Privacy Policy

BeaverSave is operated by Vocally Yours LLC, a New Jersey limited liability company. “BeaverSave” is a registered Alternate Name (DBA) of Vocally Yours LLC. In this policy, “we,” “us,” and “our” refer to Vocally Yours LLC doing business as BeaverSave. “You” refers to anyone who creates a BeaverSave account.

You can reach us at hello@beaversave.app.

This policy explains what information BeaverSave collects, how we use it, who we share it with, how long we keep it, and the choices you have. We’ve tried to write it in plain language. If anything is unclear, please email us.

When you use BeaverSave, you may give us:

• Your email address, used to sign in via magic link.
• Your display name and household setup (the people you share finances with).
• Transactions, budgets, debts, goals, categories, and notes that you enter into the app.
• Optional emotional tags or capacity check-ins you add to your own entries.

BeaverSave plans to use Plaid Inc. to let you securely connect bank, credit card, and loan accounts so transactions and balances import automatically. As of the effective date above, the Plaid integration is not yet live in BeaverSave.

When the Plaid integration goes live, you will be asked to authorize it explicitly. If you authorize it, Plaid (not BeaverSave) handles authentication with your financial institution. We will then receive read-only access to:

• Account names, types, and balances
• Transaction history (date, amount, merchant, category hints)
• Account and routing identifiers, if you enable that scope

BeaverSave does not receive or store your bank login credentials. Plaid manages those.

Planned future phase — automated transfers between your own accounts: In a later phase, BeaverSave will offer optional automated ACH transfers strictly between accounts you own (for example, scheduled round-up payments from your own checking account to your own credit card or loan). When that feature is added, it will use additional Plaid scopes such as Auth (to verify account and routing numbers) and Plaid Transfer (or a comparable regulated transfer rail). You will be asked to authorize each rule explicitly, and transfer data (such as amount, date, and destination account) will be stored alongside the authorization record. BeaverSave does not, and will not, move money on behalf of, or to, third parties.

How Plaid handles your data is governed by Plaid’s End User Privacy Policy. Please read it.

Plaid’s expanded role (as of April 2026): Plaid updated its End User Privacy Policy on April 16, 2026 to reflect its expanded role as a direct consumer service provider (not only a data conduit). If you have a Plaid Portal account at my.plaid.com, you can review, manage, or disconnect the connections Plaid holds about you directly with Plaid, independent of BeaverSave. Revoking access at the Plaid Portal also stops Plaid from sharing new data with BeaverSave.

We use the information described above only to:

• Provide the BeaverSave service to you and your household.
• Show you your own transactions, budgets, debts, goals, and progress.
• Send you account-related emails (sign-in links, household invitations, and important account or security updates).
• Improve the service and fix issues you report.

We do not:

• Sell your data.
• Share your data with advertisers.
• Use your financial data to train machine learning models outside of features you can see in your own account.
• Read or analyze your data for any purpose unrelated to running the service.

BeaverSave shares limited information only with vendors that help us run the service (our “sub-processors”). Each one is bound by a Data Processing Addendum (DPA) that limits how they may use your data and requires them to apply appropriate technical and organizational safeguards. As of the effective date, our sub-processors are:

• Supabase — our Postgres database, authentication, and (if used) file storage. Encrypted at rest in US-East. SOC 2 Type 2 audited. DPA at supabase.com/legal/dpa.
• Vercel — hosting and edge delivery for the BeaverSave website and app. SOC 2 Type 2 audited, ISO 27001 certified, and self-certified under the EU-U.S. Data Privacy Framework. DPA at vercel.com/legal/dpa.
• Plaid — when the integration goes live and you authorize it, Plaid retrieves your account data on your behalf and passes it to BeaverSave (Plaid’s policies, governed by their own DPA, apply directly to that relationship). SOC 2 Type 2 audited. See “Information collected through Plaid” below for full detail.
• Push notification services — when you opt in to push notifications, the notification payload (title + short body) is delivered to your browser’s push service (operated by Apple, Google, Microsoft, or Mozilla, depending on your browser). We send only what’s needed for the notification itself — no underlying account data, balances, or identifiers beyond an opaque endpoint token your browser generates for us.
• SMS provider (Twilio) — when you sign in by phone OTP or enroll a phone-based MFA factor, your phone number and the 6-digit code are delivered through Twilio for the purpose of sending that text message. Twilio acts as a sub-processor under their Data Protection Addendum at twilio.com/legal/data-protection-addendum. US-bound text traffic is sent under A2P 10DLC registration with carriers, classified as “account verification.” If you only use email magic-link sign-in and TOTP MFA, no phone number is shared with Twilio.

We do not share your data with anyone else unless you ask us to, or unless required by law (e.g., a valid subpoena or court order). If we ever receive a government data request, we’ll notify you when legally permitted to do so before responding.

