Privacy Policy
This policy describes what information FlowVista collects, how we protect it, and the rights you have under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).
- We store your account, the financial data you upload or enter (transactions, investment holdings, bills, net-worth entries), and your settings — nothing we don't need to run the service.
- Your data is encrypted in transit and at rest, and isolated by row-level security so no other user can see it. (It is not end-to-end encrypted — FlowVista’s systems can access it to run and support the service; we never sell it.)
- We never sell your data or share it with advertisers. The optional Ask feature sends a redacted financial summary to a third-party AI provider only when you use it, and optional bill reminders / email digests are delivered through our email provider only if you turn them on.
- You can permanently delete your account and all your data immediately from your Settings, or by emailing us.
1. Who we are
FlowVista is a Canadian-built personal cashflow dashboard operated by an independent developer based in Ontario, Canada. For the purposes of PIPEDA, we are the accountable organization for any personal information we handle.
Our Privacy Officer (Responsable de la protection des renseignements personnels, as Quebec's Law 25 requires) is the person accountable for our compliance with PIPEDA and Law 25. Contact them at hello@flowvista.ca to ask how we handle your information; to exercise your access, correction, portability, de-indexing, or withdrawal-of-consent rights; or to raise a concern.
General contact: hello@flowvista.ca
2. Information we collect
We collect only what we need to run the dashboard for you:
- Account information — email address and password hash (password is never stored in plain text).
- Financial information you upload — transactions parsed from CSV exports (the CSV file is read in your browser and is not stored — only the parsed transactions are saved), investment holdings and mortgage details from PDF statements (along with the statement's file name, kept as a label — the file itself is not stored), bills, pay periods, and savings goals you add manually, and assets / liabilities you enter on the Net Worth tab.
- Preferences — your theme, category rules, budget targets, and display name.
- Service records — your consent to the terms and this policy, feedback you choose to send us, import-batch metadata, and a daily count of Ask questions (to enforce the fair-use limit).
- Basic usage signals — the app version you last loaded, to prompt you to refresh when we ship updates.
We do not collect banking credentials, connect to your bank via OAuth or open-banking APIs, or use third-party aggregators. The only way financial data enters FlowVista is by you exporting a file from your bank and uploading it yourself.
3. Why we collect it
To show you your own financial data — that's the entire purpose. Specifically:
- Parse and categorize your transactions so the dashboard can render.
- Persist your pay periods, bills, and goals across sessions so you don't have to re-upload.
- Power features you opt into (scenario planning, Ask FlowVista, PDF mortgage parsing).
4. How your data is stored and protected
Your data is stored in a Postgres database operated by Supabase, with the following safeguards:
- Encryption at rest — data is encrypted on disk by the database provider.
- Encryption in transit — all connections use TLS.
-
Row-Level Security (RLS) — every query against your transactions, bills, and net-worth rows
is filtered by
user_id = auth.uid()at the database layer, so no other authenticated user can ever read your records. - Authentication — handled by Supabase Auth; passwords are hashed and never accessible to FlowVista.
To be clear about what this does and doesn't mean: row-level security isolates your data from other users — it does not encrypt it from FlowVista itself. Your data is not end-to-end encrypted; FlowVista's operator can technically access it to run, debug, and support the service. We keep that access minimal and never sell or rent your data.
If a data breach occurs: if a security incident affects your personal information and we determine it creates a real risk of significant harm, we will report it to the Office of the Privacy Commissioner of Canada (and, for Quebec users, the Commission d'accès à l'information) and notify you directly as soon as feasible. Our notice will describe what happened, the information involved, what we did, and the steps you can take to protect yourself (such as monitoring your accounts and credit). We keep a record of all security-safeguard breaches for at least 24 months, as PIPEDA requires.
5. Where your data is processed
Our database and authentication provider is Supabase. Your data may be processed on servers located outside Canada (commonly in the United States). This means your information may be subject to the laws of the country in which it is processed, including lawful-access requests by foreign government authorities. By using FlowVista, you consent to this cross-border processing.
We remain accountable for your information when Supabase and Vercel process it on our behalf, and we rely on their contractual commitments plus encryption and per-user row-level security to keep it protected to a comparable standard. We do not claim Canadian-only data residency — your data is commonly processed in the United States.
6. Who we share your data with
Nobody, by default. Specifically, FlowVista:
- Does not sell your data. Ever.
- Does not run ads or share data with advertising networks.
- Does not use your financial data to train its own models. When you use the Ask feature, a redacted summary is sent to Groq, our AI inference provider, to generate your answer — see the Ask FlowVista section below for details.
