End User Privacy Policy

Effective Date: July 1, 2021
Privacy and security are very important to us at FinGoal. This End User Privacy Policy (“Policy”) is meant to help you (the “end user”) understand how we at FinGoal collect, use, and share end user information in our possession to operate, improve, develop, and protect our services, and as otherwise outlined in this Policy. Please take some time to read this Policy carefully.
Please note: this Policy applies to FinGoal Inc. and its subsidiaries and partners, (collectively, “FinGoal”, “we”, “our”, and “us”). To determine the relevant FinGoal entity that is responsible for processing your information, please see the “Contacting FinGoal” section below.

A quick note about FinGoal
Our mission at FinGoal is to empower innovators by delivering incredible analytics and services all predicated on better understanding folks like you on a human level, what you care about, what you value, and what motivates you. Our technology provides an easy way for the innovative financial brands you trust better serve you and help you do things like save for retirement, manage your spending, pay down debt, or transfer money. These software applications are built and provided by our business customers (we’ll call them “developers” here), and powered by FinGoal. By delivering access to high-quality, usable financial account data that we’ve analyzed and enriched, we enable developers to focus on building experiences that benefit you.

About this Policy
Our goal with this Policy is to provide a simple and straightforward explanation of what information FinGoal collects from and about end users (“End User Information”), and how we use and share that information. We value transparency and want to provide you with a clear and concise description of how we treat your End User Information.
Please note that this Policy only covers the information that FinGoal collects, uses, and shares. It does not explain what developers do with any End User Information we provide to them (or any other information they may collect about you separately from FinGoal). This Policy also does not cover any websites, products, or services provided by others. We encourage you to review the privacy policies or notices of developers or those third parties for information about their practices.
Our Data Practices
Information We Collect and Categories of Sources
As explained in greater detail below, FinGoal has collected identifiers, commercial information, electronic network activity information, professional information, inferences, and other types of End User Information.

Information we receive from your devices. When you use your device to connect to our services through a developer’s application, we receive identifiers and electronic network activity information about that device, including IP address, hardware model, operating system, which features within our services you access, and other technical information about the device. We also use cookies or similar tracking technologies to collect usage statistics and to help us provide and improve our services.

Information we receive about you from other sources. We also receive identifiers and commercial information about you directly from the relevant developer or other third parties, including our service providers, bank partners, and identity verification services. For example, developers may provide information such as your full name, email address, phone number, or information about your financial accounts and account transactions.

