Your privacy matters

Privacy Policy

Last updated: January 15, 2025

Introduction

At Comfy, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial assistant application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

Information We Collect

Personal Information

We collect information that you provide directly to us, including:

  • Name and email address (for account creation)
  • Authentication credentials (password, securely hashed)
  • Profile information (optional)

Financial Information

When you connect your bank accounts through Plaid, we collect:

  • Bank account balances
  • Transaction history
  • Account details (account numbers, routing numbers)
  • Information about recurring bills and subscriptions

Important: Your bank login credentials (username and password) are never stored on our servers. When you connect your bank, you authenticate directly with Plaid, and we only receive an encrypted access token.

Usage Information

We automatically collect certain information when you use Comfy:

  • Questions you ask the AI assistant
  • App usage patterns and preferences
  • Device information (type, operating system, browser)
  • IP address and general location

How We Use Your Information

We use the information we collect to:

  • Provide personalized financial insights and answers to your questions
  • Calculate affordability based on your balance, bills, and safety buffer
  • Sync your bank transactions in real-time
  • Detect and track recurring bills and subscriptions
  • Send you notifications about low balances or important account activity
  • Improve our AI model and app functionality
  • Ensure security and prevent fraud
  • Comply with legal obligations

How We Share Your Information

Third-Party Service Providers

We share your information with trusted third-party service providers who help us operate Comfy:

  • Plaid: For secure bank connections and transaction data
  • OpenAI: For powering our AI assistant (financial data is anonymized and not stored by OpenAI)
  • Cloud hosting providers: For secure data storage and infrastructure

We Do NOT:

  • Sell your financial data to advertisers
  • Share your data with data brokers or marketing companies
  • Show you targeted ads based on your financial information
  • Share your data with third parties without your explicit consent (except as required by law)

Data Security

We implement industry-standard security measures to protect your information:

  • 256-bit AES encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Secure authentication using bcrypt password hashing
  • Regular security audits and penetration testing
  • Access controls and monitoring to prevent unauthorized access

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Your Rights and Choices

You have the following rights regarding your data:

  • Access: Request a copy of all data we have about you
  • Correction: Update or correct inaccurate information
  • Deletion: Delete your account and all associated data at any time
  • Export: Download your financial data in a portable format
  • Opt-out: Disable notifications or disconnect bank accounts

To exercise any of these rights, go to Settings in the app or contact us at privacy@comfy.app.

Data Retention

We retain your information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete all your financial data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Children's Privacy

Comfy is not intended for users under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately.

International Users

Comfy is operated in the United States. If you are accessing Comfy from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: privacy@comfy.app

Mail: Comfy Inc., Privacy Team, [Address TBD]