Privacy Policy

1. Information We Collect

Account Information: When you register, we collect your email address, username, and a hashed version of your password. Your password is never stored in plain text.

Financial Data via Plaid: If you choose to link a bank account, Vigil uses Plaid Technologies, Inc. to retrieve your account balances and recent transaction history. We store Plaid access tokens and account metadata (institution name, account name, account type, masked account number, and balance). Recent transaction data is accessed to automatically match transactions against your manually entered entries — this matching is performed in memory on your device and the raw transaction data is not transmitted to or stored on our servers. We do not receive or store your full account numbers or banking credentials.

Cashflow Entries: Income, expense, and bill entries you create are stored locally on your device. They are not transmitted to or stored on our servers.

Usage Data: We may collect standard server logs including IP addresses, request paths, and timestamps for security and debugging purposes.

2. How We Use Your Information

• To create and manage your Vigil account
• To verify your email address and secure your account
• To retrieve bank account balances you have authorized via Plaid
• To provide email-based two-factor authentication (if enabled)
• To respond to support requests sent to support@vigilpf.com
• To maintain security, prevent fraud, and debug technical issues

We do not sell your personal information. We do not use your financial data for advertising or share it with third parties beyond what is required to operate the service.

3. Plaid

Bank linking is powered by Plaid Technologies, Inc. By connecting your bank account, you agree to Plaid's End User Privacy Policy. Plaid collects and processes your financial institution credentials and account data pursuant to its own privacy policy. Vigil only receives the account data described in Section 1 above.

4. Data Retention

We retain your account information and linked bank data for as long as you maintain an active Vigil account. Server logs are retained for up to 30 days.

When you delete your account (via Settings → Danger Zone → Delete Account), we permanently delete:

• Your user account record (username, email, password hash)
• All linked Plaid bank accounts and access tokens
• All authentication tokens and verification codes

Cashflow entries stored locally on your device are removed when you uninstall the app or clear app data.

5. Security of Your Information

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it. These include:

• Strong password protection using industry-leading hashing techniques, combined with a server-side secret, to ensure your password cannot be recovered even in the event of a database breach.
• Encryption of sensitive financial data, including any bank access credentials obtained through Plaid, using strong authenticated encryption.
• Secure transmission of all data over encrypted connections (TLS).
• Short-lived authentication tokens with automatic rotation and reuse detection to limit the impact of any potential compromise.
• Immediate session revocation and user notification in the event of detected suspicious activity, such as an attempt to reuse an invalidated session token.
• Active Sessions management so you can view and revoke access from any signed-in device at any time via Settings → Security → Active Sessions.
• Encryption at rest for our PostgreSQL database, along with security headers, rate limiting, and input validation on all endpoints.

While we strive to use reasonable and appropriate safeguards, no method of transmission or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to following current industry best practices and regularly reviewing our protections.

6. Your Rights and Choices

Access and Correction: You can update your username, email address, and password at any time within the app under Settings → Security.

Account Deletion: You can permanently delete your account and all associated server-side data via Settings → Danger Zone → Delete Account. This action is irreversible.

Disconnect Bank Accounts: You can unlink any connected bank account at any time via the Accounts screen in the app.

California Residents (CCPA): You have the right to know what personal information we collect, to request deletion, and to opt out of the sale of personal information. We do not sell personal information.

EEA/UK Residents (GDPR): You have rights of access, rectification, erasure, restriction, portability, and objection. Contact us at support@vigilpf.com to exercise these rights.

7. Children's Privacy

Vigil is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly.

8. Third-Party Services

• Plaid Technologies, Inc. – Bank account linking  Privacy Policy
• RevenueCat, Inc. – Subscription management  Privacy Policy
• Resend – Transactional email delivery  Privacy Policy
• Neon – Database hosting  Privacy Policy

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date above and, where appropriate, sending an email to your registered address. Continued use of Vigil after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your data, please reach out: