Privacy Policy
1. Introduction
At Investrio, we value your privacy and are committed to protecting your personal data and ensuring information security. This Privacy and Information Security Policy outlines how we collect, use, store, and protect your information when you use our services. By accessing or using Investrio, you agree to the terms of this Policy.
2. Information We Collect
We may collect the following types of information:
Personal Information: Name, email address, phone number, and other contact details provided by you.
Financial Data: Banking and transaction data retrieved through Plaid API (only with your explicit consent).
Usage Data: Information about how you interact with our platform, including IP addresses, browser types, and device identifiers.
Cookies and Tracking Technologies: We use cookies to enhance user experience and analyze website traffic.
3. How We Use Your Information
We use the collected data for the following purposes:
To provide and improve our financial planning and business management services.
To facilitate secure transactions and integrations through Plaid API.
To personalize user experience and provide relevant recommendations.
To comply with legal and regulatory requirements.
To enhance security and prevent fraudulent activities.
4. Plaid API Usage and End-User Consent
Use of Plaid Services: Investrio uses Plaid to securely connect and retrieve financial information from third-party institutions on your behalf.
Consent Requirement: By linking your financial accounts through Plaid, you consent to Plaid’s collection, processing, and storage of your financial data as described in Plaid’s End User Privacy Policy.
Notice: You acknowledge that Plaid operates as an independent third party, and its privacy practices are governed by its own policies. We encourage you to review Plaid’s Privacy Policy to understand how your data is handled.
5. Sharing and Disclosure of Information
No Sale of Data: We do not sell consumer data retrieved from the Plaid API.
Third-Party Service Providers: We may share data with trusted service providers who assist in delivering our services, subject to strict confidentiality agreements.
Legal Requirements: We may disclose data if required by law or to protect our legal rights.
6. Data Retention and Deletion
We retain your data only as long as necessary to fulfill our services and legal obligations.
Users can request account deletion by contacting our support team at hello@investrio.io. Upon verification, personal data will be deleted within 30 days unless retention is legally required.
7. Security Measures and Information Security Policy
We implement industry-standard security measures to protect your information, including:
Encryption: All sensitive data is encrypted using AES-256 encryption for storage and TLS 1.2+ for data transmission.
Access Controls: Role-based access control (RBAC) ensures that only authorized personnel have access to sensitive data. Multi-factor authentication (MFA) is enforced.
Intrusion Detection and Monitoring: We monitor for unauthorized access and security threats through an Intrusion Detection System (IDS) and automated alerts for suspicious activity.
Physical Security: Access to our offices and systems is restricted to authorized personnel only. All company-managed devices are encrypted and secured.
Regular Security Audits: We conduct internal audits to assess compliance with security standards and industry regulations.
8. Incident Response and Business Continuity
Incident Response Plan: We have a dedicated team to manage and respond to security incidents, following a structured approach to identify, contain, eradicate, and recover from threats.
Data Breach Notification: In the event of a data breach, we will notify affected users and regulatory authorities as required by applicable laws.
Business Continuity and Disaster Recovery: We maintain encrypted backups and conduct disaster recovery testing to ensure operational resilience.
9. Your Rights and Choices
Access and Correction: You can request access to or correction of your personal data.
Opt-Out: You may opt out of non-essential communications and tracking technologies.
Withdraw Consent: You can withdraw consent for data collection at any time.
10. Third-Party Links and Services
Our platform may contain links to third-party services, such as Plaid.
We are not responsible for their privacy practices and encourage users to review their policies.
11. Changes to This Privacy and Security Policy
We may update this Policy from time to time. Any changes will be posted on our website with an updated effective date.
12. Contact Information
If you have any questions about this Privacy and Information Security Policy, please contact us at hello@investrio.io.
Effective Date: March 11, 2025
Last Updated: March 11, 2025
At Investrio, we value your privacy and are committed to protecting your personal data and ensuring information security. This Privacy and Information Security Policy outlines how we collect, use, store, and protect your information when you use our services. By accessing or using Investrio, you agree to the terms of this Policy.
2. Information We Collect
We may collect the following types of information:
Personal Information: Name, email address, phone number, and other contact details provided by you.
Financial Data: Banking and transaction data retrieved through Plaid API (only with your explicit consent).
Usage Data: Information about how you interact with our platform, including IP addresses, browser types, and device identifiers.
Cookies and Tracking Technologies: We use cookies to enhance user experience and analyze website traffic.
3. How We Use Your Information
We use the collected data for the following purposes:
To provide and improve our financial planning and business management services.
To facilitate secure transactions and integrations through Plaid API.
To personalize user experience and provide relevant recommendations.
To comply with legal and regulatory requirements.
To enhance security and prevent fraudulent activities.
4. Plaid API Usage and End-User Consent
Use of Plaid Services: Investrio uses Plaid to securely connect and retrieve financial information from third-party institutions on your behalf.
Consent Requirement: By linking your financial accounts through Plaid, you consent to Plaid’s collection, processing, and storage of your financial data as described in Plaid’s End User Privacy Policy.
Notice: You acknowledge that Plaid operates as an independent third party, and its privacy practices are governed by its own policies. We encourage you to review Plaid’s Privacy Policy to understand how your data is handled.
5. Sharing and Disclosure of Information
No Sale of Data: We do not sell consumer data retrieved from the Plaid API.
Third-Party Service Providers: We may share data with trusted service providers who assist in delivering our services, subject to strict confidentiality agreements.
Legal Requirements: We may disclose data if required by law or to protect our legal rights.
6. Data Retention and Deletion
We retain your data only as long as necessary to fulfill our services and legal obligations.
Users can request account deletion by contacting our support team at hello@investrio.io. Upon verification, personal data will be deleted within 30 days unless retention is legally required.
7. Security Measures and Information Security Policy
We implement industry-standard security measures to protect your information, including:
Encryption: All sensitive data is encrypted using AES-256 encryption for storage and TLS 1.2+ for data transmission.
Access Controls: Role-based access control (RBAC) ensures that only authorized personnel have access to sensitive data. Multi-factor authentication (MFA) is enforced.
Intrusion Detection and Monitoring: We monitor for unauthorized access and security threats through an Intrusion Detection System (IDS) and automated alerts for suspicious activity.
Physical Security: Access to our offices and systems is restricted to authorized personnel only. All company-managed devices are encrypted and secured.
Regular Security Audits: We conduct internal audits to assess compliance with security standards and industry regulations.
8. Incident Response and Business Continuity
Incident Response Plan: We have a dedicated team to manage and respond to security incidents, following a structured approach to identify, contain, eradicate, and recover from threats.
Data Breach Notification: In the event of a data breach, we will notify affected users and regulatory authorities as required by applicable laws.
Business Continuity and Disaster Recovery: We maintain encrypted backups and conduct disaster recovery testing to ensure operational resilience.
9. Your Rights and Choices
Access and Correction: You can request access to or correction of your personal data.
Opt-Out: You may opt out of non-essential communications and tracking technologies.
Withdraw Consent: You can withdraw consent for data collection at any time.
10. Third-Party Links and Services
Our platform may contain links to third-party services, such as Plaid.
We are not responsible for their privacy practices and encourage users to review their policies.
11. Changes to This Privacy and Security Policy
We may update this Policy from time to time. Any changes will be posted on our website with an updated effective date.
12. Contact Information
If you have any questions about this Privacy and Information Security Policy, please contact us at hello@investrio.io.
Effective Date: March 11, 2025
Last Updated: March 11, 2025