Privacy Policy
Summary: We collect only what we need to run your portfolio tracker. Your financial data is encrypted, stored securely on Supabase infrastructure, and never sold or shared with third parties. You can delete your account and all data at any time. This policy is governed alongside our Terms of Service and Acceptable Use Policy.
1. Who we are
Portovo ("we", "us", "our") is a portfolio tracking platform. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services.
2. Data we collect
Account data
- Email address (for authentication and communication)
- Name (for personalisation)
- Password (hashed — we never store plaintext passwords)
Financial data
- Asset records you create (name, category, value, currency, notes)
- Liability records
- Onboarding preferences (net worth range, risk tolerance, investment thesis, legacy statement)
- Value history and portfolio snapshots
Bank account data (via Brick)
Where you choose to link a bank account, we use Brick — a licensed account information provider regulated by OJK in Indonesia — as our sub-processor to retrieve read-only account data on your behalf. Specifically, we collect:
- Account names, types, and identifiers (masked)
- Balances and balance history
- Transactions (date, amount, currency, merchant/description, category)
- Connection metadata (institution name, last sync timestamp, status)
This data is stored in our assets table together with a JSONB metadata column for institution-specific attributes. We never receive or store your online banking username, password, OTP, PIN, or biometric — authentication happens directly between you and your bank via Brick. The connection is read-only and cannot move money or change settings.
Retention: linked-account data is retained for as long as the connection is active. When you disconnect (via Settings, anytime) we stop pulling new data immediately and delete or anonymise the historical bank data within 30 days, except where a longer period is required for audit, fraud-investigation, or regulatory purposes.
We do not use bank data for marketing. We do not sell or share it with advertisers. You can revoke the connection at any time from Settings.
AI specialist inputs and outputs
When you use a Fractional Specialist or the AI prompt bar, we send a portfolio snapshot to Anthropic's Claude API for analysis. The snapshot is anonymised at user level — Anthropic receives an opaque UUID rather than your name, email, or any directly identifying field. See section 5 below for full details on this data flow.
Usage data
- Pages visited and features used (analytics)
- Device type and browser (for compatibility)
- IP address (for security and fraud prevention)
Payment data
Payment processing is handled entirely by Stripe. We do not store your credit card details. We receive only your subscription status and payment confirmation from Stripe.
3. How we use your data
- To provide and operate the Portovo portfolio tracking service
- To personalise your dashboard, specialist insights, and AI-generated content
- To process payments via Stripe
- To send essential service communications (security alerts, account changes)
- To improve our product and fix technical issues
We do not sell, rent, or share your personal or financial data with any third party for marketing purposes.
4. AI-generated content
Portovo's Fractional Specialists, Legacy Statement, Investment Guide, Portfolio Health Check, and the AI prompt bar all use the Anthropic Claude API. This section describes that flow in detail.
What is sent to Anthropic
- A portfolio snapshot anonymised at the user level (we send an opaque UUID rather than your name, email, or directly identifying fields).
- Asset categories, values, currencies, and notes relevant to the prompt.
- Onboarding preferences (risk tolerance, thesis, legacy statement) where the Specialist requires them for personalisation.
- The free-form text you type into the prompt bar.
Where it goes and how it is handled
- Destination: Anthropic's Claude API, processed in the United States.
- No model training. Per the Anthropic Commercial API Terms of Service, your inputs and the model's outputs are not used to train Anthropic's models.
- Sub-processor: Anthropic acts as our sub-processor for AI inference only.
- No permanent server-side storage of AI responses. We do not retain AI-generated responses on Portovo servers as a permanent record. We may keep short-lived logs for abuse prevention, debugging, and AUP enforcement, in line with section 6.
Browser caching (localStorage)
To make Specialist responses fast and to reduce API cost, we cache AI summaries in your browser's localStorage with a 1-hour TTL. Cache keys are derived from your user ID and a hash of the asset payload, so cache entries are scoped to you and to a specific portfolio state.
You can clear this cache at any time by:
- Using the refresh button on a Specialist card to force a fresh response, or
- Clearing site data for Portovo in your browser settings.
localStorage data never leaves your device unless you explicitly trigger a new request to a Specialist.
5. Data storage and security
- Infrastructure: Your data is stored on Supabase (PostgreSQL) with encryption at rest and in transit (TLS 1.2+).
- Authentication: Managed by Supabase Auth with secure session handling.
- Access: Row Level Security (RLS) ensures you can only access your own data.
- Hosting: Application is deployed on Vercel with automatic HTTPS.
6. Data retention
We retain your data for as long as your account is active. If you delete your account, all personal and financial data is permanently removed within 30 days. Anonymised usage analytics may be retained for product improvement.
7. Your rights
Regardless of where you are located, you have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your account and all associated data
- Export your data in a portable format
- Withdraw consent for optional data processing
Indonesia (UU PDP — Law No. 27 of 2022)
If you are a resident of Indonesia, your personal data is processed in accordance with Undang-Undang Pelindungan Data Pribadi (UU PDP). You have the right to request access, correction, deletion, and portability of your data. We process your data based on your consent and our legitimate interest in providing the service.
Malaysia (PDPA — Act 709)
If you are a resident of Malaysia, your personal data is processed in accordance with the Personal Data Protection Act 2010 (PDPA). We collect and process your data with your consent for the purposes described above. You may withdraw your consent at any time by contacting us or deleting your account.
8. Cookies
We use essential cookies for authentication and theme preferences (light/dark mode). We do not use third-party tracking cookies. Your authentication session is managed via Supabase's secure session tokens stored in local storage.
9. Third-party services and sub-processors
- Supabase — database, authentication, and file storage
- Stripe — payment processing
- Vercel — hosting and deployment
- Anthropic (Claude) — AI inference for Specialists and the prompt bar (US)
- Brick — bank account aggregation and account information services (Indonesia, OJK-licensed)
Each provider has their own privacy policy. We share only the minimum data required for each service to function. Anthropic and Brick act as sub-processors as described in sections 2 and 4.
10. International data transfer
Portovo is a globally distributed service. To deliver it, your personal and financial data may be transferred to, processed in, and stored in countries outside your country of residence. Specifically:
- Supabase — for database storage, authentication, and file storage. Our primary Supabase project region is Singapore (ap-southeast-1); please confirm region in-product or contact us if you need a written attestation.
- Anthropic (United States) — for AI inference when you use a Specialist or the prompt bar.
- Brick (Indonesia) — for bank account aggregation, where you have linked an account.
- Vercel — for application hosting, served from a global edge network.
- Stripe — for payment processing, which may involve data transfer to the United States.
By using Portovo, and where required by your local law, you explicitly consent to the cross-border transfer of your personal data to these processors and sub-processors for the purposes described in this Policy. This consent is given under (and is intended to satisfy):
- Article 56 of Indonesia's Personal Data Protection Law (UU PDP, Law No. 27 of 2022); and
- Section 129 of Malaysia's Personal Data Protection Act 2010 (PDPA).
We take reasonable steps to ensure that any sub-processor receiving your data is bound by contractual obligations consistent with this Policy and provides an adequate level of protection. You may withdraw your consent at any time by deleting your account; doing so will end further cross-border transfers (subject to retention periods set out in section 6).
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice in the application. Continued use of Portovo after changes constitutes acceptance of the updated policy.
12. Contact
For privacy-related questions or data requests, contact us at privacy@portovo.app.