1. Introduction

Welcome to Aestryd LLC ("we," "our," or "us"). We operate the Aestryd website and the See Beyond expense intelligence platform. We are committed to protecting your privacy and handling your personal data with transparency and care.

This Privacy Policy applies to our website, the See Beyond mobile applications (including iOS and Android), and all related services (collectively, the "Services"). By accessing or using our Services, you consent to the data practices described in this policy.

2. Information We Collect

To provide our services, we collect information you provide directly and information collected automatically:

• Account Information: Name, email address, and profile information provided during sign-up (via our identity providers like Clerk).
• Financial & Transaction Data: Receipts, invoices, and purchase data you upload or sync, including merchant names, dates, amounts, and line items. If you choose to link your bank accounts, we securely access your transaction history (merchant, amount, date) strictly in a read-only capacity through our financial data partner, Plaid. We never see, store, or have access to your bank login credentials.
• Health & Lifestyle Data: Information you voluntarily provide regarding health goals or sync from health apps to correlate spending with well-being.
• Usage & Device Data: IP address, device type, operating system, and analytics on how you interact with our features to help us improve user experience.

3. How We Use Your Information

We process your data for specific, lawful purposes:

• Service Delivery: To process receipts, categorize expenses, and generate intelligence dashboards linking spending to health and environmental impact.
• AI Improvement: To train and refine our machine learning models using anonymized and aggregated data only. Your personal identity is never used for training public models.
• Personalization: To customize your experience and provide tailored "See Beyond" scores and recommendations.
• Security & Compliance: To detect fraud, ensure account security, and comply with legal obligations.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. We share information only with:

• Service Providers & AI Partners: Trusted vendors who assist with cloud hosting, receipt OCR, payment processing, financial data aggregation (e.g., Plaid), and AI intelligence generation. These partners are bound by strict confidentiality agreements.
• Legal Requirements: If required by law, court order, or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, where data may be transferred as a business asset.

5. Data Retention, Security & Disposal

We are committed to minimizing data risk and ensuring your personal and financial information is handled securely. We retain data only as long as necessary to provide you with historical budgeting and lifestyle insights, or to comply with legal obligations.

• Financial Data Retention: Financial transaction data retrieved via Plaid is retained only as long as you use our services. If you disconnect a bank account or delete your See Beyond account, the associated transaction data is scheduled for secure deletion.
• Account Deletion: Upon a user-initiated account deletion request, we securely delete or irreversibly anonymize all associated personal and financial data within thirty (30) days, except where retention is strictly required by law (e.g., tax or legal compliance).
• Secure Disposal: We utilize enterprise-grade database providers that ensure secure, permanent cryptographic erasure of data when records are deleted. Routine system backups are naturally overwritten or rotated out according to standard lifecycles (typically within 30-90 days).

We implement industry-standard encryption (in transit and at rest) and strict access controls to protect your data.

Data Breach Notification: In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours of becoming aware of the breach, in accordance with applicable laws.

6. Your Rights

Depending on your location, you may have rights including:

• Access & Portability: Request a copy of your data in a structured format.
• Correction: Update inaccurate or incomplete information via your account settings.
• Deletion: Request total deletion of your account and associated data directly within the app or by contacting us.
• Withdraw Consent: Revoke permissions for data processing where applicable.

7. International Transfers

Your information may be processed in countries other than your residence (e.g., the United States). We ensure appropriate safeguards are in place to protect your data during such transfers, complying with applicable data protection laws.

8. Children's Privacy

Our Services are not intended for children under 13 (or 16 in certain jurisdictions). We do not knowingly collect data from children. If we discover such data, we will delete it promptly.

9. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Aestryd LLC
Email: contact@aestryd.com