Last updated: May 2026 · Version 1.0
WorthyMinder ("we", "our", "us") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share your data when you use our personal finance management platform at worthyminder.vercel.app.
This policy complies with the General Data Protection Regulation (GDPR), South Africa's Protection of Personal Information Act (POPIA), Nigeria's Data Protection Regulation (NDPR), and other applicable data protection laws.
Account data
Full name, email address, phone number, country, currency preference. Collected when you register.
Financial data
Account balances, transaction descriptions, categories, goal amounts, and financial profile information you enter manually. We do not access your actual bank accounts without your explicit consent.
Usage data
IP address, browser type, pages visited, features used. Collected automatically for security and product improvement.
Authentication data
Encrypted passwords, OAuth tokens (Google), multi-factor authentication secrets. Never stored in plaintext.
We do not sell your personal data to third parties. We do not use your financial data for advertising purposes.
Your data is stored on Supabase (PostgreSQL), hosted on AWS infrastructure. All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Financial data is stored as integers (no floating point) to ensure accuracy.
We implement industry-standard security measures including: JWT authentication, row-level security (RLS) ensuring users can only access their own data, rate limiting, and multi-factor authentication support.
We retain your personal data for as long as your account is active. When you delete your account, your personally identifiable information (name, email, phone) is permanently anonymised within 24 hours. Transaction and financial records are retained in anonymised form for 7 years for audit purposes as required by financial regulations.
Audit logs are retained for 90 days for security purposes.
Access
Request a copy of all data we hold about you
Portability
Export your data in JSON format at any time from Settings
Correction
Update your personal information in Settings
Deletion
Delete your account and anonymise your data from Settings
Objection
Object to processing of your data for certain purposes
Restriction
Request we limit how we use your data
To exercise any right, go to Settings in your account or contact us at privacy@worthyminder.com
We use only essential cookies required for authentication and security. We do not use tracking or advertising cookies. The cookies we set include:
sb-access-tokenAuthentication session token24 hourssb-refresh-tokenSession renewal token30 daysWorthyMinder uses AI (Groq Llama 3.3) to generate personalised financial education recommendations. These recommendations are educational only and do not constitute financial advice. No automated decisions are made that have legal or similarly significant effects on you without human oversight.
Your financial data is sent to Groq's API for recommendation generation. Groq does not retain your data beyond the immediate request. You can opt out of AI recommendations by using the rule-based mode in settings.
For privacy-related questions, requests, or complaints:
WorthyMinder Privacy Team
Email: privacy@worthyminder.com
Response time: within 30 days as required by GDPR
If you are in the EU and believe we have violated your rights, you have the right to lodge a complaint with your local data protection authority.