Privacy Policy

Effective Date: November 20, 2024
Last Updated: January 13, 2026

1. Introduction

Welcome to Cobalance ("we," "our," or "us"). Cobalance is owned and operated by Reality Bound LLC, a Florida limited liability company. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.cobalance.io (the "Site"), use our financial management application (the "Service"), or sign up for our waitlist. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Site or Service or provide your information.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

2. Information We Collect

Information You Provide to Us

Waitlist Information

When you join our waitlist, we collect:

  • Email address
  • Any additional information you voluntarily provide through our contact forms

Information Automatically Collected

When you visit our Site, we may automatically collect certain information about your device, including:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages viewed on our Site
  • Time and date of visit
  • Time spent on pages
  • Other diagnostic data

We may use cookies and similar tracking technologies to collect this information. You can control cookie settings through your browser.

Financial Information (via Plaid)

When you connect a bank account through our Service, we use Plaid Inc. ("Plaid") to gather your financial data. By using our Service and connecting your bank account, you grant Cobalance and Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your financial institution.

Information collected through Plaid may include:

  • Account information (account name, type, and current balance)
  • Transaction history (date, amount, merchant, and category)
  • Account and routing numbers (for verification purposes only)
  • Institution information (bank name and logo)

Important: Your bank login credentials are never stored by Cobalance. They are securely handled by Plaid and used only to establish a connection to your financial institution.

You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid End User Privacy Policy.

Account and Subscription Information

When you create an account and subscribe to our Service, we collect:

  • Name and email address
  • Authentication credentials (managed by our authentication provider, Clerk)
  • Subscription and billing status (payment details are handled by Stripe and never stored by us)
  • Account preferences and settings

3. How We Use Your Information

We use the information we collect to:

  • Add you to our waitlist and send you updates about Cobalance's launch
  • Send you invitations to join Cobalance when the application is ready
  • Respond to your inquiries and provide customer support
  • Send you marketing and promotional communications (with your consent)
  • Detect, prevent, and address technical issues
  • Comply with legal obligations
  • Protect our rights and the rights of others

How We Use Financial Data

We use your bank transaction data solely to:

  • Verify bill payments within your current pay cycle
  • Help you reconcile shared expenses with your partner
  • Calculate proportional expense contributions based on income
  • Provide cashflow forecasting for your shared bills account

We do NOT:

  • Sell your financial data to third parties
  • Use your data for advertising purposes
  • Share your data with anyone except your designated partner on your shared Cobalance Account
  • Store transaction history long-term (Cobalance is a forecasting tool, not a ledger)
  • Access your bank account for any purpose other than retrieving transaction data

4. Legal Basis for Processing (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the information concerned and the context in which we collect it. We may process your personal information because:

  • You have given us consent to do so
  • The processing is in our legitimate interests and not overridden by your rights
  • To comply with the law

5. Disclosure of Your Information

We may share your information in the following situations:

Service Providers

We may share your information with third-party service providers that perform services for us, including:

  • Email service providers (for waitlist management and communications)
  • Web hosting services
  • Analytics providers

Legal Requirements

We may disclose your information where required to do so by law or in response to valid requests by public authorities.

Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Third-Party Financial Service Providers

We use trusted third-party services to provide our Service. Each handles your data according to their own privacy policies:

Plaid Inc.

We use Plaid to connect to your bank account and retrieve transaction data. Plaid's use of your data is governed by:

Stripe Inc.

We use Stripe for subscription payment processing. Payment card information is collected directly by Stripe and never touches our servers. Stripe's handling of your payment information is governed by:

Clerk

We use Clerk for user authentication and identity management. Clerk manages your login credentials and multi-factor authentication. Clerk's handling of your information is governed by:

6. Data Retention

We will retain your personal information only for as long as necessary for the purposes set out in this Privacy Policy. Cobalance minimizes stored financial data by design—we are a forecasting tool, not a transaction ledger.

Financial Data Retention

Data Type Stored? Retention Period
Plaid access tokens Yes (encrypted) Until account closure + 30 days
Transaction data No Not retained (used transiently, then discarded)
Account balance (anchor) Yes Until account closure + 30 days
Bill/expense configurations Yes Until account closure + 30 days
Pay cycle reconciliation Yes (temporary) Current pay cycle only
Stripe payment records Yes 7 years (tax/legal compliance)

Data Deletion

  • Plaid Disconnect: Token revoked immediately via Plaid API; encrypted token deleted after 30 days
  • Account Deletion: Request via privacy@cobalance.io; data purged within 30 days
  • 30-Day Grace Period: Allows recovery from accidental deletion requests

7. Data Security

We implement industry-standard security measures to protect your information:

Encryption

  • In Transit: All data transmitted between your device and our servers uses TLS 1.2 or higher encryption
  • At Rest: Sensitive data including financial credentials is encrypted using AES-256 encryption

Access Controls

  • Authentication required for all data access
  • Role-based access controls limit data exposure
  • Financial data accessible only to Account members you have designated

Third-Party Security Certifications

Our infrastructure and service providers maintain industry-standard security certifications:

  • Plaid: SOC 2 Type II certified; handles bank credential security
  • Stripe: PCI DSS Level 1 certified; handles payment card security
  • Clerk: SOC 2 Type II certified; handles authentication security
  • AWS: SOC 2 Type II, ISO 27001 certified; provides infrastructure security

Important: Your bank login credentials are never stored by Cobalance. They are securely handled by Plaid and used only to establish a connection to your financial institution. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

General Rights

  • Access and Portability: Request access to your personal information and receive a copy
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Opt-Out: Opt-out of marketing communications

California Privacy Rights (CCPA)

California residents have specific rights including the right to know what personal information is collected, request deletion, and not be discriminated against for exercising privacy rights. We do not sell personal information to third parties.

European Privacy Rights (GDPR)

EEA residents have additional rights including the right to object to processing, restriction of processing, data portability, withdraw consent, and lodge complaints with supervisory authorities.

Your Rights Regarding Financial Data

In addition to the general privacy rights above, you have the right to:

  • Disconnect: Remove the connection to your bank account at any time through your Account settings
  • Revoke Access: Revoke Plaid's access to your bank through your bank's security settings or Plaid's portal
  • Request Deletion: Request deletion of all stored financial data
  • Export: Export your expense configuration data

To disconnect your bank account or request data deletion, contact us at privacy@cobalance.io or use the disconnect feature in your Account settings.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your jurisdiction where data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there.

10. Children's Privacy

We do not knowingly collect personal information from children under the age of 13. If you are under 13, please do not provide any information on this Site. If we learn we have collected information from a child under 13, we will delete that information.

11. Do Not Track Signals

Most web browsers include a Do-Not-Track ("DNT") feature you can activate to signal your privacy preference. No uniform technology standard for implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals.

12. Updates to This Policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Last Updated" date. If we make material changes, we may notify you either by posting a notice or by sending you a notification.

13. Contact Information

If you have questions about this Privacy Policy, please contact us at:

Reality Bound LLC

7901 4th St N STE 300

St. Petersburg, FL US 33707

Operating as Cobalance

Email: privacy@cobalance.io

Website: www.cobalance.io

For the fastest response, please email us with "Privacy Policy" in the subject line.

This Privacy Policy constitutes a legally binding agreement between you, the user, and Reality Bound LLC, operating as Cobalance.