THE MONEY INITIATIVE

Privacy Policy

Last updated: April 10, 2026

The Money Initiative ("TMI," "we," "us") respects your privacy. This Privacy Policy explains what information we collect, how we use and share it, how we protect it, and the rights you have over it. It applies to themoneyinitiative.co and every feature of the platform (collectively, the "Services").

By using the Services you agree to the practices described here. If you do not agree, do not use the Services. This policy is part of and incorporated into our Terms of Service.

1. Information We Collect

Account information. When you sign up we collect the email address you provide to our authentication provider (Clerk), any display name you supply, and the Clerk-issued user identifier. If you sign in with Google we receive the information Google provides under the OAuth scope you approve (typically email, name, and profile photo URL).

Subscription and payment information. When you upgrade to a paid plan or buy tokens or an à la carte analysis, Stripe processes your payment. We do not see, store, or transmit your full credit card number. Stripe shares with us the last four digits, card brand, billing country, ZIP, subscription status, and webhook event IDs so we can reconcile your account.

Usage and platform data. We record pages and cards you view, on-demand analyses you run, watchlist entries, trade-card ratings, token earn/spend events, engagement streaks, predictions, chat prompts and responses with MIDAS, and any feedback you submit. This data is tied to your Clerk user ID and is used to operate and improve the Services.

Technical data. We automatically collect IP address, user agent, device type, referrer, timestamps, and server error logs. We use this for security, fraud prevention, rate limiting, and debugging.

Cookies and similar technologies. The Services use first-party cookies set by Clerk for authentication (so you stay logged in across tabs), a small number of localStorage keys for preferences (last-viewed tab, trader experience level, cookie-banner acceptance), and a session cookie to carry your auth state. We do not use advertising cookies, cross-site tracking pixels, or third-party analytics beacons. Essential cookies cannot be disabled without breaking the Services; non-essential preferences can be cleared from your browser's site-data controls.

Communications. If you contact support@themoneyinitiative.co or submit the support or white-label contact form, we receive the message content, your email, and any name or company you provide.

From third parties. We may receive limited information from our Sub-Processors about your interactions with their products (e.g., a Stripe webhook confirming a successful charge).

2. How We Use Information

  • Provide the Services — authenticate you, deliver paid features, route AI calls, fetch market data, store your trade history.
  • Personalize — calibrate report depth and language to your declared trader-experience level and risk tolerance.
  • Improve — analyze aggregate usage patterns, debug errors, evaluate model quality, and refine the TMIIE pipeline. Where we evaluate AI output we may use de-identified, aggregated prompts and responses.
  • Secure the platform — detect abuse, rate-limit automated traffic, enforce account policies, and comply with legal obligations.
  • Communicate with you — transactional emails (receipts, security alerts, cancellation confirmations, product changes), replies to support inquiries, and (if you opt in) product newsletters.
  • Comply with law — respond to lawful requests, enforce our Terms, exercise legal rights, and protect our users.

3. Legal Bases (for EU/UK Users)

If you are in the European Economic Area, United Kingdom, or Switzerland, the legal bases on which we rely are: (i) performance of the contract between you and TMI; (ii) your consent (which you may withdraw at any time, though this will not affect the lawfulness of processing done prior); (iii) our legitimate interests in operating, securing, and improving the Services; and (iv) compliance with our legal obligations.

4. How We Share Information

We share personal information only as described below. We do not sell your personal information. We do not share personal information for cross-context behavioral advertising.

Sub-Processors. The following third parties receive the minimum data necessary to deliver their piece of the Services:

  • Clerk (authentication & session management) — email, password hash, session tokens, optional OAuth profile.
  • Stripe (payments, subscription billing, invoicing) — payment method details, billing address, subscription state.
  • Anthropic (Claude LLM inference) — prompt content for trade cards, on-demand reports, MIDAS chat, and agent pipeline. Anthropic does not train its models on API content.
  • xAI (Grok sentiment & news search) — public-web search queries for sentiment analysis. No user-identifying data is sent.
  • Supabase (PostgreSQL database + file storage) — stores user records, trade cards, tokens, watchlists, media assets. U.S. data residency.
  • Vercel (application hosting & edge delivery) — hosts the application and receives request-level metadata for routing.
  • Replicate (optional AI media generation) — prompt text when you trigger image or video generation in the admin tools. Not triggered by ordinary user traffic.
  • Beehiiv (optional email newsletter, not yet active) — will receive subscriber email and opt-in status when launched; disabled by default.
  • X / Twitter API (for MIDAS posting) — outbound content only; TMI does not read your X data on your behalf.
  • Yahoo Finance, Kraken, CoinGecko, CryptoCompare, Nasdaq (market data) — public endpoints queried by our servers with no user-identifying data.

