Montty

1. Introduction

Montty Finance ("Montty", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial management platform. By using Montty, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

Account Information: Email address, name, and authentication credentials when you create an account.
Profile Data: Business name, industry, and other optional profile details you provide.
Payment Information: Billing details processed securely through our payment provider (Dodo Payments).

2.2 Financial Data

Revenue & Expenses: Transaction data, amounts, dates, and descriptions you enter.
Customer Information: Customer names, billing amounts, and payment status.
Receipt Images: Photos and scans of receipts you upload for OCR processing.
Assets & Liabilities: Financial position data including cash, equipment, loans, and debts.

2.3 Usage Data

Analytics: Pages visited, features used, time spent, and interaction patterns.
Device Information: Browser type, operating system, IP address, and device identifiers.
AI Chat History: Conversations with Montty AI CFO for improving responses and user experience.

3. Data Minimization

We adhere to the principle of data minimization. We only collect and process personal data that is necessary and relevant for the purposes outlined in this Privacy Policy. We do not collect excessive or unnecessary information, and we regularly review our data collection practices to ensure compliance with this principle.

4. How We Use Your Information

We use your information to:

Provide Services: Calculate financial metrics (runway, burn rate, churn), generate reports, and deliver AI-powered insights.
Process Transactions: Handle payments, subscriptions, and billing through our payment processor.
Improve AI Models: Train and enhance our AI CFO chatbot using anonymized conversation data.
Customer Support: Respond to inquiries, troubleshoot issues, and provide assistance.
Product Development: Analyze usage patterns to improve features and user experience.
Security: Detect fraud, prevent abuse, and protect user accounts.
Communications: Send product updates, feature announcements, and important service notifications.

5. Data Storage and Security

We implement industry-standard security measures to protect your data:

Encryption: All data is encrypted in transit (TLS/SSL) and at rest.
Database Security: Hosted on Supabase with Row Level Security (RLS) policies ensuring users can only access their own data.
Authentication: Secure authentication via Supabase Auth with email verification.
Payment Security: We do not store credit card information. All payment processing is handled by PCI-compliant providers.
Access Controls: Strict internal access policies and regular security audits.
Backups: Regular automated backups to prevent data loss.

6. Third-Party Services

We work with trusted third-party providers to deliver our services:

Supabase: Database hosting, authentication, and file storage.
Google Gemini AI: AI-powered financial insights, chatbot responses, and receipt OCR processing.
Dodo Payments: Payment processing and subscription management.
Upstash Redis: Caching and rate limiting for improved performance.
Vercel: Application hosting and deployment infrastructure.

These providers have their own privacy policies and security practices. We only share the minimum data necessary for them to perform their services.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can request deletion of your account and data at any time by contacting us. Some data may be retained for legal compliance, dispute resolution, or fraud prevention as required by law.

8. Your Rights

You have the right to:

Access: Request a copy of your personal data.
Correction: Update or correct inaccurate information.
Deletion: Request deletion of your account and associated data.
Export: Download your financial data in a portable format.
Opt-Out: Unsubscribe from marketing communications (service emails may still be sent).

9. Cookies and Tracking

We use cookies and similar technologies to maintain your session, remember preferences, and analyze usage. You can control cookie settings through your browser, but some features may not function properly if cookies are disabled.

10. Children's Privacy

Montty is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately.

11. International Users

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the platform. Continued use of Montty after changes constitutes acceptance of the updated policy.

13. Data Protection Officer (DPO)

For GDPR and KVKK compliance, we have designated a Data Protection Officer responsible for overseeing our data protection practices and ensuring compliance with applicable privacy laws.

DPO Contact:
Name: Melike Kaya
Email: info@monttyfinance.com
Phone: +90 552 803 80 29

You may contact our DPO for any privacy-related inquiries, data access requests, or complaints regarding data processing.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at:

Email: melikekaya@monttyfinance.com
Website: www.monttyfinance.com