Introduction

aequitas labs LLC ("we," "us," or "our") operates the matcha money website and application (the "Service"). We are committed to protecting your personal and financial information. This Privacy Policy explains how we collect, use, and share information when you use our Service.

Information We Collect

1. Account Information

• When you create an account, we collect your email address and authentication credentials (managed via secure providers).
• If you subscribe to a paid plan, our payment processor (Stripe) collects your billing details. We do not store full credit card numbers on our servers.

2. Financial Data

We use Plaid Inc. ("Plaid") to connect your financial accounts. When you connect a bank account, we collect and store:

• Account balances and names
• Transaction history (merchant names, dates, amounts, categories)
• Investment holdings

We do not store your online banking username or password. These are handled exclusively by Plaid.

3. Usage Data

We use privacy-preserving analytics to understand website traffic. This data is anonymized and does not track your browsing history across other websites.

How We Use Your Information

• To provide the budgeting, forecasting, and net worth tracking features of the Service.
• To maintain and improve our infrastructure and security.
• To communicate with you regarding your account, security alerts, or support requests.

Data Sharing and Subprocessors

We do not sell your personal data. We only share data with third-party service providers ("Subprocessors") required to operate the Service:

Family & Shared Workspaces

matcha money allows you to create or join a "Family" to manage finances together.

• Internal Sharing: If you invite other members (e.g., a partner or spouse) to your Family, they will have access to view the financial data, accounts, and transactions associated with that Family.
• Consent: By joining a shared Family, you consent to sharing your connected financial data with the other members of that Family.
• Control: The Family Owner (Admin) controls member access and can revoke access at any time.

External AI Agents (User-Directed Sharing)

matcha money is designed to act as a data source for Artificial Intelligence agents (e.g., ChatGPT, Claude). We do not internally process your data using AI models.

If you choose to connect an external AI Agent to your matcha money account (via API Key or OAuth):

1. You explicitly authorize us to transmit your financial data to that third-party AI provider.
2. Once data leaves our infrastructure, it is governed by that AI provider's Privacy Policy.
3. We are not responsible for how external AI agents use, store, or hallucinate based on your data.

Data Retention & Deletion

• We retain your data as long as your account is active.
• You may request account deletion at any time by emailing support@matcha.money or using the "Delete Account" feature in Settings.
• Upon deletion, we will purge your data from our database and instruct Plaid to revoke access to your financial institutions.

Security

We implement industry-standard security measures, including:

• Encryption of sensitive tokens (AES-256) at rest.
• TLS/SSL for all data in transit.
• Strict access controls for internal operations.

1. Acceptance of Terms

By accessing or using matcha money, you agree to be bound by these Terms. If you disagree with any part of the terms, you may not use the Service.

2. Description of Service

matcha money is a personal finance dashboard and API provider. It allows users to aggregate financial data and access it via a web interface or programmatic API.

3. Not Financial Advice

THE SERVICE IS FOR INFORMATIONAL PURPOSES ONLY.

• matcha money is not a financial planner, broker, or tax advisor.
• The Service is intended to assist you in your financial organization and decision-making and is broad in scope.
• Your financial situation is unique, and any information sourced via the Service (or via AI agents connected to the Service) may not be appropriate for your situation.
• You should verify all financial data (bank balances, transaction amounts) with your financial institution before making decisions.

4. User Responsibilities

• Security: You are responsible for safeguarding your login credentials and API Keys. You must notify us immediately of any unauthorized use of your account.
• Shared Access: If you invite others to your account (e.g., Family Mode), you are responsible for their actions within the Service.
• API Usage: You agree not to use the API for any illegal purpose, or to overload our infrastructure ("button mashing" or DDoS). We reserve the right to revoke API keys or ban users for abusive behavior.

5. Third-Party Services

• Plaid: By using our Service, you grant Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your relevant financial institution. You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid Privacy Policy.
• AI Agents: If you connect third-party tools (like ChatGPT or Claude) to our Service, you assume all risks associated with sharing your financial data with those tools. We make no warranties regarding the accuracy or security of third-party AI models.

6. Subscription & Refunds

• Billing: Paid services are billed in advance on a subscription basis (Monthly or Annual).
• Cancellation: You may cancel your subscription at any time. Your access will generally continue until the end of the current billing period.
• Refund Policy:
  • Monthly Plans: Generally non-refundable.
  • Annual Plans: We offer pro-rated refunds for Annual plans. If you cancel an Annual subscription, you will be refunded for the unused full months remaining in your term. (e.g., If you use 3 months of a 12-month term, we will refund the remaining 9 months).
  • Satisfaction Guarantee: If you are unsatisfied with the service or experience technical issues, please contact support@matcha.money.

7. Limitation of Liability

To the maximum extent permitted by law, Aequitas Labs LLC shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses, resulting from (a) your access to or use of or inability to access or use the Service; (b) any conduct or content of any third party on the Service.

8. Governing Law

These Terms shall be governed by the laws of the State of Maryland, without respect to its conflict of laws principles.

Our Approach to Cookies

We believe in minimizing data tracking. matcha money does not use tracking cookies, advertising pixels, or third-party marketing scripts.

Strictly Necessary Cookies

We use a limited number of cookies that are essential for the Service to function. According to privacy laws (such as GDPR and ePrivacy Directive), these cookies do not require user consent because the website cannot function without them.

Analytics (Cookie-less)

To improve our Service, we use privacy-preserving analytics tools.

• These tools are configured to run in a "privacy-friendly" mode.
• They do not place persistent cookies on your device to track your history across other websites.
• Data is anonymized or stored in ephemeral local storage only while you are actively using our application to prevent data loss during your session.

Managing Cookies

Most web browsers allow you to control cookies through their settings preferences. However, if you limit the ability of websites to set strictly necessary cookies, you may be unable to log in to matcha money.