The short version
We collect the minimum information needed to run the service: your email, first name, and the retirement plans you save. We don't sell your data. We don't share it with marketers. You can delete your account and everything in it at any time.
What we collect
Account information
- Email address — for login, password reset, and important service notifications
- First name — to personalize the interface
- Password — stored as a salted, hashed value (we never see your actual password)
Plan data
- The retirement-planning inputs you enter (age, savings, Social Security amount, etc.)
- The calculated outputs we generate from those inputs
- Names you give to saved plans (e.g. "Retire at 62")
This data lives in your account so you can return to it later. We do not analyze it for marketing or share it with third parties.
Payment information
We do not collect or store your credit card details. Payments are processed by Stripe, who is PCI-compliant. We only receive a record that a payment occurred so we can grant you Pro access. Stripe's privacy policy governs how they handle your card data.
Technical data
Like virtually every website, our hosting provider records standard server logs (IP address, browser type, page accessed, timestamp). We use these only to debug problems and prevent abuse. We do not use third-party advertising trackers or cookies for marketing.
How we use your data
- Run the service — log you in, save your plans, calculate retirement projections
- Process payments — through Stripe, for the one-time Pro upgrade
- Send essential emails — password resets, payment receipts, occasional important service notices. We do not send marketing emails unless you opt in
- Improve the product — using aggregate, anonymized usage data (e.g. how many users typed in their inputs) — never your specific plans
Who we share data with
The bare minimum needed to operate. These are our only data processors:
- Supabase — database hosting and authentication. Privacy policy
- Vercel — application hosting. Privacy policy
- Stripe — payment processing. Privacy policy
- Resend — transactional email delivery. Privacy policy
- Cloudflare — domain and DNS. Privacy policy
We do not sell, rent, or trade your personal data. We do not share it with advertisers, data brokers, or marketing companies.
How long we keep your data
For as long as your account is active. If you delete your account (see below), we delete your profile, plans, and all associated data within 30 days, except where we're legally required to retain certain records (e.g. payment receipts for tax purposes, which Stripe retains separately).
Your rights
You have the right to:
- Access your data — visit your account page to see everything we have on you
- Correct inaccurate data — edit your plans and account info anytime
- Delete your account — email us at support@silver-clarity.com and we'll permanently delete your account and all associated data within 30 days
- Export your data — request a copy of everything we have on you in JSON format
- Opt out of non-essential email — we don't send marketing email by default, but if you ever do receive one, every email has an unsubscribe link
If you're a California resident, you have additional rights under the CCPA. If you're in the EU/UK, you have rights under GDPR. Email us to exercise any of these rights.
Cookies
We use a small number of essential cookies to keep you logged in. These are necessary for the service to function. We do not use third-party tracking cookies, advertising cookies, or analytics that identify you personally.
Children's privacy
Silver Clarity is intended for adults planning their retirement. We do not knowingly collect data from anyone under 18. If you believe a child has signed up, contact us and we'll delete their account.
Security
We use industry-standard practices to protect your data:
- HTTPS encryption on every page
- Passwords stored as salted bcrypt hashes (we cannot recover them)
- Database access protected by Row-Level Security policies — even our own systems can't read another user's data without proper authentication
- Payment processing isolated to Stripe's PCI-compliant infrastructure
That said, no online service is 100% secure. If we ever experience a data breach affecting your information, we'll notify you within 72 hours.
Changes to this policy
If we make material changes, we'll email you and post a notice on the site at least 30 days before they take effect. Minor clarifications and edits will be reflected in the "Last updated" date at the top.
Contact
Questions about this policy or how we handle your data? Email support@silver-clarity.com.