Privacy Policy

1. Summary

• We never connect to your bank or read your transactions.
• We don't sell your data or share it with advertisers.
• You can delete your account, and the data tied to it, at any time.

2. What data we collect

We try to collect the minimum we need to run BenefitCue:

• Account: email address, optional display name, and timezone.
• Card data you add: which cards from our public catalog you hold, the anniversary date you provide, and any benefits you mark as used (with the dollar amount you enter).
• Notification preferences: whether you opted into email reminders, the alert window, and the minimum benefit value you care about.
• Waitlist signups: if you give us your email for BenefitCue Plus, we store it and the page you signed up from.
• Basic logs: IP address and user agent, used for security, abuse prevention, and debugging.

3. How we use it

• To operate the service and show you your wallet.
• To send notifications you explicitly opted into (e.g. expiring benefit reminders).
• To prevent abuse, debug issues, and keep the service available.

4. What we don't do

• We don't link to your bank or scrape your transactions. You tell us which catalog cards you hold; we don't see card numbers.
• We don't sell your data or share it with advertisers.
• We don't embed third-party advertising or analytics trackers in the product.
• We don't require multi-factor identification beyond what our auth provider offers.

5. Subprocessors

We use a small number of vendors to run BenefitCue:

• Supabase — authentication (email magic link, Google OAuth) and Postgres database. Data is encrypted at rest and in transit.
• Vercel — application hosting (TODO: confirm hosting provider before launch).
• Resend — transactional email (sign-in links, opt-in notifications).
• Stripe — payments and subscription management, once the paid plan launches.

6. Cookies & local storage

• An authentication session cookie set by Supabase so you stay signed in.
• A small flag in localStorage remembering that you dismissed the timezone prompt.

We don't use cookies for advertising or cross-site tracking.

7. Data retention

We keep your data for as long as your account exists. When you delete your account, or 30 days after a deletion request, we remove your account record and the data attached to it. Backup copies may persist for a short rolling window before being overwritten.

8. Your rights

You can ask us to:

• Access the data we hold about you.
• Export your wallet and usage history.
• Correct anything that's wrong.
• Delete your account and the data tied to it.

Make these requests from the account you signed up with through the in-app controls; we'll respond within 30 days.

9. Children

BenefitCue is not intended for users under 18. We don't knowingly collect data from anyone under 18. If you believe a child has signed up, email us and we'll delete the account.

10. International transfers

Our infrastructure (Supabase, Vercel, Resend) runs in the United States. If you use BenefitCue from outside the US, your data will be transferred to and processed in the US under those vendors' standard data protection terms.

11. Changes

When we update this policy we'll bump the “Last updated” date at the top. For material changes (new subprocessors, new categories of data) we'll email account holders before the change takes effect.

12. Contact

For privacy questions, use the in-app controls on your account page to access, export, or delete your data.