Privacy Policy

Needix (“Needix,” “we,” “us,” or “our”) helps you track subscriptions, orders, and expenses, set reminders, and (optionally) import data from your email or bank connections. This Privacy Policy explains what we collect, how we use it, and your choices.

1. Information We Collect

2. How We Use Your Information

• Provide and improve Needix: sync, search, reminders, dashboards
• Detect recurring charges: infer subscriptions/expenses from Gmail/Plaid imports
• Authenticate & secure: account access, fraud/abuse prevention
• Billing & entitlements: subscription status via Stripe
• Support & communications: respond to requests and product notices
• Analytics & performance: aggregate usage to improve reliability
• Legal compliance: obligations and enforcement of terms

3. Data Storage and Security

4. Data Sharing and Disclosure

We do not sell your personal information. We share data only with:

• Service providers (hosting, analytics, email, customer support, payments) under contract
• Legal/safety requirements or to protect rights
• Business transfers (e.g., merger/acquisition) with notice

5. Your Rights and Choices

• Access/Export/Correction/Deletion — use in-app tools where available or email us
• Consent management — disconnect Gmail/Plaid at any time in settings
• Marketing — opt out of non-essential emails
• Regional rights — we honor applicable rights under GDPR/UK GDPR and CCPA/CPRA

Contact: privacy@needixai.com

6. Bank Connections via Plaid

When you connect a financial account, we use Plaid to securely link it and retrieve data needed for Needix features (primarily Transactions). By connecting an account, you authorize Needix to access account identifiers, balances, and transaction data to infer subscriptions/expenses and provide insights.

• We do not receive your bank credentials. You provide them directly to Plaid.
• Control: disconnect accounts in Needix at any time; you may also manage access via your financial institution and Plaid Portal.
• Plaid policy: Your use of Plaid is subject to Plaid’s End User Privacy Policy.

7. Gmail Access (Google API Services – Limited Use)

If you enable Gmail Scan, Needix requests the gmail.readonly scope to parse receipts and order confirmations.

• What we access: messages likely to contain receipts/confirmations, plus relevant metadata.
• What we don’t do: we don’t send, delete, or modify your emails.
• Limited Use: We use Gmail data only to provide the user-facing feature; we don’t transfer it to third parties except as necessary to provide/improve the feature, comply with law, or as part of a business transfer with notice; we don’t use Gmail data for ads. Human access is restricted, logged, and permitted only for security, abuse, compliance, or with your consent when required.
• Revocation & deletion: you can revoke Needix’s Gmail access in your Google Account settings; we remove Gmail-derived data upon account deletion or request.

8. Cookies and Tracking

• Essential — auth/session and security
• Analytics — aggregate usage/performance (e.g., Vercel Analytics)
• Preferences — theme and UI settings

Browser controls allow you to manage cookies; blocking some may impact functionality.

9. AI Features

Optional features may use third-party AI services (e.g., classifying receipts, generating summaries). We send only the minimum necessary text/fields and use outputs solely to provide the feature. We do not allow AI providers to train generalized models on your data.

10. Data Retention

Account data persists while your account is active. Gmail- and Plaid-derived records remain until you disconnect the source or delete your account, after which we purge them from application databases within a reasonable period, except where law requires limited retention for audit, fraud prevention, or compliance.

11. International Data Transfers

We operate in the United States. If you access Needix from another region, your data may be transferred to the U.S. We rely on appropriate safeguards and contracts with our sub-processors.

12. Children’s Privacy

Needix is not directed to children under 13, and we do not knowingly collect data from them.

13. Changes to This Policy

We may update this policy. We will post updates here and revise the “Last updated” date. If changes are material, we will provide additional notice (e.g., in-app).

14. Contact Us