Privacy Policy

Last updated: 2026-06-03

Data we collect

• Account: email address, hashed password (argon2id), optional display name.
• Optional MFA secret (encrypted at rest in PostgreSQL).
• Cashflow items and Net Worth entries you create.
• Operational telemetry: request paths, response times, error stacks (no payloads).

How we use it

Solely to provide the Service: authenticating you, storing your records, computing your RatRace Score, and producing exports/reports you request.

Where it lives

Production data is stored in Microsoft Azure (PostgreSQL Flexible Server) in the region you selected at sign-up. Backups are encrypted at rest and retained per Azure defaults. No data is sold or shared with advertisers.

Sub-processors

• Microsoft Azure (compute, database, storage, telemetry, transactional email).
• Open Exchange Rates (publishes daily FX rates only; we send no user data).

Your rights

You may export all your data at any time (JSON export) or permanently delete your account from your Profile page. Deletion is immediate and irreversible.

Contact

For privacy questions: privacy@ratracescore.com