RAI SolutionsBack to Dashboard

Privacy Policy

Last updated: October 2025

Data Access & Security

When you connect your bank, FinHealth Coach never sees or stores your login details. You authenticate directly with your bank through our licensed Open Banking partners:

  • Australia: Basiq Pty Ltd (Accredited Data Recipient under the Consumer Data Right)
  • United Kingdom: TrueLayer Ltd and Tink AB (FCA-regulated Open Banking providers)

Our connection uses OAuth 2.0 and bank-grade encryption. We only receive consented, read-only data:

  • Account name and type (e.g. “Everyday Account”)
  • Masked account numbers (e.g. xxxx1234)
  • Transaction details (date, merchant, amount, description)

We do not receive or store full account numbers, BSBs, or Sort Codes.

All data is encrypted and processed securely. You can revoke access or delete your data any time in Settings → Privacy.

Who we are

FinHealth Coach ("we", "us") provides personal finance insights. For MVP we operate in Australia (AU) and the United Kingdom (UK).

What data we collect

With your explicit consent, we access banking data via Open Banking providers.

How we use your data

We use your data to provide insights, spending analysis, and budgeting features. We do not sell your data.

Legal basis

We process banking data on the basis of your consent. You may revoke consent at any time.

Data retention

We retain data while you use the service and delete or anonymise it upon request or when no longer needed.

Your rights

  • Access and portability of your data
  • Correction and deletion
  • Withdraw consent at any time
  • Lodge a complaint with your local authority (OAIC in AU, ICO in UK)

How to revoke or delete

Visit Settings → Privacy to revoke provider access or request data deletion.

Compliance documents

See our Sub-processors and Data Retention documents for transparency.

Contact

Email: privacy@finhealth.example