NestEgg
Privacy Policy
Last Updated: June 9, 2026
At NestEgg (operated by Xenith Technologies, "we", "us", or "our"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, store, process, and safeguard your financial and personal information when you use our web portal, mobile application, and general services.
Privacy-First Architecture: Your financial inputs (assets, liabilities, EMIs, savings rates, and goals) are secured at the database layer using Supabase Row-Level Security (RLS). Nobody except you can access your wealth records.
1. The Information We Collect
To provide you with secure portfolio synchronization, daily net worth compounding projections, and cohort rankings, we collect specific categories of data:
A. Account and Authentication Data
- Google Identity Profiles: When using Google Sign-In, we collect your email address, primary name, and authentication tokens to establish your identity securely.
- Local Credentials: Standard registrations store email addresses and hashed passwords. We do not store plain-text passwords on our servers.
B. Financial Tracking Parameters
- Asset Records: Valuations, custom annual growth rates, names, and categories (such as Bank, Mutual Funds, Gold, Real Estate, and Cash).
- Liabilities and Subscriptions: Loan balances, interest rates, EMIs, monthly burn values, payment due days, and subscription categories.
- Budget Entries and Trips: Financial outflows, target goals, trip logs, names, and credited income parameters.
C. Device and Preferences Configuration
- Local application preferences (Currency choices, Dark/Light modes, biometric lock status, and Pro accent colors) are saved directly in your device’s local Hive database cache to optimize responsiveness.
2. How We Use Your Data
We use the collected information for the following specific purposes:
- To verify active subscription tiers (Free vs. Pro) and lift database entry limitations (lifting the 5 assets and 2 liabilities restriction for Pro accounts).
- To calculate dynamic projections, pro-rated inflows, monthly compounding interest vectors, and "Years to FIRE" forecasts.
- To generate localized calendar insights matching your payment due days.
3. Anonymous Peer Benchmarking Cohorts
One of NestEgg’s premium features is the Cohort Benchmarking framework. If you opt in to comparing your savings metrics against peer cohorts:
- Your exact Net Worth figures, name, email address, and individual account details are **never** shared.
- Your data is aggregated anonymously using cryptographic hashing functions to determine percentile metrics (e.g. comparing savings rates within similar age or salary brackets).
- Your data remains private, and peers will only see aggregated, non-identifiable averages.
4. Secure Payment Processing (Razorpay)
Subscriptions and payment processing for NestEgg Pro are managed securely through Razorpay:
- All card transactions, UPI validations, and recurring Billing Cycles are managed entirely within Razorpay's PCI-DSS compliant ecosystem.
- We do not store, view, or transmit card numbers or banking secrets on our servers. We only store transaction statuses and tokenized billing indicators to activate your Pro privileges.
5. Third-Party Service Integrations
We work with trusted services to host, protect, and power the NestEgg database:
- Supabase Inc: Infrastructure host for our PostgreSQL relational database, Row-Level Security policy engines, and OAuth callback gateways.
- Razorpay Software Ltd: For secure invoice generation, billing setups, and checkout authorization flows.
- Google APIs: For secure OAuth federated authentication.
6. Data Retention and Deletion Rights
You maintain full control over your financial records:
- Clear Local Cache: You can purge all local Hive cache settings directly inside the settings tab.
- Account Deletion: You can submit a deletion request inside settings or contact us. Upon deletion, your entire auth profile, asset tables, liabilities records, and goals data are permanently removed from our PostgreSQL servers, satisfying compliance standards.
7. Policy Modifications
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date at the top.
8. Contact Information
If you have any questions or concerns regarding our privacy architecture, please contact us at **support@xenithtechnologies.com**.