your personal information
- Right to file a complaint with the Privacy Commissioner of Canada, the Commission d'accès à l'information du Québec, or your state Attorney General if you believe your privacy rights have been violated
- Right to seek remedies under PIPEDA, Quebec Law 25, or applicable US privacy laws for any harm caused by a privacy breach
- Right to request details about the breach and the steps we are taking to prevent future incidents
Prevention Measures
We apply security measures appropriate to our size and the sensitivity of the data we hold, including:
- Platform-level security monitoring provided by our infrastructure providers (Supabase, Vercel, Clerk), each of which maintains industry certifications such as SOC 2.
- Internal incident-response procedures appropriate to our current team size, with documented escalation paths.
- Encryption of sensitive data in transit (TLS 1.2+) and at rest on encrypted storage volumes managed by Supabase (AES-256). Per-row application-level encryption is not currently used.
- Multi-factor authentication and access controls
If you believe your account may have been compromised, please contact us immediately at support@waypointbudget.com
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the"Effective Date". For material changes, we will provide additional notice (such as an in-app banner or email) at least 30 days before the change takes effect. You are advised to review this Privacy Policy periodically for any changes.
Previous Versions
We maintain a record of material revisions to this policy. To request a previous version of this Privacy Policy, email support@waypointbudget.com.
App Store Privacy Labels
The disclosures in this policy are consistent with the App Store privacy nutrition labels and the Google Play Data safety declarations for the Waypoint Budget iOS and Android apps. If you spot a discrepancy, the controlling document is this Privacy Policy — please report any inconsistency to support@waypointbudget.com so we can correct the store listing.
Quebec Residents — Service in French
This Privacy Policy and the Waypoint Budget Service are currently provided in English only. A French-language version is on our product roadmap. In the meantime, if you are a Quebec resident with questions about this policy or your rights under Quebec Law 25, please email support@waypointbudget.com and we will respond as quickly as we can in English.
13. Privacy Officer / Person in Charge of the Protection of Personal Information
In accordance with PIPEDA and Quebec Law 25 (article 3.1), Waypoint Budget Inc. designates a Privacy Officer who is also the Person in Charge of the Protection of Personal Information for Quebec residents. The Privacy Officer is accountable for our compliance with this Privacy Policy and applicable Canadian privacy laws.
Privacy Officer / Person in Charge of the Protection of Personal Information (Quebec Law 25):
Ahmad Jamal, Co-Founder & CEO, Waypoint Budget Inc.
Contact: jamal@waypointbudget.com
The Privacy Officer is responsible for:
- Responding to privacy-related inquiries and data access requests
- Investigating and responding to privacy complaints
- Overseeing breach response and regulator notifications
- Conducting privacy impact assessments for new processing activities and cross-border transfers
- Reviewing observations from individuals subject to automated decision-making
- Ensuring our data handling practices comply with PIPEDA, Quebec Law 25, and applicable US state privacy laws
Filing a Complaint
If you believe your privacy rights have been violated and are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada:
- Website: priv.gc.ca
- Phone: 1-800-282-1376
- Mail: 30 Victoria Street, Gatineau, Quebec K1A 1H3
Quebec residents may also file a complaint with the Commission d'accès à l'information du Québec (CAI):
California residents may contact the California Privacy Protection Agency (CPPA) or the California Attorney General. Residents of other US states with comprehensive privacy laws may contact their state Attorney General.