PT
Clawfolio
Back

Privacy Policy

Last updated: April 2026. This policy describes how Clawfolio collects, uses, and protects user data.

1. Data we collect

  • Account data: name, email, and authentication data provided during registration.
  • Banking data: account names, partial account numbers, balances, and transactions obtained through your financial institution connection or statement imports.
  • Transaction data: descriptions, amounts, dates, categories, and payees for each transaction.
  • Usage data: technical information about how you interact with the platform.

2. How we use your data

Your data is used to:

  • Sync and display your financial accounts and transactions.
  • Automatically categorize transactions using artificial intelligence.
  • Generate reports, budgets, and insights about your finances.
  • Maintain the security and integrity of the platform.

3. Third-party processors

Clawfolio uses the following third-party services to operate the platform. Your financial data is shared with these services as described below:

Pluggy (bank connectivity)

We use Pluggy to connect your bank accounts through Open Finance Brasil. Pluggy receives your connection credentials and returns account and transaction data. See Pluggy's privacy policy.

Google Gemini (AI categorization and extraction)

Important: transaction data — including descriptions, amounts, and dates — is sent to the Google Gemini service for automatic categorization and bank statement data extraction. Google Gemini processes this data according to the Gemini API terms of service.

Plaid (bank connectivity — United States)

We use Plaid to connect your bank accounts in the United States. When you connect an account through Plaid, you authorize Plaid to access your account and transaction data from your financial institution. Plaid receives account identifiers, balances, and transaction history. Your banking credentials are never shared with or stored by Clawfolio — they are handled entirely by Plaid. See Plaid's end user privacy policy.

Dodo Payments (payments)

We use Dodo Payments to process payments and manage subscriptions. Dodo Payments receives your credit card data. See Dodo Payments' privacy policy.

4. Data retention and deletion

Your financial data is retained while your account is active. After subscription cancellation, we keep your data for 90 days before permanent deletion, allowing you to reactivate your account during that period.

We review our data retention practices periodically to ensure compliance with applicable data privacy laws. When data is no longer needed for the purposes described in this policy, or upon your deletion request, we permanently delete it from our systems, including any backups, within 30 days of processing.

5. Your rights

You have the right to:

  • Access all your personal data stored on the platform.
  • Request correction of incorrect data.
  • Request deletion of your account and all associated data.
  • Revoke bank connection consent at any time.

6. Data deletion

To request deletion of your account and all associated data, contact us at support@clawfolio.ai. We will process your request within 30 days.

7. Security

We adopt technical and organizational measures to protect your data, including encryption in transit (TLS 1.2+), encryption at rest (AES-256), role-based access control, and data isolation between users. Sensitive credentials such as bank connection tokens are stored using vault-based encryption and are never exposed in plain text.

8. Contact

For questions about this policy or about the processing of your data, contact us at support@clawfolio.ai.