AsesorIA

Privacy Policy

Last updated: May 28, 2026

1. Information We Collect

Account information: Name and email address when you register.

Financial profile data: Credit score range, debt types, income range (bracket, not exact), and financial goals — provided voluntarily to enable AI analysis. Sensitive fields are encrypted at rest using AES-256-GCM.

Consultation content: Questions you submit to the AI and the responses generated. This data is stored to provide your history and improve the service.

Usage data: Pages visited, features used, and general interaction patterns — anonymized and aggregated.

Payment information: We do not store payment card numbers. Payments are processed by PayPal and NOWPayments. We receive only transaction confirmation and subscription status.

2. How We Use Your Information

  • To provide and personalize the AI financial guidance service
  • To generate your Financial Health Score and recommendations
  • To manage your account and subscription
  • To send service-related emails (account confirmation, billing)
  • To improve AI accuracy using anonymized, aggregated consultation data
  • To comply with legal obligations

3. How We Protect Your Data

We take data security seriously because you share sensitive financial information with us:

  • Encryption at rest: Sensitive financial fields (income range) are encrypted using AES-256-GCM before storage
  • Row-level security: Database-level policies ensure you can only access your own data — even if there were a breach, user data is isolated
  • No PII in logs: AI agent logs use anonymized user IDs (SHA-256 hash) — your email and name never appear in system logs
  • HTTPS only: All data transmitted over TLS 1.2+
  • Access controls: Staff access to production data is restricted and logged

4. Information Sharing

We do not sell your personal or financial data to third parties.

We share data only with:

  • Google (Gemini API): Your questions are sent to Google's Gemini AI API to generate responses. Google's AI usage policies apply. Questions are not used to train Google's models under the API agreement.
  • Supabase: Our database provider stores your data in secure, GDPR-compliant data centers.
  • PayPal / NOWPayments: Payment processors receive only the information necessary to process your payment.
  • Legal requirements: We may disclose information when required by law or to protect rights and safety.

5. Data Retention

We retain your account and consultation data for as long as your account is active. If you delete your account, your data is deleted within 30 days, except where retention is required by law (e.g., payment records for 7 years).

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your consultation history
  • Opt out of non-essential communications

To exercise these rights, contact us at privacy@asesor.elainesystem.com.

7. Cookies

We use only essential cookies required for authentication (Supabase session). We do not use tracking, advertising, or analytics cookies. You can disable cookies in your browser, but this will prevent you from staying logged in.

8. Children's Privacy

AsesorIA is not directed to children under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us information, contact us immediately.

9. Contact

For privacy questions: privacy@asesor.elainesystem.com