Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

• Phone number — collected during registration and used for authentication (OTP/SMS verification).
• Name — optionally provided during onboarding or retrieved from your Plaid account holder data. You may skip providing a name.

1.2 Financial Data Collected via Plaid

When you connect your bank account through Plaid, Ponder receives read-only access to the following data on your behalf:

• Account names, types, and balances
• Transaction history (payees, amounts, dates, categories)
• Account holder name (if available from your financial institution)

Ponder's access to your financial data is strictly read-only. We cannot initiate transfers, make payments, or move money on your behalf. Ponder uses Plaid Inc. as a third-party service provider to facilitate this connection. Your use of Plaid is also governed by Plaid's Privacy Policy, available at https://plaid.com/legal.

1.3 Usage and Device Data

• Device identifiers, operating system, and app version
• In-app interactions (e.g., which widgets you add, messages sent to the AI assistant, features used)
• Push notification interaction data (e.g., whether you open a notification)
• Crash logs and diagnostic data

2. How We Use Your Information

We use the information we collect to:

• Authenticate your identity and provide access to the App
• Connect to and retrieve data from your linked financial accounts via Plaid
• Power the Ponder AI assistant to answer your financial questions and generate custom dashboard widgets
• Send proactive push notifications about your finances (e.g., unusual spending, budget alerts)
• Send SMS messages for one-time passcode (OTP) authentication only
• Maintain your chat history and dashboard state across sessions
• Improve the reliability and performance of the App
• Comply with legal obligations and protect our rights and those of our users

3. Artificial Intelligence and Your Data

3.1 How AI Processes Your Data

Ponder uses large language model (LLM) technology to power its chat assistant and widget generation features. When you interact with Ponder, relevant financial data from your Plaid connection may be included in the context sent to the AI model in order to generate accurate, personalized responses.

3.2 No Training on Your Personal Data

We do not use your personal financial data, chat messages, or transaction history to train, fine-tune, or improve any AI or machine learning models. Your financial data is processed transiently to generate responses and is not retained by our AI infrastructure for model training purposes.

3.3 Not Financial Advice

AI-generated responses, insights, widget content, and notifications provided by Ponder are for informational and organizational purposes only. They do not constitute financial, investment, tax, or legal advice. You should consult a qualified professional before making financial decisions.

4. How We Share Your Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising or targeted advertising. We may share your information only in the following limited circumstances:

• Service Providers: We share data with third-party vendors who help us operate the App (e.g., Plaid for bank connectivity, our AI infrastructure provider, cloud hosting, SMS delivery, push notification services, analytics). These providers are contractually restricted from using your data for any purpose other than providing services to us.
• Legal Requirements: We may disclose your information if required by law, subpoena, court order, or to comply with legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: If Kikoff is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via the App or email before your information becomes subject to a different privacy policy.

5. SMS and Push Notifications

5.1 SMS

We send SMS messages solely for one-time passcode (OTP) authentication. We do not send marketing or promotional text messages. Message and data rates may apply. You may opt out by contacting us at privacy@kikoff.com, though opting out may prevent you from logging in.

5.2 Push Notifications

With your permission, we send push notifications to alert you to relevant financial events (e.g., spending alerts, budget milestones, AI-generated insights). You can manage notification preferences at any time through your device settings or within the App.

6. Data Retention and Deletion

We retain your data for as long as your account is active or as needed to provide the App and comply with legal obligations. When you delete your account through the App:

• All personal data associated with your account — including your financial transaction history, chat messages, widgets, and profile information — will be permanently deleted.
• We will process account deletion requests promptly. Residual copies may remain in backup systems for up to 30 days following deletion.
• Plaid connection tokens are revoked at the time of account deletion.

7. Data Security

We implement reasonable technical and organizational security measures to protect your personal information, including encryption in transit (TLS) and at rest. However, no security system is impenetrable, and we cannot guarantee the absolute security of your data. If you believe your account has been compromised, contact us immediately at support@kikoff.com.

8. Children's Privacy

Ponder is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us at privacy@kikoff.com and we will delete it.

9. Third-Party Links and Services

The App may reference or link to third-party services. This Policy does not govern how third parties collect or use your information. We encourage you to review the privacy policies of any third-party services you use in connection with Ponder.

10. U.S. State Privacy Rights

Residents of California, Connecticut, Minnesota, Montana, Oregon, and other states with applicable comprehensive data privacy laws have the following rights:

• Right to Know: Whether we are processing your personal information, and for California residents, additional information about categories, sources, and purposes of collection.
• Right to Access / Copy: Request a copy of your personal information.
• Right to Delete: Request deletion of your personal information.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt Out of Sale or Sharing: We do not sell or share personal information for advertising — this right is not applicable to Ponder.

To exercise any of the above rights, contact us at privacy@kikoff.com. We will respond within 45 days. We may request identity verification before processing your request.

10.1 Global Privacy Control

We recognize the Global Privacy Control (GPC) signal for California users at the browser/device level.

10.2 Non-Discrimination

Exercising your privacy rights will not result in any discriminatory treatment or degradation of service.

11. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you within the App or via the contact information associated with your account. The updated effective date will always be reflected at the top of this Policy.

12. Contact Us

If you have questions about this Policy or wish to exercise your privacy rights, please contact:

Email: privacy@kikoff.com