Introduction

This Privacy Policy explains how Cadence collects, uses, and protects your information. We comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

Information We Collect

Information You Provide

• Account Information: Name, email address, and password
• Financial Data: Transactions, accounts, assets, liabilities, budgets, goals, and income sources you enter manually
• Support Communications: Messages you send to our support team

Information from Plaid

When you connect a financial institution through Plaid, we receive:

• Account Information: Account name, type, official name, and last four digits
• Balance Information: Current and available balances
• Transaction Data: Descriptions, amounts, dates, merchant names, and categories
• Institution Information: Name and identifier of your financial institution

Plaid has its own privacy policy: plaid.com/legal

Information Collected Automatically

• Device Information: Device type, operating system, browser type
• Usage Data: Features used, application errors, and performance metrics

How We Use Your Information

• Service Provision: Calculating net worth, budget tracking, and financial insights
• Security: Detecting unauthorized access and maintaining application security
• Improvements: Fixing bugs and improving functionality
• Legal Compliance: Meeting legal obligations under Canadian law

Affiliate Links & Partner Offers

We may display financial product offers (such as chequing accounts, credit cards, and investment platforms) within the application. These offers contain affiliate links, and we may earn a commission if you sign up through them.

How Offers Are Selected

• Currently: We curate a selection of offers we believe provide good value
• In the future: Offers may be personalized based on your financial profile (such as account types you've added or spending categories), but this personalization happens entirely within the app

What We Share With Partners

• No personal or financial data is shared with affiliate partners
• Partners only receive click and conversion attribution (they know the signup came from Cadence, but receive no information about you)

Opting Out

Cadence+ and Cadence Premium subscribers do not see affiliate offers. You can upgrade at any time through the app.

How We Protect Your Information

• Encryption in Transit: All data encrypted using TLS 1.2 or higher
• Encryption at Rest: Database encrypted using AES-256; Plaid access tokens receive additional AES-256-GCM encryption
• Access Controls: Two-factor authentication, Row-Level Security on all user data tables
• Session Security: Automatic timeout after inactivity

When We Share Your Information

We do not sell your information. Ever. We limit sharing to only what's necessary:

Service Providers

We use trusted service providers to store and process your data. These providers only access your data as needed to provide their services to us:

• Database & Authentication: Your account and financial data is stored securely in our database infrastructure
• Bank Connections: When you connect accounts via Plaid, Plaid processes your credentials—we never see them

Legal Requirements

We may share information if required by law, court order, or valid legal process.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you before your information becomes subject to a different privacy policy.

Where Your Data Is Stored

Your data is stored using infrastructure based in the United States. By using Cadence, you consent to this storage. We ensure our providers maintain appropriate security standards.

Your Rights

• Access: View your data through the application
• Correction: Update your information at any time
• Deletion: Delete your account and all data through Settings
• Disconnect Plaid: Remove connected accounts at any time, which immediately deletes access tokens

We respond to privacy requests within 30 days.

Data Breach Notification

In the event of a data breach affecting your personal information:

• We will notify affected users within 72 hours of confirming the breach
• We will report to the Office of the Privacy Commissioner as required by PIPEDA
• We will provide information about what data was affected and steps you can take

Cookies

We use essential cookies for authentication and session management.

Children's Privacy

Cadence is not intended for individuals under 18. We do not knowingly collect information from children.

Changes to This Policy

We will notify you of significant changes via email or in-app notification at least 30 days before changes take effect.

Consent

By using Cadence, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. You may withdraw consent at any time by deleting your account.