1. Information we collect
Information you provide
- Account & profile — your name, email address, and the password or sign-in identity you use to authenticate.
- Financial entries you create — earnings, bills and expenses (recurring and one-time), budgets, savings goals, subscriptions, debts, assets, and notes you enter manually.
- Support communications — messages you send us by email.
Financial data you import
- Statements you upload — when you import OFX, QFX, CSV, or PDF statements, we read the transactions, balances, account numbers (we typically retain only the last four digits), card names, due dates, and similar details to populate your dashboard. PDF text extraction may run in your browser or on our servers.
- Derived information — we automatically detect recurring income, bills, and subscriptions, project future cash flow, and calculate balances, net worth, and debt-payoff plans from the data above.
Connected bank data
If you choose to link a financial institution, account and transaction data is retrieved through our connectivity provider (Plaid). Bank login credentials are handled by that provider and are not stored by Clear Mint or exposed to your browser.
Payment information
Paid plans are processed by Stripe. Clear Mint does not receive or store your full card number; Stripe handles card data and returns only limited details (such as plan, status, and the last four digits) needed to manage your subscription.
Usage & device data
We collect basic technical information such as browser type, device, and interactions needed to operate, secure, and improve the Service.
2. How we use your information
- Provide the Service — display your accounts, transactions, budgets, projections, reports, and insights.
- Reconcile balances, detect recurring items, and generate cash-flow, debt, and net-worth analyses.
- Process payments, manage subscriptions and free trials, and prevent billing fraud.
- Send transactional and optional report emails you have enabled (for example, monthly summaries or bill reminders).
- Maintain security, debug, prevent abuse, and comply with legal obligations.
We do not sell your personal information, and we do not use your financial data for advertising.
Email & CASL. Transactional emails (such as receipts, security notices, and report emails you turned on) support the Service you requested. Any marketing or promotional email is sent only with your express consent, identifies Clear Mint with a contact address, and includes a working unsubscribe link that we honour promptly — consistent with Canada’s Anti-Spam Legislation (CASL). You can change report-email preferences in Settings.
3. AI features
Clear Mint includes optional AI features (such as the “Mint” financial coach, chat, and recommendations). When you use them, the specific financial context needed to answer your request may be sent to a third-party AI provider (for example, Google Gemini or Groq) to generate a response. We send only what is needed for the feature, and we instruct providers to process the request to serve you — not to train their models on your data, subject to each provider’s terms. AI output is generated automatically, may be inaccurate, and is for information only — see our Terms. You can choose not to use these features.
4. Google Sign-In & Google user data (Limited Use)
You can choose to sign in to Clear Mint with your Google Account. When you do, Google shares a limited set of profile information with us based on the permissions you grant — typically your name, email address, and Google account identifier. We use this Google user data only to create and secure your Clear Mint account, sign you in, and address you by name. We do not use Google user data for advertising, and we do not use it to train AI models. It is stored with your profile (see “Storage, security & retention”) and is never sold.
Clear Mint’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. You can revoke Clear Mint’s access to your Google Account at any time from your Google Account permissions page.
5. How we share — service providers & subprocessors
We share data only with vendors that help us run the Service, each under contractual confidentiality and data-protection obligations:
| Provider | Purpose |
|---|---|
| Supabase | Database, authentication, and secure cloud storage of your account data |
| Vercel | Application hosting and delivery |
| Plaid | Optional bank-account connectivity |
| Stripe | Subscription billing and payment processing |
| Google (Gemini) / Groq | Optional AI coaching, chat, and recommendations |
| Resend | Transactional and report emails |
| logo.dev | Merchant and bank logos shown next to transactions |
| Exchange-rate provider | Currency conversion |
We may also disclose information if required by law, to protect our rights or users’ safety, or in connection with a merger or acquisition (with notice where required).
6. Bank connections
Linking a bank is optional. When you do, you authorize Clear Mint and Plaid to access the account and transaction information you select. You can disconnect an institution at any time; removing it stops future data retrieval, and you can delete the imported data from your account.
Bank connectivity is provided by Plaid Inc. By connecting an account, you also agree to Plaid’s handling of your information as described in the Plaid End User Privacy Policy. You can review and revoke Plaid connections at my.plaid.com.
7. Cookies & local storage
Clear Mint is offline-first: much of your data is cached in your browser’s local storage so the app works quickly and without a constant connection. We also use a small number of cookies and tokens that are strictly necessary to keep you signed in and to operate the Service. We do not use third-party advertising cookies. Clearing your browser storage removes the local cache; signing out clears your session. For full details, see our Cookie & Ad Disclosure.
8. Storage, security & retention
- Isolation — cloud data is protected by row-level security so that one user cannot read another user’s data.
- In transit — data is encrypted using HTTPS/TLS between your device and our services.
- Session protection — an optional auto sign-out signs you out after a period of inactivity that you can configure.
- Retention — we keep your data while your account is active. When you delete an account, or specific accounts/transactions, the associated records are removed from your active dataset; residual copies may persist briefly in backups before expiring. See our Data Retention page for periods and our Data & Account Deletion page for how to delete your data.
No method of transmission or storage is perfectly secure, but we work to protect your information using appropriate safeguards.
9. Your rights & choices
- Access & portability — you can view and export your data from within the app.
- Correction — you can edit or delete any entry, account, or transaction.
- Deletion — deleting an account in the app removes its data, including the transactions imported with it; you may also request full account deletion by email.
- Email preferences — report emails are opt-in and can be turned off in Settings.
- Bank links — you can disconnect a linked institution at any time.
Depending on where you live (including under Canada’s PIPEDA and applicable provincial laws), you may have additional rights to access, correct, or withdraw consent for the processing of your personal information. Contact us to exercise them.
Quebec residents (Law 25). If you reside in Quebec, you also have rights under the Act respecting the protection of personal information in the private sector (Law 25), including rights of access, rectification, de-indexing, and data portability, and the right to be informed about automated processing. We obtain your explicit consent before activating any non-essential tracking technology, and our Privacy Officer (named below) is the Person in Charge of the Protection of Personal Information for these purposes. You may also file a complaint with the Commission d’accès à l’information du Québec.
10. Data location & transfers
Clear Mint serves Canadian users and uses reputable cloud providers that may process or store data in Canada and/or the United States. Where data crosses borders, we rely on our providers’ safeguards and contractual protections.
11. Children’s privacy
Clear Mint is intended for adults (the age of majority in your province or territory) and is not directed to children. We do not knowingly collect personal information from children. Family budgeting features are for use by the account-holding adult.
12. Changes to this policy
We may update this policy as the Service evolves. We will revise the “Last updated” date above and, for material changes, provide additional notice. Continued use after an update means you accept the revised policy.
13. Contact us & our Privacy Officer
Clear Mint has designated a Privacy Officer who is accountable for our compliance with this policy and applicable privacy laws (PIPEDA and Quebec’s Law 25). For any privacy question or request — access, correction, deletion, withdrawal of consent, or a complaint — contact:
Privacy Officer, Clear Mint, Inc.
Ontario, Canada
Email: support@clearmint.ca
We will respond within the time required by applicable law. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada or your provincial regulator.