Privacy policy

(Last updated July 25, 2025)

This privacy policy explains how Elixir SAS collects, uses, shares, and protects your personal data when you use the Affluent SaaS platform.

1. Who we are

Elixir SAS ("we", "our", "us") operates the Affluent SaaS platform. We act as the data controller within the meaning of the EU GDPR (Regulation (EU) 2016/679).

2. What personal data we collect and how we use it

We only collect personal data necessary for providing and improving the Affluent SaaS platform. This includes:

a. Contact and identification information

Collected to create and manage your account, and to communicate with you:

  • Full name (first and last name)
  • Phone number
  • Email address (also used for authentication)
  • Date of birth

b. Financial profile information

Collected to provide personalized financial planning and analysis features:

  • Self-reported financial data, including:
    • Income
    • Assets
    • Investments
    • Other relevant financial indicators

This data is provided voluntarily by you and used only within features such as wealth tracking and financial planning.

c. Technical and usage data

Collected automatically when you use our website or application, for product improvement and security purposes:

  • IP address
  • Device and browser information
  • Activity logs and user interactions
  • Cookies and similar tracking technologies

We do not collect more data than necessary, and you retain control over optional or consent-based processing (e.g., cookie preferences).

3. Data sharing & processors

We do not sell your personal data. We may share it with trusted processors essential for service delivery:

  • Supabase (database, file storage, authentication system)
  • PostHog (website and application analytics)
  • Stripe (payment processing and subscription management)
  • Sentry (error monitoring and application debugging)

4. Data retention period

We retain your personal data only for as long as necessary to fulfill our contractual obligations. In case of account cancellation or deletion request, your data will be deleted within a reasonable timeframe, unless legal retention requirements apply.

5. Your rights under GDPR

In accordance with GDPR, you have the following rights:

  • Access, rectification, deletion or restriction of processing of your data
  • Data portability in a structured format
  • Withdrawal of consent or objection to processing
  • Lodge a complaint with a supervisory authority

To exercise your rights, contact us at the details below. We will respond without undue delay and within one month at the latest.

6. Security measures

We implement technical and organizational measures to protect your personal data, including encryption of data in transit and at rest, access controls, and audit logs. Only an authorized and restricted team can access data for support or debugging purposes, with your explicit consent.

7. Cookies and tracking

We use cookies and web analytics tools (via PostHog) to understand product usage and improve your experience. Some essential cookies are necessary for login and functionality. You can manage your preferences through your browser settings, but refusing certain cookies may impair service functionality.

8. International transfers

In case of data transfers outside the EU/EEA, these are carried out only to countries with appropriate safeguards (e.g., standard contractual clauses, adequacy decisions) in accordance with GDPR.

9. Changes to this policy

We reserve the right to modify this Privacy policy. In case of substantial changes, we will notify you in advance (by email or in-app notification). Continued use of the Service after the update implies your acceptance.

Affluent | Privacy policy