Privacy Policy

Account information — When you create an account, we collect your name, email address, username, and password. Passwords are stored as one-way encrypted hashes — we never store your password in plain text and cannot read it.

Financial information — All financial data in Lucren is entered manually by you. This includes asset values (cash, investments, real estate, vehicles, business equity), liability balances (mortgages, credit cards, student loans), income and salary information, budget categories, transaction records, and portfolio holdings.

Profile information — Age, risk tolerance preference, retirement planning inputs, and investor experience level used to personalize your experience.

Usage data — Which features you use and how frequently, session duration, and general geographic region (country/state — not precise location). This is analyzed in aggregate to improve the app.

Crash reports — Automatic error logs when the app crashes, used to identify and fix bugs. These do not include your financial data.

We do not collect: precise GPS location, contacts, camera or microphone data, browsing history outside the app, or financial account credentials for external accounts.

• ✓Operate the app — Authenticate your account, sync your data, and display your financial dashboard
• ✓Personalize your experience — Show retirement projections, recommended portfolio allocations, and financial literacy content based on your profile
• ✓Improve the product — Analyze usage patterns in aggregate (not individual) to prioritize features and fix issues
• ✓Communicate with you — Send account-related emails: email verification, password resets, and important service updates
• ✓Process subscriptions — Manage your Plus, Pro, or Family plan through our subscription provider
• ✓Maintain security — Detect and prevent fraud, unauthorized access, and abuse

We do not use your information to serve targeted advertisements, build profiles for sale to third parties, or make automated decisions that affect your legal rights.

Your data is stored securely using Supabase, a cloud database platform with enterprise-grade security. All data is:

• ·Encrypted in transit using TLS/SSL
• ·Encrypted at rest using AES-256 encryption
• ·Stored on servers located in the United States
• ·Accessible only to authorized Lucren systems and personnel

Guest session data is stored locally on your device only and is permanently deleted when you close the app.

Lucren uses the following services to operate. These services receive only the minimum data necessary for their function. We do not authorize them to use your data for their own marketing or advertising.

We do not use Google Analytics, Facebook Pixel, or any advertising tracking SDKs.

We do not sell, rent, or trade your personal information. We share your data only in these limited circumstances:

• ·Service providers — With the third-party services listed above, solely to operate the app
• ·Legal requirements — If required by law, court order, or government authority — minimum information required only
• ·Business transfer — If Lucren is acquired or merges with another company, your data may transfer to the new owner who will be bound by this policy
• ·Your consent — For any other purpose, only with your explicit permission

We retain your data for as long as your account is active. If you delete your account:

• ·Your account and financial data are permanently deleted within 30 days
• ·Anonymized, aggregated usage statistics that cannot identify you may be retained indefinitely
• ·Backup copies are purged within 90 days of deletion

• ✓Access — View all financial data you've entered directly in the app at any time
• ✓Correction — Edit or update any information in the app at any time
• ✓Deletion — Delete your account and all associated data via Settings → Delete Account, or email us at privacy@lucrenapp.com
• ✓Export — Request a copy of your data in a portable format by emailing privacy@lucrenapp.com — we respond within 30 days
• ✓Opt out of communications — Opt out of non-essential emails by contacting us. Essential service emails (verification, password resets, security alerts) cannot be opted out while your account is active

Lucren is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us at privacy@lucrenapp.com and we will delete the information promptly.

Users between the ages of 13 and 17 should use the app only with parental consent.

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• ·Right to Know — Request a list of personal information categories we have collected and the purposes we use it for
• ·Right to Delete — Request deletion of your personal information (subject to certain exceptions)
• ·Right to Non-Discrimination — We will not discriminate against you for exercising your privacy rights
• ·Do Not Sell — We do not sell personal information. You do not need to opt out.

To exercise these rights, email privacy@lucrenapp.com with the subject line "CCPA Request."

We implement industry-standard security measures including end-to-end TLS encryption, AES-256 encryption at rest, and secure password hashing. No method of transmission over the internet is 100% secure — if you believe your account has been compromised, contact us immediately at support@lucrenapp.com.

When we make material changes, we will update the date at the top of this page, send an email to your registered address, and display an in-app notification. Continued use of the app after changes take effect constitutes acceptance of the updated policy.

Questions, concerns, or data requests: