Privacy Policy

Last Updated: January 15, 2025

1. Introduction

Welcome to Dividend Fortress ("we," "our," or "us"). This Privacy Policy describes how we collect, use, store, share, and protect personal information when you use our website at dividendfortress.com and our services. By using our website, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and authentication credentials.
  • Portfolio Data: Financial planning information including your investment holdings, contribution amounts, salary information, retirement goals, and target withdrawal amounts that you voluntarily enter into our platform.
  • Payment Information: When you subscribe to our paid services, we collect billing information through Stripe, our payment processor. Stripe processes your payment card information securely. We do not store your complete credit card numbers on our servers.
  • Profile Information: Any additional information you choose to provide in your user profile.

2.2 Information from Google Sign-In

When you sign in using Google OAuth, we receive and store:

  • Email address: Used to create and authenticate your account
  • Profile information: Your name and profile picture from your Google account
  • Google user ID: A unique identifier to link your Google account to your Dividend Fortress account

Limited Use Disclosure: Dividend Fortress's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we commit to the following regarding Google user data:

  • Limited Use: Google user data is used only to provide and improve the user-facing authentication feature that is prominent in our application's user interface (the sign-in functionality)
  • No Transfer or Sale: We do not and will never transfer or sell Google user data to third parties, use it for advertising, or use it for credit-worthiness determinations
  • Human Access: Our employees do not access your Google data except with your explicit consent, for security purposes, or when required by law
  • Data Transfers: Google user data is only transferred to AWS Cognito as necessary for authentication
  • Merger/Acquisition: Any transfer of Google user data requires your explicit prior consent

2.3 Automatically Collected Information

  • Usage Data: Information about how you interact with our service
  • Device Information: IP address, browser type, operating system
  • Cookies: We use cookies to maintain your session and preferences

3. How We Use Your Information

  • Account Management: To create, authenticate, and manage your account
  • Service Delivery: To provide dividend portfolio tracking, financial planning tools, and income projections
  • Billing and Payments: To process subscription payments, manage your billing information, and send payment receipts through Stripe
  • Trial Eligibility and Fraud Prevention: To track free trial usage and prevent abuse of promotional offers by users who repeatedly create and delete accounts
  • Communications: To send service notifications, billing updates, and respond to inquiries
  • Service Improvement: To analyze usage patterns and improve our platform
  • Security: To detect and prevent fraud, abuse, and technical issues

4. How We Store Your Information

Your data is stored securely using industry-standard infrastructure:

  • Database Storage: AWS DynamoDB and Amazon Cognito with encryption at rest
  • Payment Data: Stripe stores your payment information using PCI-DSS compliant secure vault technology. We only store the last 4 digits of your card and expiration date for display purposes
  • Data Location: United States (AWS us-east-1 region)
  • Security Measures: HTTPS/TLS encryption, encryption at rest, secure authentication, regular security audits

5. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties.

We may share your information only in these limited circumstances:

  • Service Providers:
    • Amazon Web Services (AWS) - hosting, database, storage, authentication
    • Stripe - payment processing for subscriptions (subject to Stripe's Privacy Policy)
  • Legal Requirements: When required by law or to protect our rights
  • With Your Consent: For any other purpose with your explicit consent

6. Your Rights and Choices

  • Access: Review your information through your account dashboard
  • Correction: Update your information in account settings
  • Deletion: Request account deletion by contacting ask@dividendfortress.com
  • Subscription Management: Cancel your subscription anytime from your account settings. Cancellations take effect at the end of your current billing period
  • Payment Information: Update or remove payment methods through your billing settings

Important: Data Retention After Account Deletion

What gets deleted: When you delete your account, we immediately remove your portfolio data, investment holdings, personal preferences, and all financial information from our systems. Your Cognito authentication account is also permanently deleted.

What we retain for fraud prevention: To prevent abuse of free trial offers, we retain minimal information including:

  • Your email address
  • Google account identifier (if you signed in with Google)
  • Whether you have used a free trial
  • Stripe Customer ID (for billing history)

Why we retain this data: This minimal information prevents users from repeatedly creating and deleting accounts to abuse free trial offers. This is necessary for fraud prevention and to protect our legitimate business interests.

Your GDPR rights: If you are subject to GDPR or similar privacy laws and wish to exercise your "right to be forgotten," you may request complete deletion of all retained data by contacting us at ask@dividendfortress.com. We will evaluate such requests on a case-by-case basis, balancing your privacy rights with our legitimate interest in preventing fraud.

7. Payment Processing

We use Stripe to process subscription payments. When you subscribe:

  • Your payment information is transmitted directly to Stripe using secure, encrypted connections
  • Stripe is PCI-DSS Level 1 certified, the highest level of payment security
  • We receive only limited information (last 4 digits, card brand, expiration date) for display and billing purposes
  • Your complete card number is never stored on our servers
  • Subscriptions auto-renew until canceled
  • You can update or remove payment methods at any time

For more information about Stripe's security and privacy practices, visit Stripe's Privacy Policy.

8. Contact Us

For questions about this Privacy Policy, data deletion requests, or our data practices:

Email: ask@dividendfortress.com

Website: dividendfortress.com

Quick Summary for Google Sign-In Users

When you sign in with Google, we receive your email address and basic profile information (name, profile picture). We use this information solely to create and authenticate your account. We do not access any other data from your Google account. We do not share this information with third parties except as required to provide our authentication service through AWS Cognito. You can disconnect your Google account or delete your Dividend Fortress account at any time.