Flirting with Finance
Flirting with Finance
Log inStart free

Privacy Policy

Last updated: 16 June 2026

1. Who we are

Flirting with Finance (“we”, “us”) provides AI-powered mutual fund research and analytics for Indian investors. This policy explains what data we collect and how we use it.

2. What we collect

  • Account data: your name, email, and password (stored only as a bcrypt hash — we never see your plaintext password).
  • Portfolio data: mutual fund holdings you enter or import via a CAS PDF — scheme codes, units, cost, dates. Used only to run your tax, goal, and overlap analysis.
  • Usage data: which features you use (research runs, CAS imports) for plan limits and product improvement.
  • Payment data: handled by our payment processor. We store only subscription status and invoice references — never your card details.

3. CAS PDFs

When you upload a Consolidated Account Statement, we parse it in memory to extract your holdings, persist the resulting holdings to your account, and then discard the uploaded PDF. We do not retain the raw CAS file after parsing.

4. How we use your data

To provide the Service: run analysis, generate reports, enforce plan limits, process payments, and send transactional emails (verification, password reset, alerts you opt into). We do not sell your personal or portfolio data to anyone.

5. Data isolation

Your data is logically isolated per account. Every query is scoped to your user ID. Other users — including other RIAs on the platform — cannot access your holdings, clients, or reports.

6. Third parties

We use a small set of processors to operate: a database and hosting provider, a transactional email service, and a payment processor. We share only the minimum data each needs to function. We query public data sources (AMFI, MFAPI, Kuvera) using fund scheme codes — never your personal data.

7. Data retention

We keep your account and portfolio data while your account is active. You can request deletion of your account and associated data at any time by emailing us; we will delete it within a reasonable period, except where retention is required by law (e.g. invoice records).

8. Your rights

You can access, correct, export, or delete your data. Email us to exercise any of these rights.

9. Security

Passwords are bcrypt-hashed. Sessions use signed JWTs. The database is bound to localhost on our server and is not exposed to the public internet. No system is perfectly secure, but we take reasonable measures to protect your data.

10. Contact

Privacy questions or deletion requests: hello@flirtingwithfinance.com.