Data is encrypted in transit (HTTPS) and at rest in our Supabase Postgres database. Every database query is scoped to your household using Row-Level Security policies, so other users cannot see your data.

Sign-in is passwordless: choose email magic link or phone OTP at the login screen. BeaverSave does not store passwords. Two-step verification is required on every account — you can use an authenticator app (TOTP) or a phone SMS factor. We recommend TOTP as the primary factor and, optionally, SMS as a backup. SMS-based factors are weaker than TOTP because of SIM-swap risk; using both is stronger than either alone.

More detail is on our Security page.

If we ever discover that your data has been accessed or disclosed without authorization, we’ll do two things:

1. Investigate, contain the incident, and figure out what happened.
2. Tell you directly by email without unreasonable delay, and in any case within 30 days of confirming that data of yours was affected. The notice will describe (a) what we know about what happened, (b) which categories of your data were affected, (c) what we did or are doing in response, and (d) what steps you may want to take.

We’ll also notify state regulators and any other authorities required by applicable law, including the New Jersey Division of Consumer Affairs (under New Jersey’s Identity Theft Prevention Act, as amended in 2024) and the Attorney General’s Office where the New Jersey Data Privacy Act or other state law requires it. New Jersey’s breach notification window is 30 days from confirmation; we’ll beat that whenever possible.

You can, at any time:

• Edit or delete any transaction, goal, debt, or category you entered.
• Export your data as CSV from Settings → Data export (transactions, debts, goals, bills, medical YTD).
• Disconnect a linked Plaid institution from Settings (when the integration is live).
• Delete your account from Settings → Delete account in the app (one-step, immediate, cascades through your profile and the data tied personally to you). Or, if you can’t reach the app, email privacy@beaversave.app and we’ll process the deletion for you within 30 days.
• View your acceptance history and a log of sensitive actions on your account at /legal.

We respond to verifiable rights requests within 45 days at the latest, and within 15 days for opt-out requests where applicable. We may extend the 45-day window once by another 45 days when reasonably necessary (and will tell you we’re doing so).

The New Jersey Data Privacy Act (effective January 15, 2025) gives New Jersey residents specific rights over their personal data. BeaverSave honors these rights for any user, not just NJ residents:

• Right to access — confirm whether we process your personal data, and obtain a copy of it.
• Right to correct — fix inaccuracies in your personal data.
• Right to delete — have us delete your personal data.
• Right to data portability — receive your personal data in a portable, machine-readable format (we use CSV).
• Right to opt out — of the sale of your personal data, of targeted advertising, and of certain types of profiling that produce legal or similarly significant effects. (BeaverSave does not sell personal data, does not target advertising, and does not profile users for legal-or-significant-effect decisions, so this right is moot in practice — but the option is yours regardless.)
• Right to appeal — if we deny a request, you may appeal and we’ll respond within 45 days of the appeal.

To exercise any of these, email privacy@beaversave.app. We’ll verify the request comes from you (typically by sending a confirmation to the email on the account) and respond within the timelines above. If we deny a request you may also contact the New Jersey Division of Consumer Affairs.

California residents have similar rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA): access, deletion, correction, portability, and opt-out of sale or sharing.

BeaverSave does not sell your personal information. BeaverSave does not share your personal information with third parties for cross-context behavioral advertising. We have no need to display a “Do Not Sell or Share My Personal Information” link because we don’t do either.

To exercise any CCPA / CPRA right, email privacy@beaversave.app.

We keep your data for as long as your account is active. If you delete your account, we delete your data within 30 days, except where a copy is needed to comply with legal obligations (such as tax records) — those copies are retained only as long as the law requires.

BeaverSave uses only the cookies it needs to keep you signed in:

• Authentication cookies — set by Supabase Auth when you sign in via magic link. These are how the server knows it’s you. They’re HTTP-only and secure (sent only over HTTPS), and they’re scoped to the BeaverSave domain.

BeaverSave does not:

• Use third-party analytics cookies (no Google Analytics, no PostHog, no Sentry).
• Use advertising or retargeting cookies.
• Use cross-site tracking pixels.
• Share cookie data with anyone outside the vendor relationships described in “Who we share it with” above.

Because the cookies we set are strictly necessary for the service to function, no separate cookie consent banner is shown — under most US and EU rules, strictly-necessary cookies do not require opt-in consent. If we ever add cookies that aren’t strictly necessary, we’ll update this section and ask for your consent first.

BeaverSave is not intended for anyone under 18. We do not knowingly collect data from children. If you believe a child has given us data, email privacy@beaversave.app and we’ll delete it.

When we update this policy, we’ll change the effective date at the top and post the new version at this URL. Material changes will be communicated to active users by email when possible.

For privacy questions, data access or deletion requests, or to report a privacy concern:

privacy@beaversave.app — monitored by Vocally Yours LLC. We’ll acknowledge within a few business days.

For general questions, feedback, or anything that isn’t privacy-specific, you can also use hello@beaversave.app.