Privacy Policy
Last updated: February 2026
What We Collect
When you create an account, we collect your email address and a securely hashed password. As you use RetireMe, we store the financial inputs you provide -- retirement age, savings targets, income, expenses, portfolio holdings, and simulation parameters -- to generate your projections.
How We Store Your Data
All user data is stored in a PostgreSQL database with encryption at rest. Passwords are hashed using bcrypt and never stored in plain text. Database access is restricted to our backend services only.
Authentication & Cookies
We use JWT tokens stored in httpOnly cookies for authentication. These cookies cannot be accessed by client-side JavaScript, protecting against cross-site scripting attacks. We do not use third-party tracking cookies.
Market Data
Portfolio market data is fetched from Yahoo Finance entirely on our servers. No requests are made from your browser to Yahoo Finance or any other third-party data provider. We do not share your portfolio holdings with data providers.
Payment Processing
Subscription payments are handled by Stripe. We never see or store your credit card number. Stripe provides us with a customer ID and subscription status to manage your account access.
Third-Party Sharing
We do not sell, rent, or share your personal data with third parties. The only external services that receive any of your information are Stripe (payment processing) and our email provider (transactional emails like password resets and verification).
Your Rights
You can export or delete your account and all associated data at any time from your account settings. Deleting your account permanently removes all retirement plans, portfolio data, and personal information from our systems.
Contact
Questions about this policy? Reach out at support@retireme.app.