Privacy Policy

Introduction

Evernest is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our retirement planning calculator and services.

Information We Collect

Personal Information

We collect information that you provide directly to us, including:

• Account information (name, email address, password)
• Financial planning data (income, expenses, assets, retirement goals)
• Payment information (processed securely through Stripe)
• Communications with our support team

How We Use Your Information

• Provide, maintain, and improve our services
• Process your retirement projections and calculations
• Manage your account and subscription
• Send you technical notices, updates, and support messages
• Respond to your comments and questions
• Detect, prevent, and address technical issues and security threats

Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• All data is encrypted in transit using TLS/SSL
• Sensitive data is encrypted at rest
• Access to personal information is restricted to authorized personnel only
• We regularly review and update our security practices

Third-Party Services

Our Service uses third-party services that may collect information used to identify you:

• Stripe: We use Stripe for payment processing. When you make a purchase, Stripe collects and processes your payment information according to their privacy policy.
• Google Analytics: We use Google Analytics to understand how visitors use our website. This service may collect information such as your IP address, browser type, pages visited, and time spent on pages.
• Digital Ocean: Our application and database are hosted on Digital Ocean's infrastructure in secure data centers.

We recommend reviewing the privacy policies of these third-party services to understand their data practices.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: We may share your information with service providers who perform services on our behalf (e.g., payment processing, hosting)
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities
• Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction
• Protection of Rights: We may disclose information when we believe it is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You have the right to request a copy of the personal information we hold about you. You can export your financial data at any time from your account settings.

Correction

You can update most of your personal information directly through your account settings. If you need assistance, contact our support team.

Deletion

You have the right to request deletion of your personal information. You can delete your account from your account settings, which will remove all your personal data from our systems within 30 days. Please note that we may retain certain information as required by law or for legitimate business purposes.

Marketing Communications

You can opt out of receiving promotional emails from us by following the unsubscribe link in those emails. Even if you opt out, we may still send you transactional emails related to your account.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information:

• Essential Cookies: Required for the Service to function, including authentication and security
• Analytics Cookies: Help us understand how visitors interact with our Service by collecting and reporting information anonymously
• Preference Cookies: Remember your preferences and settings (such as dark mode theme)

Most web browsers are set to accept cookies by default. You can choose to set your browser to remove or reject cookies, but this may affect the availability and functionality of our Service.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to:

• Comply with our legal obligations
• Resolve disputes
• Enforce our agreements
• Maintain business records

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect, use, and disclose
• The right to request deletion of your personal information
• The right to opt-out of the sale of personal information (Note: We do not sell personal information)
• The right to non-discrimination for exercising your CCPA rights

To exercise any of these rights, please contact us at [email protected]. We will verify your identity before processing your request.

European Economic Area (EEA) Rights

If you are located in the EEA, you have certain data protection rights under the General Data Protection Regulation (GDPR):

• The right to access, update, or delete your personal information
• The right to rectification if your information is inaccurate or incomplete
• The right to object to processing of your personal information
• The right to data portability
• The right to withdraw consent at any time
• The right to lodge a complaint with a supervisory authority

Our legal basis for processing your personal information includes: your consent, performance of a contract, compliance with legal obligations, and our legitimate business interests.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy.

We will notify you via email or a prominent notice on our Service prior to the change becoming effective if the changes materially affect your rights. We encourage you to review this Privacy Policy periodically for any changes.

Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

Security Measures

The security of your personal information is important to us. We implement industry-standard security measures including:

• TLS/SSL encryption for all data in transit
• Encryption of sensitive data at rest in our databases
• Regular security audits and vulnerability assessments
• Restricted access to personal information on a need-to-know basis
• Secure authentication with JWT tokens and refresh token rotation
• Regular security updates and patches to our systems
• Monitoring for suspicious activity and unauthorized access attempts

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: