Privacy Policy

Introduction and Scope

At duxukyo, we understand that your financial data represents some of the most sensitive information you'll ever share with a service provider. This privacy policy explains exactly how we collect, use, protect, and manage your personal information when you use our AI-driven expense categorization platform.

Our commitment goes beyond mere compliance – we've built privacy protection into the very foundation of our service architecture. Every decision we make about data handling prioritizes your security, transparency, and control over your information.

Information We Collect

Understanding what information we collect helps you make informed decisions about using our services. We collect information in several categories, each serving specific purposes in delivering our AI-driven expense categorization platform.

Account and Profile Information

• Full name, email address, and phone number for account creation and communication
• Company name, business address, and industry type for business accounts
• Billing information including payment method details processed through secure third-party providers
• User preferences, notification settings, and account customization choices

Financial Transaction Data

• Transaction amounts, dates, merchant names, and descriptions from connected accounts
• Bank account information necessary for secure data synchronization
• Credit card and payment processing data for service-related transactions
• Historical expense patterns and categorization preferences for AI model training

Technical and Usage Information

• IP addresses, browser types, operating systems, and device identifiers
• Log files recording system access, feature usage, and error reports
• Performance metrics helping us optimize our AI categorization algorithms
• Communication records including support tickets and feedback submissions

How We Use Your Information

Every piece of information we collect serves specific purposes in delivering and improving our expense categorization services. We're transparent about these uses and commit to never using your data for purposes beyond what's outlined here.

We also use aggregated, anonymized data to improve our AI models and develop industry insights. This process completely removes any personally identifiable information, ensuring your privacy while helping us enhance our services for all users.

Data Sharing and Third-Party Access

We maintain strict controls over who can access your information and under what circumstances. Our approach prioritizes minimal data sharing while ensuring we can deliver comprehensive expense categorization services.

Authorized Service Providers

• Payment processors handling billing and subscription management with industry-standard encryption
• Cloud infrastructure providers maintaining our servers and data storage with enterprise-grade security
• Banking data aggregation services facilitating secure connections to your financial institutions
• Customer support platforms enabling us to provide technical assistance and account management

Legal and Regulatory Requirements

We may disclose your information when required by law, including responses to court orders, government investigations, or regulatory compliance requirements. In such cases, we'll notify you unless legally prohibited and will only share the minimum information necessary to meet legal obligations.

Data Security and Protection Measures

Protecting your financial information requires comprehensive security measures at every level of our platform. We've implemented multiple layers of protection designed to safeguard your data against both external threats and internal vulnerabilities.

Technical Safeguards

• End-to-end encryption for all data transmission using industry-standard TLS 1.3 protocols
• Advanced encryption at rest for all stored data using AES-256 encryption standards
• Multi-factor authentication requirements for all user accounts and administrative access
• Regular security audits, penetration testing, and vulnerability assessments by third-party experts
• Automated monitoring systems detecting unusual access patterns and potential security threats

Operational Security

• Strict access controls limiting employee access to customer data based on job requirements
• Comprehensive background checks for all personnel handling sensitive information
• Regular security training programs ensuring all staff understand privacy protection protocols
• Incident response procedures for immediate action in case of any security concerns

Our security infrastructure undergoes continuous monitoring and improvement. We maintain compliance with industry standards including SOC 2 Type II and follow best practices established by financial services regulatory bodies.

Your Rights and Control Options

You maintain significant control over your personal information throughout your relationship with duxukyo. We've designed our platform to give you meaningful choices about how your data is used and provide straightforward ways to exercise your privacy rights.

Access and Portability Rights

• Request complete copies of all personal information we maintain about you in machine-readable formats
• Download your transaction data, categorization history, and account settings at any time
• Export your data for use with other financial management platforms or personal record-keeping

Correction and Update Rights

• Modify account information, contact details, and preferences through your account dashboard
• Correct transaction categorizations and update merchant classifications in our AI system
• Update billing information and communication preferences at any time

Deletion and Restriction Rights

• Request complete deletion of your account and associated data with verification procedures
• Limit processing of specific data types while maintaining essential service functionality
• Opt out of non-essential data collection and marketing communications

To exercise any of these rights, contact our privacy team at privacy@duxukyo.com. We'll respond to all requests within 30 days and provide confirmation of any actions taken regarding your data.

Data Retention and Deletion

We maintain clear policies about how long we keep your information and under what circumstances we delete data. Our retention periods balance your need for service continuity with privacy protection and regulatory requirements.

When data reaches the end of its retention period, we use secure deletion methods that make recovery impossible. For sensitive financial data, we employ cryptographic erasure and multi-pass deletion techniques exceeding industry standards.

International Data Transfers

As part of providing our AI-driven expense categorization services, some of your data may be processed or stored in countries outside New Zealand. We ensure these transfers maintain the same high level of protection you expect from our domestic operations.

Transfer Safeguards

• All international transfers occur only with countries providing adequate data protection levels
• Contractual agreements with international service providers meeting New Zealand privacy standards
• Additional encryption and security measures for any data leaving New Zealand jurisdiction
• Regular audits of international partners to ensure ongoing compliance with our privacy standards

Currently, we utilize cloud infrastructure providers in Australia and the United States, both jurisdictions with strong privacy frameworks and data protection laws compatible with New Zealand standards.

Cookies and Tracking Technologies

Our platform uses various technologies to enhance your experience and ensure proper functionality of our expense categorization services. We're transparent about these technologies and provide you with control over non-essential tracking.

Essential Cookies

• Authentication cookies maintaining your secure login session throughout your visit
• Security cookies protecting against cross-site request forgery and other security threats
• Functionality cookies remembering your preferences and customization settings

Analytics and Performance

• Usage analytics helping us understand how features are used and identify improvement opportunities
• Performance monitoring detecting system issues and optimizing response times
• Error tracking systems helping us identify and resolve technical problems quickly

You can manage cookie preferences through your browser settings or our cookie preference center. Note that disabling essential cookies may impact the functionality of certain features in our expense categorization platform.

Children's Privacy Protection

duxukyo's expense categorization services are designed exclusively for adults and business use. We do not knowingly collect personal information from individuals under 18 years of age, and our platform is not intended for use by minors.

If we discover that we have inadvertently collected information from someone under 18, we will immediately delete that information and terminate any associated account. Parents or guardians who believe their child may have provided information to us should contact our privacy team immediately.

Privacy Policy Updates

We may update this privacy policy periodically to reflect changes in our services, legal requirements, or privacy practices. Significant changes will be communicated through multiple channels to ensure you're always informed about how we protect your information.

Notification Methods

• Email notifications to all active users at least 30 days before significant changes take effect
• In-platform notifications when you next log into your account
• Updates posted on our website with clear indication of what has changed
• For material changes affecting data use, we may require explicit consent before continuing service

We encourage you to review this policy periodically to stay informed about our privacy practices. The effective date at the top of this document indicates when the current version was last updated.