Privacy Policy
Effective Date: July 1, 2025
Last Updated: March 7, 2026
Introduction
Sumyfi ("we", "our", "us") is committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial mobile application (the "App").
Information We Collect
We collect various types of information to provide and improve our services, ensure the security of your data, and comply with legal obligations. This includes:
a. Personal Information
- Full name
- Email address
- Phone number
- Mailing address
b. Financial Information
- Bank account and routing numbers
- Credit/debit card details (tokenized)
- Transaction history
- Account balances
c. Device & Usage Information
- IP address
- Mobile device identifiers (e.g., IMEI, MAC address)
- Operating system and browser type
- App usage statistics and crash logs
- Location data (with permission)
d. Authentication and Security Data
- Login credentials (encrypted)
- Biometric data (e.g., fingerprint or face ID, if enabled)
- Security questions and answers
How We Use Your Information
We use your data for the following purposes:
- To provide, operate, and maintain the App
- To verify your identity and enable secure access
- To process payments and transactions
- To communicate with you, including notifications and service updates
- To detect, investigate, and prevent fraudulent or unauthorized activity
- To comply with legal obligations and regulatory requirements
- To improve and personalize your experience
- For internal analytics and research
- To provide AI-powered insights and recommendations (with your consent)
AI Data Minimization & User Control
When using AI features, we follow strict rules to protect your privacy:
- We only send the minimum data required to answer your question or provide insights.
- Account numbers, full identifiers, and raw merchant names are never sent to AI providers.
- Balances and amounts are rounded or bucketed; merchant names are replaced with categories.
- Transaction details are only included if directly relevant to your request.
- You can enable or disable AI-powered features at any time in your account settings.
Sharing Your Information
We do not sell your personal data. We may share your information in the following ways:
a. With Service Providers
Trusted third-party vendors who perform functions on our behalf, such as:
- Payment processors
- Cloud hosting providers
- ID verification services
- Customer support tools
b. With Financial Institutions
When necessary to process transactions or comply with legal obligations.
c. Legal and Regulatory Authorities
To comply with applicable laws, legal processes, or regulatory obligations, or to protect our rights and users.
d. In Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.
Data Security
We implement robust security measures to protect your data, including:
- End-to-end encryption (SSL/TLS)
- Data encryption at rest and in transit
- Multi-factor authentication (MFA)
- Access controls and ongoing security reviews
- Limited access by authorized personnel only
However, no system is completely secure. We encourage users to take precautions, such as setting strong passwords and keeping login information confidential.
Data Retention
We retain your information as long as necessary to:
- Fulfill the purposes outlined in this policy
- Comply with legal, regulatory, and contractual obligations
- Resolve disputes and enforce our agreements
After retention periods end, data is securely deleted or anonymized.
Your Privacy Rights
Depending on your jurisdiction, you may have the right to:
- Access and obtain a copy of your data
- Correct inaccuracies in your data
- Delete or restrict your data
- Object to the processing of your data
- Withdraw consent at any time
- Transfer your data to another provider (data portability)
To exercise any of these rights, contact us at: support@sumyfi.com.
Children's Privacy
Our App is not intended for children under the age of 18. We do not knowingly collect personal data from children. If we learn that we have collected data from a child without parental consent, we will delete it promptly.
International Users
If you access our App from outside your home jurisdiction, your data may be transferred to and stored in countries that may not have the same level of data protection laws. By using our App, you consent to this transfer.
Third-Party Services & Links
Our App may contain links to third-party websites or services. We do not control these third-party websites or services nor are we responsible for their content or practices. We encourage you to read their privacy policies.
Where you elect to connect accounts held at financial institutions, we may engage trusted third-party providers (for example, Plaid) to facilitate secure account connections. Before any financial data is accessed through such providers, you will be asked to provide consent directly to the provider.
Any data accessed via these services is subject to the provider's terms and privacy practices (for Plaid, see https://plaid.com/legal/#end-user-privacy-policy).
Authentication and credential handling for linked financial institutions are managed by the provider and we do not retain those login credentials.
Changes to This Privacy Policy
We may update this policy from time to time. When we do, we will revise the "Last Updated" date and notify you of significant changes. Your continued use of the App after such changes constitutes your acceptance of the new terms.
Contact Us
If you have any questions or concerns about this Privacy Policy, please contact us at:
Sumyfi
Email: support@sumyfi.com
Thank you for trusting Sumyfi with your financial information. We are committed to protecting your privacy and providing you with a secure and reliable financial experience.