At Fyrn, your financial data is the most sensitive thing we touch. We take that seriously. This policy explains exactly what we collect, why we collect it, how we protect it, and what control you have over it. We will never sell your data. Ever.
01
Who we are
Fyrn is a product of The Goochey Group, based in San Antonio, Texas. When this policy refers to “Fyrn,” “we,” “us,” or “our,” it means The Goochey Group operating the Fyrn platform at fyrn.money.
Questions about this policy? Contact us at support@thegoocheygroup.com.
02
What we collect
We collect only what's necessary to provide Fyrn's financial management features. Here's exactly what that means:
Account information
Your email address, collected via Supabase authentication when you create an account.
Financial data via Plaid
Bank account names, balances, transaction history, institution names, and account masks (last 4 digits). We never see your bank login credentials — Plaid handles that directly.
Manually entered data
Information you enter directly: account balances, vehicle values, property values, debts, and other assets you choose to track.
Finn conversation history
Your conversations with Finn, our AI financial guide. These are stored encrypted in our database so Finn can provide context-aware guidance.
App preferences
Your in-app settings and preferences to personalize your Fyrn experience.
Usage analytics
Aggregate, anonymized usage data to help us improve the product. This does not include your financial information.
What we never collect: Your actual bank credentials (Plaid handles authentication directly), Social Security numbers, full payment card numbers (Stripe processes payments — we never touch card data), or device information beyond what your browser provides.
03
How we protect your data
Financial data demands serious security. Here's what we do:
- AES-256-GCM encryption — all sensitive financial data is encrypted at rest using industry-standard encryption
- Encrypted Plaid tokens — your Plaid access tokens are encrypted before storage
- Encrypted Finn messages — your AI conversation history is encrypted at rest
- Secure transmission — all data in transit is protected via TLS/HTTPS
- Supabase authentication — industry-standard auth handling with no plaintext passwords stored
- Stripe for payments — payment processing is handled entirely by Stripe, a PCI-compliant payment processor. Fyrn never stores card numbers or payment credentials
04
How we use your data
We use your data solely to provide and improve Fyrn. Specifically:
- To display your financial picture across the Personal and Business workspaces
- To power Finn's AI guidance — Finn uses your financial data to provide personalized, context-aware insights
- To send important account notifications (email)
- To process subscription payments via Stripe
- To improve Fyrn's features and reliability using anonymized analytics
- To comply with legal obligations
We do not use your data for advertising. We do not sell your data. We do not share your data with third parties except as described in this policy.
05
Third-party services
Fyrn works with a small number of trusted third-party services to operate the platform:
- Plaid — connects your bank accounts securely. Plaid's privacy policy governs their handling of your banking credentials. Fyrn receives only account data, never credentials.
- Supabase — our database and authentication provider. Your data is stored in Supabase's secure infrastructure.
- Anthropic (Claude) — powers Finn's AI capabilities. Conversation context is sent to Anthropic's API to generate responses. Anthropic's usage policies apply.
- Stripe — processes subscription payments. Stripe is PCI-DSS compliant. Fyrn never sees or stores your payment card details.
- Vercel — hosts the Fyrn application. Aggregate, anonymized traffic data may be collected by Vercel Analytics.
06
Your rights and controls
You are in control of your data. You have the right to:
- Access your data — request a copy of all data we hold about you
- Correct your data — update or correct inaccurate information
- Delete your data — request deletion of your account and all associated data
- Disconnect Plaid — remove bank connections at any time from within the app
- Export your data — request a portable export of your financial data
- Cancel your subscription — cancel at any time with no penalty
To exercise any of these rights, contact us at support@thegoocheygroup.com. We will respond within 30 days.
07
Data retention
We retain your data for as long as your account is active. If you delete your account, we will delete your personal and financial data within 30 days, except where we are required to retain it for legal or compliance purposes.
Anonymized, aggregate analytics data may be retained indefinitely as it cannot be linked back to any individual.
08
Children's privacy
Fyrn is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately at support@thegoocheygroup.com.
09
Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and notify you via email if the changes are material. Your continued use of Fyrn after changes are posted constitutes acceptance of the updated policy.