← Back to CreditCardPoints.aiPrivacy Policy
Last updated: March 9, 2026
1. What We Collect
We collect your email address and password (stored as a bcrypt hash) for authentication, transaction data temporarily for reward calculations, and Plaid access tokens to fetch your bank data.
2. What We Do Not Collect
- Bank login credentials (handled entirely by Plaid)
- Account numbers or routing numbers
- Social security numbers or government IDs
- Credit scores or credit report data
3. How We Use Your Data
- Analyze your spending to calculate personalized card rewards
- Display your results and recommendations
- Improve the accuracy of our category mapping
We do not sell, rent, or share your personal data with third parties for marketing purposes.
4. Third-Party Services
Plaid: We use Plaid Inc. to connect to your bank. You authenticate through Plaid's secure widget or your bank's own login page. We never see or store your bank credentials. Plaid provides us with read-only transaction data only. Plaid's use of your data is governed by their End User Privacy Policy.
Affiliate partners: When you click an "Apply" link, you leave our site and visit the card issuer. We send no personal data to them.
5. Data Retention
- Transaction data: Cached for up to 5 minutes. Deleted when you disconnect.
- Plaid access tokens: Stored while connected. Deleted when you disconnect.
- Account data: Stored until you delete your account.
6. Security
- All data in transit encrypted via TLS (HTTPS)
- Passwords hashed with bcrypt (12 rounds)
- JWT sessions with secure httpOnly cookies
- Rate limiting on authentication endpoints
- Read-only bank access (we cannot move your money)
7. Your Rights
- Access: Request a copy of the data we have about you
- Delete: Delete your account and all associated data at any time
- Disconnect: Remove bank access with one click
For California residents (CCPA): We do not sell personal information.
8. Cookies
We use a session cookie for authentication. We do not use tracking cookies, analytics scripts, or third-party advertising pixels.
9. Contact
Privacy questions? Email us at privacy@creditcardpoints.ai.