Privacy Policy for Cognirithm Money
Last Updated: October 1, 2025
This Privacy Policy describes how Chosenhomeland Solution LLC ("**Cognirithm Money**," "we," "us," or "our") collects, uses, shares, and protects your information when you use our premium personal financial management (PFM) mobile application.
Our Commitment: We operate on a subscription-only business model. We guarantee that **Cognirithm Money** does not, and will never, sell your personal or financial data to third parties. Your data is used exclusively to provide and improve the service.
1. Information We Collect
We collect information necessary to provide a secure, accurate, and AI-powered financial service. This includes:
A. Personal Identification Information (PII)
- User Account Information: Name, email address, password (hashed and encrypted), and unique user ID (managed via **Azure AD B2C**).
- Biometric Data: If enabled, we process local device biometric data (e.g., fingerprint, face ID) for secure login. This data is **never stored** on our servers; it remains securely on your device.
B. Financial Data (Via Plaid)
We partner with **Plaid**, a leading financial data aggregation service, to connect your financial accounts securely. Plaid connects to your financial institution; we never access your bank login credentials.
- Connected Account Details: Account names, types (checking, savings, investment, credit), and real-time balances.
- Transaction History: Date, amount, merchant description, and category (used by our Cognirithm AI for analysis).
- Investment Data: Holdings, asset types, and market values for net worth calculations.
Data Usage: This data is processed by our secure **Azure Functions** and stored in encrypted **Azure Cosmos DB** and **Azure Data Lake Storage** to provide core PFM features (e.g., net worth tracking, budgeting, and AI predictions).
C. Usage and Technical Data
- Device & Usage Data: IP address, device type, operating system (Android OS details), app version, crash reports, and usage patterns (e.g., features used, session length). This is collected via **Azure Application Insights** to monitor app performance and stability.
- Log Data: Diagnostic and logging information related to serverless function execution (**Azure Functions**) and API gateway activity (**Azure API Management**) for security and compliance auditing.
2. How We Use Your Information
We use the collected information for the following primary purposes:
- Service Delivery: To provide and maintain your PFM dashboard, transaction categorization, and account synchronization.
- AI-Powered Features: To train and deploy our **Cognirithm AI/ML models** (**Azure Databricks/ML**) to generate predictive cash flow alerts, smart budgeting recommendations, and anomaly detection.
- Security and Compliance: To verify your identity (**Azure AD B2C**), prevent fraud, protect data from unauthorized access (**Azure Key Vault**), and maintain audit logs for financial compliance (GLBA, SOC 2).
- Improvement and Optimization: To monitor app performance (**Azure Application Insights**) and identify bugs, ensuring the superior Android experience we promise.
- Customer Support: To respond to your support inquiries and technical issues.
3. How We Share Your Information
We do not sell your data. We share your information only under the following specific circumstances:
- With Financial Aggregator (Plaid): Your data is necessarily shared with Plaid to link and synchronize your financial accounts. Plaid acts as a necessary **Key Partner** in delivering the service.
- With Service Providers: We use third-party services (e.g., Stripe for subscription payment processing, SendGrid for transactional emails, Azure for cloud hosting) under strict confidentiality agreements to help operate our business. These providers only access the data required for their specific function.
- For Legal Reasons: If required by law, subpoena, or legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
- In a Business Transfer: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, provided the acquirer adheres to this Privacy Policy.
4. Data Storage and Security
We employ enterprise-grade security practices consistent with the financial industry, leveraging the robust security features of the Microsoft Azure cloud ecosystem:
- Encryption: Data is encrypted **in transit** (using TLS 1.3) and **at rest** (using AES-256 encryption in **Azure Cosmos DB** and **Azure Data Lake**).
- Access Control: Access to customer data is strictly limited to authorized personnel using the **Principle of Least Privilege** and multi-factor authentication (MFA).
- Infrastructure Security: We utilize **Azure Security Center** for threat detection, **Azure Key Vault** for secrets management, and are designed for compliance with standards like **SOC 2 Type II** and **PCI DSS**.
5. Your Choices and Rights
You have control over your information:
- Account Access: You can review, update, and correct your personal information directly within the app's **Settings** menu.
- Account Deletion: You may request permanent deletion of your account and all associated data by contacting us. Upon confirmation, we will remove all identifiable PII and financial data from our production systems, subject to necessary legal retention requirements (e.g., compliance audit logs).
- Opt-Out of Data Aggregation: You may disconnect financial accounts at any time via the Plaid integration, though this will limit the app's functionality (e.g., no real-time sync or predictive alerts).
- Marketing Communications: You can opt-out of promotional emails at any time.
6. Children's Privacy
Our service is intended for users who are **18 years of age or older** (Target demographic 25-45). We do not knowingly collect personal information from children under 13. If we become aware that we have collected PII from a child under 13, we will take steps to delete that information promptly.
7. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of any significant changes by posting the new policy within the app and on this page, and by updating the "Last Updated" date above. Your continued use of the service after any changes constitutes acceptance of the new policy.