Legal

Privacy Policy

Last updated: March 4, 2026

becvio ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights regarding your data when you use the becvio platform, website, and services (the "Service").

By using the Service, you consent to the practices described in this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

Data TypeExamplesPurpose
Account InformationEmail address, password (hashed)Authentication, account management, communications
Profile InformationPortfolio/company name, display preferencesPersonalization, app display
Property DataAddresses, values, rents, loan balances, expenses, tenant namesPortfolio analysis, calculations, health scores
Financial RecordsExpenses, mileage logs, tax categoriesExpense tracking, tax reports, deduction analysis
DocumentsUploaded leases, insurance docs, receiptsDocument storage and retrieval
Forum ContentPosts, replies, upvotesCommunity features
Payment InformationProcessed by Stripe — we do not store card numbersSubscription billing

1.2 Information Collected Automatically

Data TypeExamplesPurpose
Usage DataFeatures used, pages visited, session durationProduct improvement, bug fixes
Device InformationBrowser type, operating system, screen sizeResponsive design, compatibility
Log DataIP address, access times, referring URLsSecurity, abuse prevention

1.3 Information from Third Parties

If you use integrations (such as Innago or CSV imports from other platforms), we receive the data you choose to import. We only process data you explicitly provide or authorize.

2. How We Use Your Information

We use your information to:

  • Provide the Service: Display your dashboard, run calculations, generate health scores, store documents, and process your portfolio data.
  • Power AI Features: When you use the AI Advisor or Growth Planner, we send relevant portfolio data to our AI provider (Anthropic) to generate responses. This data is transmitted via API and is not stored by Anthropic beyond the duration of the request.
  • Process Payments: We use Stripe to process subscription payments. We do not store or have access to your full credit card number.
  • Communicate with You: Send account confirmations, security alerts, service updates, and (with your consent) product announcements.
  • Improve the Service: Analyze usage patterns to fix bugs, improve features, and develop new functionality.
  • Ensure Security: Detect and prevent fraud, abuse, and unauthorized access.
  • Comply with Law: Meet legal obligations, respond to lawful requests, and enforce our Terms of Service.

3. How We Share Your Information

We do not sell your personal data. We do not sell, rent, or trade your information to third parties for their marketing purposes. We share data only in the following circumstances:

RecipientWhat We ShareWhy
Supabase (database provider)All account and portfolio dataData storage and authentication — our backend infrastructure
Anthropic (AI provider)Portfolio summary data when you use AI featuresGenerating AI Advisor and Growth Planner responses
Stripe (payment processor)Email, subscription planProcessing subscription payments
Vercel (hosting provider)IP addresses, access logsWebsite hosting and delivery
Law enforcementAs legally requiredCompliance with court orders, subpoenas, or legal process

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you before your data becomes subject to a different privacy policy.

4. Data Storage and Security

Your data is stored on Supabase servers hosted on Amazon Web Services (AWS) infrastructure in the United States. Documents you upload are stored in Supabase Storage with access controls that restrict access to your account.

We implement the following security measures:

  • Row-Level Security (RLS): Database policies ensure each user can only access their own data. Every query is filtered by authenticated user ID at the database level.
  • Encryption in Transit: All connections use HTTPS/TLS encryption.
  • Password Security: Passwords are hashed using bcrypt via Supabase Auth. We never store plaintext passwords.
  • Browser Storage Isolation: Local browser data is scoped to your user ID to prevent cross-account contamination.
  • Access Controls: Team member permissions are enforced by role (Owner, Manager, Viewer).

While we implement reasonable security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

5. Data Retention

  • Active Accounts: We retain your data for as long as your account is active.
  • Deleted Accounts: When you delete your account, we will delete your personal data within 30 days, except where retention is required by law (such as financial records for tax compliance).
  • Backups: Data may persist in encrypted backups for up to 90 days after deletion.
  • Anonymized Data: We may retain anonymized, aggregated data (which cannot identify you) indefinitely for analytics and product improvement.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (subject to legal retention requirements).
  • Export: Export your data in a machine-readable format. becvio provides CSV export functionality within the app for your property, expense, and mileage data.
  • Restriction: Request that we limit processing of your data in certain circumstances.
  • Objection: Object to processing of your data for certain purposes.
  • Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, contact us at privacy@becvio.com. We will respond within 30 days.

7. Cookies and Local Storage

becvio uses minimal cookies and browser storage:

  • Authentication Cookies: Set by Supabase to maintain your login session. These are essential for the Service to function.
  • Local Storage: We store user preferences (theme, onboarding status, portfolio name) in your browser's local storage, scoped to your user ID.
  • No Third-Party Tracking: We do not use third-party advertising cookies. We do not use Google Analytics or Facebook Pixel.

Because we only use essential cookies required for authentication and basic functionality, we do not display a cookie consent banner. If we add non-essential cookies in the future, we will update this policy and implement appropriate consent mechanisms.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we learn that we have collected data from a child under 18, we will promptly delete it. If you believe a minor has provided us with personal data, please contact us at privacy@becvio.com.

9. International Data Transfers

Your data is processed and stored in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We rely on standard contractual clauses and other lawful transfer mechanisms where required by applicable data protection laws.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You can request details about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You can request deletion of your personal information.
  • Right to Opt-Out of Sale: We do not sell your personal information. No opt-out is necessary.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To submit a request, email privacy@becvio.com. We may verify your identity before fulfilling your request.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following applies:

  • Legal Basis: We process your data based on: (a) performance of a contract (providing the Service); (b) your consent (AI features, communications); and (c) our legitimate interests (security, product improvement).
  • Data Protection Officer: For GDPR inquiries, contact privacy@becvio.com.
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice in the Service at least 30 days before the changes take effect. The "Last updated" date at the top of this policy indicates when it was last revised.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

becvio
Email: privacy@becvio.com
For general support: support@becvio.com

© 2026 becvio. All rights reserved.