Your data, your rights

All user data is stored in Singapore (SG) on Supabase infrastructure hosted in the ap-southeast-1 (Singapore) region. We do not transfer personal data outside of Singapore except where strictly necessary to provide a requested service (e.g., payment processing via Stripe), and only with appropriate safeguards in place.

• At rest: All data stored in our database is encrypted at rest using AES-256. Sensitive fields (e.g., API credentials for connected accounts) are additionally encrypted at the application layer using AES-256-GCM before storage.
• In transit: All communications between your browser and our servers are encrypted using TLS 1.2 or higher (HTTPS). We enforce HTTPS across all endpoints — unencrypted HTTP is not accepted.

• Account data: name, email address, password (hashed), subscription tier.
• Portfolio data: assets, valuations, accounts, and loans you manually enter or connect.
• Usage analytics: page views, device type, browser, OS, and country — collected anonymously without cross-site tracking.
• Communications: messages you send via the contact form.
• Payment data: handled entirely by Stripe — we never store raw card numbers.

We collect only what is necessary to provide the service. We do not sell your data to third parties.

We retain your personal data for as long as your account is active or as needed to provide you the service. Upon account deletion, personal data is purged within 30 days, except where we are legally required to retain records for a longer period (e.g., financial transaction records under applicable Singapore law).

Under Singapore's Personal Data Protection Act 2012 (PDPA), you have the right to:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct inaccurate or incomplete data.
• Deletion — request that we delete your personal data (subject to legal retention obligations).
• Withdrawal of consent — withdraw consent for data collection or use at any time, though this may affect your ability to use certain features.
• Data portability — request a portable copy of your data in a machine-readable format.

To exercise any of these rights, contact us at privacy@invotree.asia. We will respond within 30 days of receiving a verifiable request.

We use a limited set of trusted third-party services, each bound by data processing agreements:

• Supabase — database and authentication (Singapore region).
• Stripe — payment processing. Card data never passes through our servers.
• Resend — transactional email delivery.
• Plaid — optional financial account connections (when you choose to connect).

We do not use advertising networks, data brokers, or analytics services that track you across other websites.