NestiFi Privacy Policy

Last Updated: January 29th, 2025

Welcome to NestiFi (“we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile applications, websites, products, and services (collectively, the “Services”). By using the Services, you agree to the collection and use of your information in accordance with this Privacy Policy.

1. Information We Collect

1.1 Personal Information You Provide

We may collect personal information you voluntarily provide to us, including:

1. Account Registration: Name, email address, phone number, date of birth, social security number (or equivalent), mailing address, and other details required for Know Your Customer (KYC) and Anti-Money Laundering (AML) checks.
2. Child Information (Custodial Accounts): Name, date of birth, and any other information needed to create a custodial account in the child’s name.
3. Financial Information: Bank account details, income level, tax bracket, or other financial data required to facilitate deposits, withdrawals, and investments.
4. Communications: Any information you provide when you contact customer support, respond to surveys, or otherwise communicate with us.

1.2 Information Collected Automatically

When you use our Services, we may automatically collect certain information about your device and usage, including:

• Device Information: IP address, device identifiers, operating system, browser type, and unique device identifiers.
• Usage Data: Pages or screens you visit, time spent on those pages, link clicks, and navigation patterns within the app.
• Location Information (if applicable): We may request or collect approximate or precise location data if you allow it in your device settings.

1.3 Information from Third Parties

We may receive additional information about you from:

• Brokerage/Banking Partners: Confirmation of account status, transaction details, balances, or KYC verifications.
• Service Providers: Data aggregators (e.g., Plaid), fraud prevention services, or marketing partners who help us validate information or better tailor our Services.
• Publicly Available Sources: If you choose to connect social media or other public profiles, we may access limited information from those accounts.

2. How We Use Your Information

We use the information we collect to:

1. Provide and Maintain the Services: Open and manage your custodial or brokerage accounts, process transactions, and facilitate contributions from friends/family.
2. Verify Identity and Comply with Regulations: Conduct KYC and AML checks to meet our legal and regulatory obligations.
3. Personalize User Experience: Show customized financial education modules, investment recommendations (if applicable), and content tailored to your goals or your child’s profile.
4. Communicate with You: Send account updates, transaction confirmations, security alerts, customer service messages, and marketing communications (where permitted by law).
5. Improve Our Services: Analyze usage trends, user behaviors, and feedback to enhance product features, security, and user satisfaction.
6. Prevent Fraud and Abuse: Detect, investigate, and mitigate fraudulent or unauthorized activities.
7. Legal Compliance: Enforce our Terms of Service and meet other legal, regulatory, or contractual obligations.

3. How We Share Your Information

3.1 With Our Broker-Dealer or Banking Partners

• We share personal and financial information with our registered broker-dealer partner and/or banking institution to facilitate account opening, transaction processing, and custodial oversight. These partners are subject to confidentiality and security requirements.

3.2 With Service Providers

• We may share information with vendors who perform services on our behalf, such as payment processors, identity verification services, data analytics, marketing agencies, or customer support platforms. These providers are authorized to use your information only as necessary to perform services under contractual obligations that protect your data.

3.3 For Legal and Safety Reasons

• We may disclose information if we believe it’s reasonably necessary to comply with any applicable law, regulation, legal process, or enforceable governmental request. We may also disclose information to investigate potential violations of our Terms of Service or to protect our rights, property, or safety, and that of our users or others.

3.4 In Corporate Transactions

• If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, we may transfer or share your information as part of that transaction.

3.5 With Your Consent

• We may share your information for other purposes not described in this policy if we have obtained your consent.

4. Cookies and Similar Technologies

We use cookies, pixel tags, and similar technologies to:

• Remember your preferences and settings;
• Measure the effectiveness of our marketing campaigns;
• Analyze site/app performance and usage trends.

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Services.

5. Children’s Privacy

NestiFi focuses on helping families invest and save for children. We only collect child-related information that is necessary to open or manage a custodial account under the supervision of an adult.

• Parental Consent: We require the custodial adult’s explicit permission to collect and process the child’s information.
• Usage and Access: Children under 13 (or the applicable age in your jurisdiction) should not use our Services without the involvement and supervision of their parent or guardian.
• Compliance: We comply with the Children’s Online Privacy Protection Act (COPPA) and other relevant regulations where applicable.

If you believe we have collected personal information from a child without proper consent, please contact us at privacy@nestifi.com, and we will take prompt steps to delete such information.

6. Data Security

We take data security seriously and employ industry-standard safeguards to protect your personal information, including:

• Encryption in transit and at rest (where applicable).
• Secure Data Centers with restricted access and monitoring.
• Regular Security Assessments to identify vulnerabilities and enhance our protective measures.

No method of transmission or electronic storage is 100% secure, so we cannot guarantee absolute security. You are responsible for keeping your account credentials safe.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. When we no longer need your information, we will securely delete or anonymize it in accordance with applicable laws.

8. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, such as:

• Access/Correction: Request a copy of your data or correct inaccuracies.
• Deletion: Request deletion of your data, subject to any legal or contractual obligations.
• Opt-Out of Marketing: Unsubscribe from promotional emails or update your marketing preferences.
• Do Not Track Signals: We currently do not respond to DNT browser signals.

To exercise any of these rights, please contact us at privacy@nestifi.com. We may require additional information to verify your identity.

9. International Data Transfers

If you reside outside the United States, your personal information may be transferred to and processed in the U.S. (or other countries) where our servers or third-party service providers are located. We comply with legal requirements for cross-border data transfers, including appropriate safeguards to protect your information.

10. Third-Party Links and Integrations

Our Services may contain links to third-party websites or integrate with third-party platforms (e.g., social media). This Privacy Policy does not apply to data practices of those external sites or services. We encourage you to review the privacy policies of any third parties you interact with.

11. Updates to This Policy

We may occasionally update this Privacy Policy to reflect changes in our practices, technologies, or legal requirements. When we do, we will revise the “Last Updated” date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@nestifi.com
Mailing Address: NestiFi, 599, Lexington Avenue, New York, NY 10022

We will respond to your inquiry as soon as possible.

‍
‍