Privacy Policy
Last updated: April 2026
TruMint (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights under UK GDPR and the Data Protection Act 2018.
1. Who We Are
TruMint is the data controller for personal data collected through this platform. You can contact us at support@trumint.co.
2. Data We Collect
- Account data: name, email address, password (stored as a secure hash)
- Financial data: portfolio holdings, transaction history, tax calculations, net worth figures
- Broker data: data imported via CSV or Plaid — account numbers, balances, trade records
- Usage data: pages visited, features used, session duration
- Device data: IP address, browser type, operating system
- Communications: the content of emails or messages you send to our support team
3. Why We Collect It (Legal Basis)
| Data | Purpose | Legal Basis |
|---|---|---|
| Email, name | Account creation and authentication | Contract performance |
| Financial data | Portfolio tracking, tax calculations | Contract performance |
| Usage data | Improving the service, debugging | Legitimate interests |
| Email address | Service notifications | Contract performance |
| Email address | Marketing emails (only if opted in) | Consent |
| IP address | Security, fraud prevention | Legitimate interests |
4. Third Parties We Share Data With
- Firebase (Google): Authentication and database storage. Google's data processing terms apply.
- Plaid: Bank and broker data connection. Plaid's own privacy policy applies to data you share via their interface.
- EODHD: Market data provider for live prices. No personal data is shared with EODHD.
- Google Cloud Platform: Server hosting. Data is processed within the EU/UK.
We do not sell your personal data to third parties.
5. Data Retention
- Account data: Retained while your account is active. When you delete your account via Account Settings, your account data and all associated personal data are permanently deleted immediately.
- Tax and financial data: Retained for 4 years from the relevant tax year (in line with HMRC record-keeping requirements).
- Usage and log data: Retained for 90 days.
6. Your Rights Under UK GDPR
You have the following rights regarding your personal data:
- Right to access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — ask us to delete your data (“right to be forgotten”)
- Right to restriction — ask us to limit how we process your data
- Right to data portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — withdraw consent at any time where processing is based on consent
Right to erasure (self-serve): You can permanently delete your account and all associated data immediately via Account Settings → Delete Account in the dashboard. No email required.
To exercise any other rights, email support@trumint.co. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk or 0303 123 1113.
7. International Transfers
Firebase and Google Cloud Platform infrastructure may process your data outside the UK. This is covered by Google's Standard Contractual Clauses, which provide an equivalent level of protection to UK data protection law.
8. Cookies
We use cookies and similar technologies to operate the platform. For full details, see our Cookie Policy.
9. Security
We implement industry-standard security measures including encryption in transit (TLS) and at rest. In the event of a data breach, we will notify you and the ICO as required by UK GDPR.
10. Changes to This Policy
We will notify you by email at least 14 days before any material changes to this Privacy Policy take effect. The “Last updated” date at the top of this page always reflects the current version.
11. Contact Us
For any privacy-related questions or to submit a Subject Access Request: support@trumint.co