Privacy, Security & Data Protection

ClarInsight is a private wealth intelligence platform that consolidates your assets, liabilities, and investment portfolio into a single net-worth dashboard. Because we handle sensitive financial information, privacy and security are foundational to how the product is built. This page explains, in plain language, exactly what data we process, why, and how it is protected.

• Account & identity data: your email address and authentication credentials, used solely to sign you in.
• Portfolio data: the accounts, holdings, transactions, balances, and goals you enter or import — including historical snapshots used to chart performance over time.
• Display preferences: non-sensitive settings such as your chosen display currency and theme.

We do not connect to or store credentials for your bank or brokerage. All portfolio figures are values you provide directly or extract from documents you choose to upload.

We process your data under two lawful bases of the EU General Data Protection Regulation (GDPR): performance of a contract (providing the service you signed up for) and your consent (for optional features such as AI document import).

As a data subject you have the right to:

• Access — request a copy of the data we hold about you.
• Rectification — correct inaccurate data (or edit it directly in the app).
• Erasure — delete your account and all associated data.
• Portability — export your data in a machine-readable format.
• Restriction & objection — limit or object to certain processing.

We retain your data only for as long as your account is active. When you delete your account, your personal and portfolio data is removed from our systems.

• Encryption in transit: every connection is protected with TLS (HTTPS).
• Encryption at rest: the database storing your portfolio is encrypted on disk by our infrastructure provider.
• Row-level isolation: strict row-level security policies enforce that you can only ever read or write your own data — no user can access another user's records.
• Authenticated access: all application data is served through authenticated, server-side checks tied to your verified session.

When you use AI Import to extract data from a PDF statement, the document is given the strongest protection in the platform and is never stored:

• Encrypted in your browser: before it leaves your device, the PDF is wrapped in a single-use AES-256-GCM envelope using a freshly generated, ephemeral key — layered on top of the TLS connection.
• Decrypted in memory only: the server decrypts the document in memory, validates it, forwards it to the AI engine, and then immediately discards it. It is never written to a database, storage bucket, or disk.
• Keys discarded after use: the single-use encryption key and the plaintext buffer are zeroized right after the request completes.
• Never logged: document contents and keys are never written to logs.

The AI Import feature uses Google Gemini (3 Flash Preview) through the Lovable AI Gateway to read the financial figures in your uploaded document. The document is sent only for the purpose of that single extraction, is processed in memory, and is not retained. Your data is not used to train AI models.

We rely on a small number of trusted infrastructure providers:

• Cloud backend provider — hosting, authentication, and the encrypted database.
• Lovable AI Gateway — AI inference for optional document extraction.

We do not sell, rent, or share your personal or financial data with advertisers or data brokers.

We use only essential, functional cookies required to keep you signed in and to remember your preferences. We do not use third-party advertising or cross-site tracking cookies.

For any privacy request — access, correction, deletion, or questions about this page — contact our data controller at privacy@clarsight.app.