Privacy

Zands HQ is a small set of personal apps built and operated by Jan Zands. This policy covers all of them, including Financial Freedom (the personal finance dashboard that connects to Plaid) and Peace of Mind (in beta).

Access to Zands HQ apps is currently limited. The applications are built and maintained with privacy and security practices that are consistent with broader use. If access expands, this page will be updated and any new users will be asked to consent to the terms in effect at that time.

Authentication

The dashboard uses authentication controls including a password and a signed session cookie to keep you logged in for up to seven days. Passwords are not stored in plain text.

Bank and credit-card data via Plaid

When you choose to connect a financial account, you authorize Plaid to access and transmit your financial data to us. Financial Freedom receives institution and account metadata (name, last four), balances, transactions, and credit-card liability details (APRs, statement dates, minimum payments, due dates). Plaid operates under Plaid’s end-user privacy policy.

Plaid collects and processes your bank login credentials directly. We do not store or have access to your bank login credentials.

Manual entries and notes

Categories, rules, notes, and tags you add to transactions are stored alongside your account data.

No analytics

The site runs no third-party analytics, advertising, or session-replay tools.

We use a single first-party cookie, fin-dash-session, to keep you signed in. It contains a signed token, lasts up to seven days, and is sent only to our own server over HTTPS. We do not use third-party cookies, advertising cookies, analytics cookies, or session-replay tools.

Financial Freedom uses the data above to provide a single view of your finances, including balances, upcoming bills, debt-payoff calculations, and transaction categorization.

We only use data obtained through Plaid for the purpose of providing the features and functionality of the application, and for no other purpose. We only request access to the data necessary to provide these features.

Optionally, when you ask Financial Freedom to suggest categorization rules, the app sends a list of unique transaction descriptions (merchant names) to Anthropic’s API to generate those suggestions. No financial data obtained via Plaid (including balances, amounts, dates, or account details) is shared with Anthropic.

• Account data, transactions, and Plaid access tokens are stored in a private Supabase Postgres database.
• Application secrets and certificates are stored as encrypted environment variables on Vercel.
• All connections between your browser, our servers, Plaid, Supabase, and Anthropic use HTTPS.

We do not sell, rent, or share your financial data with any third party for advertising or marketing purposes.

The only data flows are:

• Plaid — to retrieve and refresh account information for accounts you have connected.
• Anthropic — only when you explicitly request categorization suggestions, and only merchant descriptions are shared (no financial data).
• Supabase and Vercel — our infrastructure providers, who store and serve data on our behalf under their own security and privacy commitments.

Account, transaction, and liability data is retained for as long as your Plaid connection remains active.

If you disconnect a financial account, we revoke the associated Plaid access token and delete the related data. We do not retain Plaid data after a connection is removed, except as required for backup and system integrity purposes.

Supabase retains rolling backups according to its standard backup policy.

Zands HQ apps are not directed at children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, contact us at support@therichlife.com and we will delete it.

You can request at any time to:

• Access the data we hold about you.
• Disconnect a financial account and delete its associated data.
• Delete your account and all associated data.

You can also revoke access to your financial data at any time by disconnecting your account from Settings → Connections within the application.

For privacy or data-related inquiries, email support@therichlife.com and we will handle requests within a reasonable timeframe.

We use industry-standard security practices, including encryption, access controls, and secure storage.

HTTPS is enforced across the application with HSTS. Plaid access tokens are stored encrypted. Access to the dashboard is restricted by authentication controls.

No system is perfectly secure. If you discover a vulnerability, please report it to support@therichlife.com.

Questions about this policy or your data: support@therichlife.com.

We’ll update this page if our data practices change. The “Last updated” date at the top reflects the most recent revision.