Legal compliance. We may disclose information to comply with a subpoena, court order, regulatory request, or other lawful process; to enforce our Terms; to prevent fraud or security incidents; or to protect the rights, property, or safety of TMI, our users, or others.

Business transfers. If TMI is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality obligations and notice to affected users.

Aggregated & de-identified data. We may publish or share aggregated statistics (e.g., session win-rate charts, total users, quality-gate pass rates) that do not identify any individual.

5. Data Retention

We retain personal information for as long as your account is active plus a reasonable period after (generally up to 30 days) to complete any outstanding transactions and satisfy legal obligations. When you request deletion we remove your account and associated personal content within 30 days, except for:

  • Tax, billing, and Stripe invoice records, which we retain for up to 7 years as required by U.S. tax law;
  • Aggregate, de-identified usage metrics retained indefinitely for product analytics;
  • Audit logs of administrative actions retained for at least 24 months for security.

6. Your Rights

All users. You can:

  • Access your account data in Account Settings;
  • Correct inaccurate account information via Account Settings or by emailing us;
  • Delete your account via Account Settings → Delete Account, or by request to support@themoneyinitiative.co;
  • Export your watchlist, trade-card ratings, and MIDAS chat history on request;
  • Cancel paid subscriptions any time, with access through the end of the billing cycle.

EU/UK/EEA users (GDPR). You additionally have the right to: data portability; restriction of processing; objection to processing based on legitimate interests; withdrawal of consent where processing relies on consent; and to lodge a complaint with your national data protection authority. Contact support@themoneyinitiative.co to exercise these rights. We do not require identity verification beyond confirming the email address of your account.

California users (CCPA / CPRA). You have the right to know what personal information we collect and why, to request deletion, to correct inaccurate information, and to opt out of the "sale" or "sharing" of personal information — though TMI does not sell or share personal information for cross-context behavioral advertising in the first place, so no opt-out is needed. We will not discriminate against you for exercising these rights.

Authorized agents. You may designate an authorized agent to make a rights request on your behalf. We will require written proof of authorization and verify your account before acting.

7. Security

We implement technical and organizational safeguards appropriate to the nature of the information we handle:

  • TLS 1.2+ in transit for every request;
  • Encrypted at rest in Supabase and Stripe;
  • Row-Level Security policies on database tables containing user data;
  • Admin-route middleware gating, per-route authentication checks, and an audit log for every admin mutation;
  • Secrets stored in Vercel encrypted environment variables, never in the codebase;
  • Password-less authentication via Clerk (no plaintext passwords ever touch TMI servers).

No system is perfectly secure. If we learn of a breach affecting your personal information we will notify you and the appropriate authorities as required by law.

8. Children's Privacy

The Services are intended for users 18 years of age or older. We do not knowingly collect personal information from children under 13 (or the equivalent minimum age under local law). If you believe a child has provided us with personal information, email support@themoneyinitiative.co and we will promptly delete it.

9. International Transfers

TMI is based in the United States and our Sub-Processors are primarily in the United States or the European Economic Area. If you access the Services from outside the U.S., your information may be transferred to, processed, and stored in the U.S. or other countries that may have data protection laws different from those in your country. By using the Services you consent to these transfers. Where required, we rely on Standard Contractual Clauses or other approved transfer mechanisms.

10. Do Not Track

Some browsers offer a "Do Not Track" signal. Because there is no industry-standard interpretation of this signal and TMI does not use tracking cookies or cross-site advertising in any event, we do not alter our behavior based on DNT headers. Our default posture is equivalent to honoring DNT.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, Sub-Processors, or the law. For material changes we will notify you at least 14 days before the change takes effect, via email or in-platform banner. The "Last updated" date at the top of the page always reflects the current version. Continued use of the Services after the effective date constitutes acceptance of the updated policy.

12. Contact

Privacy questions, rights requests, or complaints: support@themoneyinitiative.co with subject "Privacy Request." For security vulnerability reports, use the same address with subject "[SECURITY]".

Terms of ServiceHome

© 2026 The Money Initiative. All rights reserved.