Your Privacy Matters

Introduction

Aspen ("we," "our," or "us") is committed to protecting your privacy and maintaining the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial management platform and voice AI assistant, Sage.

By using Aspen, you consent to the data practices described in this policy. If you do not agree with the practices described in this policy, please do not use our services.

Information We Collect

Personal Information

• Name, email address, and contact information
• Account credentials and authentication information
• Profile information and preferences
• Communication preferences and settings

Financial Information

• Bank account information (with your explicit consent)
• Transaction data and spending patterns
• Financial goals and budgeting preferences
• Investment and savings information

Voice and Conversation Data

• Voice recordings during conversations with Sage
• Transcribed text from voice interactions
• Conversation context and financial queries
• AI-generated responses and recommendations

Technical Information

• Device information and browser type
• IP address and location data
• Usage analytics and app performance data
• Cookies and similar tracking technologies

How We Use Your Data

Service Provision

• Provide personalized financial insights and recommendations
• Enable voice conversations with Sage AI assistant
• Track spending patterns and budget progress
• Send notifications about financial goals and milestones

Product Improvement

• Analyze usage patterns to improve our services
• Train and refine our AI models for better responses
• Develop new features based on user needs
• Ensure security and prevent fraudulent activities

Communication

• Send service updates and security notifications
• Provide customer support and technical assistance
• Share educational financial content (with your consent)
• Notify you about new features and improvements

Data Sharing and Disclosure

Service Providers

We may share your information with trusted service providers who help us operate our platform:

• Cloud hosting and data storage providers
• Payment processors and financial data aggregators
• AI and machine learning service providers
• Customer support and analytics platforms

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety
• Investigate fraud or security issues
• Enforce our terms of service

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

Security Measures

Technical Safeguards

• 256-bit SSL encryption for data transmission
• AES-256 encryption for data storage
• Multi-factor authentication for account access
• Regular security vulnerability assessments
• Secure cloud infrastructure with redundancy

Operational Safeguards

• Limited employee access to personal data
• Regular employee security training
• Incident response and breach notification procedures
• Third-party security audits and compliance monitoring

Voice Data Security

• Voice recordings are encrypted during transmission and storage
• Conversations are processed in secure, isolated environments
• Voice data is automatically deleted after 90 days unless explicitly saved
• Access to voice data is logged and monitored

Your Privacy Rights

You have several rights regarding your personal information:

Access and Portability

• Request a copy of your personal data
• Download your financial data in a portable format
• View your conversation history with Sage

Control and Correction

• Update or correct your personal information
• Modify your privacy preferences and settings
• Choose which communications you receive

Deletion

• Delete your account and associated data
• Remove specific voice recordings or conversations
• Request deletion of specific data categories

Opt-Out Rights

• Opt out of non-essential communications
• Disable certain data collection features
• Withdraw consent for specific data uses

Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations:

• Account data: Retained while your account is active and for 7 years after closure for legal compliance
• Financial data: Retained for 7 years as required by financial regulations
• Voice recordings: Automatically deleted after 90 days unless explicitly saved
• Usage analytics: Aggregated and anonymized after 2 years

Children's Privacy

Aspen is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

International Users

If you are accessing Aspen from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located. By using our services, you consent to this transfer.

We comply with applicable international privacy laws, including GDPR for European users and other regional privacy regulations.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Displaying a prominent notice in the app

Your continued use of our services after any changes indicates your acceptance of the updated policy.