HGIJersey LLC Effective Date: [EFFECTIVE_DATE]
Tack ("Tack," "we," "us," or "our") is a mobile application operated by HGIJersey LLC. Tack connects to your bank accounts to surface personalized financial insights by cross-referencing your financial data with publicly available macroeconomic data such as Federal Reserve rates, CPI figures, and Treasury yields.
This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have. We believe in transparency and plain language, so we have written this policy to be as clear and straightforward as possible.
Important: Tack provides financial information and education only. Nothing in the app constitutes financial advice, and Tack is not a registered investment adviser, broker-dealer, or financial planner.
By creating an account or using Tack, you agree to the practices described in this Privacy Policy.
We collect information from several sources to provide and improve Tack. Here is a breakdown of each category.
When you connect a bank, credit card, investment, mortgage, or loan account through Plaid, we receive the following types of data:
We access this data through Plaid's secure API. Your bank login credentials are never transmitted to or stored by Tack. They are handled entirely by Plaid. See Section 4.1 for more on how Plaid handles your data.
When you create a Tack account, we collect:
Authentication is managed through Supabase Auth. See Section 4.5 for details.
Tack ingests publicly available economic data to power its insights. This data includes:
This data is publicly available, contains no personally identifiable information, and is not linked to any individual user.
We collect standard mobile analytics data to maintain and improve the app, including:
Tack displays ads through Google AdMob. AdMob may collect device-level identifiers and anonymized signals for the purpose of serving relevant ads. See Section 4.3 for details.
When you tap a partner referral link within Tack, we track the click for affiliate attribution purposes only. We do not share your personal financial data with affiliate partners.
We use the information described above for the following purposes:
| Purpose | Data Used |
|---|---|
| Generate personalized financial insights | Financial account data + macroeconomic data, processed through our AI insight engine |
| Operate and maintain your account | Email, hashed password |
| Send push notifications | Firebase push tokens (with your permission) |
| Improve the app | Aggregated analytics and usage data |
| Display ads | Anonymized device-level data via AdMob |
| Provide customer support | Email, account information |
| Comply with legal obligations | Any data as required by applicable law |
Tack sends portions of your financial data to Anthropic's Claude API to generate natural language insights. For example, we may send your mortgage rate along with the current Federal Reserve rate to produce an insight about refinancing. Anthropic does not retain your data after processing, and the data is not used to train AI models. See Section 4.2 for more.
We do not sell your personal data. We have never sold personal data, and we will not sell personal data in the future.
We share information only in the following limited circumstances:
We share data with the third-party service providers listed in Section 4 strictly for the purposes of operating Tack. Each provider receives only the minimum data necessary to perform its function.
We may disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request, including to meet national security or law enforcement requirements.
If HGIJersey LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice in the app before your information becomes subject to a different privacy policy.
We may share information in other ways if you specifically direct us to or give us your explicit consent.
Tack relies on the following third-party services to operate. Each has its own privacy practices, and we encourage you to review their policies.
Plaid powers the secure connection between your financial institutions and Tack. When you connect an account, you authenticate directly with Plaid through Plaid Link. Your bank login credentials are handled entirely by Plaid and are never seen or stored by Tack.
We store an encrypted Plaid access token that allows us to retrieve updated financial data on your behalf. This token does not contain your bank credentials.
Plaid's handling of your data is governed by Plaid's End User Privacy Policy. By connecting an account through Plaid Link, you consent to Plaid's data practices as described in their policy.
You can disconnect any linked account at any time from within Tack. When you disconnect an account or delete your Tack account, we revoke the associated Plaid access token using Plaid's /item/remove endpoint, which terminates Plaid's access to that institution on your behalf.
Tack uses Anthropic's Claude API to generate natural language financial insights. When we make an API request, we send relevant portions of your financial data (such as account balances, rates, or transaction patterns) along with macroeconomic context.
Key points about Anthropic's data handling:
For more information, see Anthropic's Privacy Policy.
Tack uses Google AdMob to display ads within the app. AdMob may collect and use device-level identifiers and anonymized signals for ad personalization and measurement. AdMob does not receive your financial account data.
You can manage your ad personalization preferences through your device settings:
For more information, see Google's Privacy Policy.
We use Firebase Cloud Messaging (FCM) to deliver push notifications when new insights are available or when economic events may affect your finances. Firebase receives your device push token but does not have access to your financial data.
You can disable push notifications at any time through your device settings or within the app.
For more information, see Firebase's Privacy and Security documentation.
Tack uses Supabase for user authentication and database hosting. Your email address, hashed password, and financial data are stored in Supabase's infrastructure. Supabase employs encryption at rest and in transit, access controls, and regular security audits.
For more information, see Supabase's Privacy Policy.
We take the security of your financial data seriously and implement safeguards consistent with the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule. Our security measures include:
While we implement commercially reasonable safeguards, no method of electronic transmission or storage is perfectly secure. If you become aware of any unauthorized access to your account, please contact us immediately at privacy@trytack.app.
Regardless of where you live, you can:
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following additional rights:
Right to Know: You may request a detailed report of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share it.
Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions permitted by law (for example, data we must retain for legal or compliance purposes).
Right to Opt-Out of Sale: We do not sell your personal information. Because we do not engage in the sale of personal data, there is no need to opt out. However, if our practices ever change, we will update this policy and provide a "Do Not Sell My Personal Information" mechanism.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. You will not receive different pricing or a different quality of service for making a privacy request.
How to exercise your rights: Submit a request by emailing privacy@trytack.app with the subject line "CCPA Request." We will verify your identity before processing your request and respond within 45 days as required by law.
You may request a copy of your personal data in a portable, machine-readable format by emailing privacy@trytack.app.
You can delete your account from within the app or by emailing privacy@trytack.app. When you delete your account:
We retain your data only as long as necessary to provide our services and fulfill the purposes described in this policy.
| Data Type | Retention Practice |
|---|---|
| Financial account data | Refreshed and overwritten on each sync. Deleted within 30 days of account deletion. |
| Plaid access tokens | Stored encrypted while your account is active. Revoked and deleted upon account disconnection or account deletion. |
| User account data (email, hashed password) | Retained while your account is active. Deleted within 30 days of account deletion. |
| Device and analytics data | Retained in aggregated form for up to 24 months. |
| Push notification tokens | Deleted when you disable notifications or delete your account. |
We may retain certain information for longer periods if required by law, regulation, or legitimate business needs such as fraud prevention, dispute resolution, or enforcement of our terms.
Tack is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@trytack.app, and we will promptly delete that information.
Users must be at least 18 years old to create a Tack account.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how your data is handled, please contact us:
HGIJersey LLC Email: privacy@trytack.app Website: https://trytack.app
For CCPA requests, please include "CCPA Request" in the subject line of your email.
We aim to respond to all privacy-related inquiries within 10 business days.
HGIJersey LLC collects nonpublic personal financial information as described in this policy. We do not disclose nonpublic personal information to nonaffiliated third parties except as described herein and as permitted by law. We maintain physical, electronic, and procedural safeguards that comply with applicable federal and state regulations to protect your nonpublic personal financial information.
Residents of certain states may have additional privacy rights under their state laws. If you are a resident of a state with specific privacy legislation and wish to exercise rights not covered above, please contact us at privacy@trytack.app and reference your state of residence.
This Privacy Policy applies to the Tack mobile application (com.trytack.app) available on iOS and Android.