Legal

Privacy Policy

Last updated: March 2026 · Effective: March 2026 · Applies to pfcgo.com

Contents

Who we are
What data we collect
How we use your data — incl. lawful basis
How we store your data
Cookies — incl. duration
Data sharing & sub-processors
Data retention
Your rights (UK GDPR)
Children
Changes to this policy
Contact us

    Plain English summary: We collect only what's needed to run the app. We don't sell your data, show you ads, or share your information with third parties except where needed to run the service. You can download or delete everything at any time.
  

1. Who we are

PFC Go is operated by Personal Finance Calculator Go, a small software firm based in the United Kingdom. We build financial planning tools for individuals.

For questions about this policy, contact us at support@pfcgo.com.

2. What data we collect

If you use the app without an account

We do not collect any personal data. Calculator inputs stay in your browser and are never sent to our servers.

If you create a free account

Email address — used to sign in and send essential account emails (verification, password reset)
Display name — shown in the app, set by you
Financial profile data — salary, outgoings, net worth figures you enter to build your personalised plan. This data is used solely to power your dashboard and calculators.
Saved goals and scenarios — financial plans you choose to save
Usage events — anonymised events like "calculator opened" or "wizard completed", used to improve the product. No personally identifiable information is included in these events.

If you subscribe (Pro or Adviser)

We store a Stripe customer reference to link your subscription to your account. We never store card numbers or payment details — these are handled entirely by Stripe.
Your subscription tier (free, pro, or adviser) is stored so the app can unlock the right features.

Technical data

Our hosting provider (Netlify) automatically logs IP addresses and request metadata for security and reliability purposes. This data is not linked to your account and is not used for analytics.

3. How we use your data

To provide the app and personalise your financial dashboard
To sync your data across devices when you are signed in
To send essential account emails (verification, password reset, billing receipts)
To improve the product using anonymised usage data
To process subscription payments through Stripe

We do not use your data for advertising, profiling, or any purpose unrelated to running PFC Go.

Lawful basis for processing

We process your personal data under the following lawful bases (UK GDPR Article 6):

Contract performance — processing your profile, goals, and billing data is necessary to provide the service you have signed up for
Legitimate interests — anonymised usage analytics to improve the product, where this does not override your privacy rights
Legal obligation — retaining billing records as required by financial regulations
Consent — optional cookies beyond the essential session cookie (currently none set)

4. How we store your data

Your data is stored in a secure cloud database with the following protections:

All data is encrypted in transit (HTTPS/TLS)
Database-level access controls ensure your data can only be read by your own account
Authentication is handled by an industry-standard identity provider
Our servers are located in the European Union

5. Cookies

We use a minimal set of cookies necessary to run the application:

Authentication session cookie — keeps you signed in between visits. This is an essential cookie; the app cannot function without it when you are logged in. Expires after 7 days of inactivity or on sign-out.
Cookie consent preference — remembers that you have acknowledged this notice. Stored in localStorage, expires after 1 year.
Theme preference — stored in localStorage (not a cookie), remembers your dark/light mode choice. Persists until cleared.

We use no advertising cookies, no tracking pixels, and no third-party analytics cookies. PFC Go products are ad-free. Our analytics provider (Plausible) is cookieless by design — it collects no personal data and sets no cookies whatsoever.

We do not sell, rent, or trade your personal data. We share data only with the following sub-processors, and only to the extent necessary to run the service:

Netlify — hosting and serverless functions (United States; covered by Standard Contractual Clauses)
Supabase — database and authentication (EU data region)
Stripe — payment processing (United States; covered by Standard Contractual Clauses). Stripe receives your email address and subscription details only.
Resend — transactional email delivery (United States; covered by Standard Contractual Clauses). Receives your email address and name only, used to send account and billing emails.
Plausible Analytics — privacy-first website analytics (European Union). Plausible does not use cookies, does not track individuals across sites, and does not collect personal data. Only anonymised aggregate statistics are generated. See Plausible's privacy policy.
Sentry — error monitoring and performance tracking (United States; covered by Standard Contractual Clauses). Receives anonymised error reports containing no personal financial data. User IDs (not emails) may be attached to error reports to help diagnose issues.

We may disclose data if required by UK law or a court order, but we will notify you where legally permitted to do so.

7. Data retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days, with the exception of anonymised aggregate statistics which cannot be linked back to you.

Stripe may retain billing records for up to 7 years for financial compliance purposes.

8. Your rights (UK GDPR)

Under the UK GDPR you have the following rights:

Right of access — request a copy of all data we hold about you
Right to rectification — correct inaccurate data
Right to erasure — delete your account and all associated data
Right to portability — download your data in a machine-readable format (JSON)
Right to restrict processing — ask us to stop using your data in certain ways
Right to object — object to processing based on legitimate interests

You can exercise your right to erasure and portability directly from the app: My Account → Your data. For all other requests, email support@pfcgo.com and we will respond within 30 days.

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

9. Children

PFC Go is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has created an account, please contact us at support@pfcgo.com and we will delete it promptly.

10. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify signed-in users via an in-app notice and update the "Last updated" date at the top of this page. Continued use of PFC Go after changes take effect constitutes acceptance of the updated policy.

11. Contact us

For any questions about this privacy policy or how we handle your data:

Email: support@pfcgo.com
Website: pfcgo.com/about