- Does not sell, rent, or share your data with other users, employers, family members, advertisers, or data brokers (the limited service-provider exceptions — including the optional Ask assistant — are listed below).
Limited exceptions where we may process or disclose data:
- Service providers we depend on (currently: Supabase for database and auth; Vercel for hosting, whose cookieless aggregate analytics also run on our public landing page; Resend for delivering the optional reminder and digest emails; Yahoo Finance for benchmark market data; and Groq for the optional Ask assistant — the last four are detailed below) — they process data only to deliver the service to you and are bound by their own privacy commitments.
- Email reminders and digests — if you turn on bill reminders or the email digest (Settings → Notifications), those emails are delivered by Resend, our email provider. The emails necessarily contain the financial details you asked to receive — bill names, amounts, and due dates, and summary figures such as period income or net-worth totals — along with your email address. Turn the feature off and no such email is sent.
- Market data — when you view investment benchmarks, the ticker symbols involved (never your holdings' amounts or your identity) are fetched from Yahoo Finance through our server.
- Optional sign-in with Google — if you choose to sign in with Google, Google processes that sign-in under its own privacy policy and shares your email address (and profile picture, if any) with us. If you sign in with email and password, Google is not involved.
- Ask FlowVista — if you type a question into the Ask tab, the question and a summary of your financial snapshot (income, expenses, category totals) are sent to Groq, our AI inference provider (model openai/gpt-oss-120b), to generate your answer. This is only triggered by you pressing Ask. Under Groq's Services Agreement, Groq is not permitted to use submitted inputs or outputs to train or fine-tune any models, does not retain them except as needed to operate and secure the service, and does not share them with the underlying model's developer. We further limit exposure: the snapshot is mostly aggregates, and when your question is about specific transactions a small sample of matching rows may be included with personal identifiers — names, account and card numbers, email, and phone — automatically redacted. We never send your bank login or full account numbers.
- Legal compliance — if compelled by a lawful Canadian court order, we will comply, and will push back on any request that overreaches.
7. Your rights
Under PIPEDA — and consistent with Canada's evolving privacy framework, including the proposed Consumer Privacy Protection Act — you have the right to:
- Access your personal information. You already see all of it when signed in. For a complete machine-readable copy, use Settings → Data Management → Export your data — a ZIP of CSV files covering every table you can see in the app (transactions, bills, accounts, snapshots, goals, settings, and more). You can also export transactions alone from Analytics → Transactions. If you need anything else, email hello@flowvista.ca and we will provide it within 30 days.
- Correct your personal information. Edit any transaction, bill, category rule, or net-worth entry directly in the app.
- Delete your personal information. You can permanently delete your entire account and all of your data immediately from within the app's Settings. You can also email hello@flowvista.ca to request deletion, which we complete within 14 days.
- Withdraw consent to further processing at any time (subject to your continued use of the service).
- Challenge our compliance — if you believe we have mishandled your information, email us first and we will respond within 30 days. If you are not satisfied, you may file a complaint with the Office of the Privacy Commissioner of Canada.
8. Retention
We keep your data for as long as your account is active. If you delete your data or your account, we remove your records from the live database immediately and permanently. We currently keep no backups of your data — deletion is immediate and final. If we introduce short-term disaster-recovery backups in the future, they will rotate out within 7 days and this policy will be updated.
9. Cookies, local storage, and usage analytics
FlowVista uses your browser's localStorage to remember your theme preference, the app version you
last loaded, and a few small UI settings. We do not use third-party tracking cookies, analytics
pixels, or advertising cookies.
Our public landing page (not the app) uses Vercel's cookieless Web Analytics and Speed Insights — aggregate page-view and performance counts with no cookies, no cross-site tracking, and no advertising use.
To understand which features are useful, we record minimal first-party usage analytics— feature-usage events only (for example, that an import ran or the home dashboard was opened), never your transaction amounts, descriptions, account names, or any other financial detail. These events are stored in your own FlowVista account on our database and are never sent to a third party. They are on by default; you can turn them off at any time under Settings → Privacy → Usage analytics.
10. Children
FlowVista is intended only for adults. You must be at least 18 to use it, and it is not directed at minors. We do not knowingly collect information from anyone under 18; if you believe a minor has created an account, email us and we will remove it.
11. Changes to this policy
If we make material changes to this policy, we will update the "Last updated" date at the top and notify you by email before the change takes effect. Minor wording clarifications may be made without notice.
12. Contact
For any privacy question, request, or complaint, email us at hello@flowvista.ca. We aim to respond within 2 business days.