Inferences we derive from the data we collect. We may use the information we collect about you to derive inferences. For example, we may infer your location or your projected income based on the information we have collected about you from other sources.
How We Use Your Information
We use your End User Information for a number of business and commercial purposes, including to operate, improve, and protect the services we provide, and to develop new services. More specifically, we use your End User Information:To operate, provide, and maintain our services including our consumer advice (we call them Finsights) to Find Money for you;To improve, enhance, modify, add to, and further develop our services;To protect you, developers, our partners, FinGoal, and others from fraud, malicious activity, and other privacy and security-related concerns;To develop new services;To provide customer support to you or to developers, including to help respond to your inquiries related to our service or developers’ applications;To investigate any misuse of our service or developers’ applications, including violations of our Developer Policy, criminal activity, or other unauthorized access to our services; andFor other notified purposes with your consent.Our Lawful Bases for Processing (EEA and UK End Users Only)
For individuals in the European Economic Area (“EEA”) or the United Kingdom (“UK”), our legal basis for processing your End User Information will depend on the information concerned and the context in which we collected or processed it. Generally, however, we will normally only collect and process End User Information where:we need to fulfill our responsibilities and obligations in any contract or agreement with you (for example, to comply with our end user services agreements);to comply with our legal obligations under applicable law;\the processing is necessary for our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (for example, to safeguard our services; to communicate with you; or to provide or update our services); andyou have given your consent to do so.To the extent we rely on consent to collect and process End User Information, you have the right to withdraw your consent at any time per the instructions provided in this Policy.
How We Share Your Information
We share your End User Information for a number of business purposes:With the developer of the application you are using and as directed by that developer (such as with another third party if directed by you);To enforce any contract with you;With our data processors and other service providers, partners, or contractors in connection with the services they perform for us or developers;If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena);In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy);Between and among FinGoal and our current and future parents, affiliates, subsidiaries and other companies under common control or ownership;As we believe reasonably appropriate to protect the rights, privacy, safety, or property of you, developers, our partners, FinGoal, and others; orFor any other notified purpose with your consent.We may collect, use, and share End User Information in an aggregated, de-identified, or anonymized manner (that does not identify you personally) for any purpose permitted under applicable law. This includes creating or using aggregated, de-identified, or anonymized data based on the collected information to develop new services and to facilitate research.
We do not sell or rent personal information that we collect.
Our Retention Practices
We retain End User Information for no longer than necessary to fulfill the purposes for which it was collected and used, as described in this Policy, unless a longer retention period is required or permitted under applicable law. As permitted under applicable law, even after you stop using an application or terminate your account with one or more developer, we may still retain your information (for example, if you still have an account with another developer). However, your information will only be processed as required by law or in accordance with this Policy.
Please refer to the “Your Data Protection Rights” section for options that may be available to you, including the right to request deletion of End User Information. You can also contact us about our data retention practices using the contact information below.
Some Final Details…
International Data Transfers
We operate internationally, and as a result, will transfer the information we collect about you across international borders, including from the EEA or UK to the United States, for processing and storage. To the extent that the information we collect about you is transferred from the EEA to territories/countries for which the EU Commission has not made a finding that the legal framework in that territory/country provides adequate protection for individuals' rights and freedoms for their personal data, we will transfer such data consistent with applicable data protection laws, including through the use of the EU Commission-approved standard contractual clauses. You can ask for a copy of these standard contractual clauses by contacting as set out below.
Your Data Protection Rights
Depending on your jurisdiction, you have certain rights under applicable law regarding the personal data we process, which may include the right to request access or deletion.
In certain jurisdictions, including the EEA and UK, and subject to certain limitations and exceptions, you may have the right to: (i) know how we process your personal data; (ii) request access to or rectification of your personal data; (iii) object to, or request that we restrict, the processing of your personal data; (iv) request that we delete your personal data; (v) request that we provide the personal data you provided to us in a structured, commonly used and machine-readable format, for transmission to another controller; (vi) revoke consent at any time where our processing is based on your consent; and (vii) lodge a complaint with your local supervisory authority (if you’re in the EEA or UK, please see this page for contact details).
If you are a resident of California, subject to limitations and exceptions provided by law, you have the right to: (i) request access to the categories and specific pieces of personal information collected about you in the last twelve months (including personal information disclosed for business purposes); (ii) request deletion of your personal information; (iii) opt-out of any sales of your personal information if a business is engaged in selling your information; and (iv) not be discriminated against for exercising these rights.
As described above in “Your Choices,” if you are one of our developers, you can conveniently access your online account information by logging into your account or by contacting us. To otherwise exercise your data protection rights, where applicable, please contact us at the contact information provided below. You may be required to provide additional information necessary to confirm your identity before we can respond to your request.
Changes to this Statement
We may update or change this Privacy Statement periodically. If we make any updates or changes, we will notify you by updating the effective date at the top of this Statement. We may also provide notice of any changes through other means, such as placing a notice on our homepage at https://www.fingoal.com or sending you an email. We encourage you to review the Privacy Statement whenever you access the Services or otherwise interact with us to stay informed about our data practices and the choices available to you.
Contacting FinGoal
If you have any questions about this Privacy Statement, or our privacy practices generally, please contact us at privacy@fingoal.com or by mail at:
FinGoal, Inc.
Attn: Legal
400 W. South Boulder Road | Suite 2500
Lafayette, CO 80026, U.S.A.