Skip to main content
Retirement Figures

Privacy Policy

Last updated: July 1, 2026

This Privacy Policy describes how retirementfigures.com ("the Company", "We", "Us", or "Our") collects, uses, and discloses Your information when You use the Service, and explains Your privacy rights.

You choose where your plan data lives. Without an account, it stays in your browser on your device and is never uploaded. If you create an account, your plans are stored on our servers so you can sync them across your devices, and you can optionally encrypt them with a passphrase only you know so that even we cannot read them. Either way, we do not sell, rent, or share your personal data with third parties for marketing or advertising purposes, and we collect only the information described below.

Interpretation and Definitions

Interpretation

Capitalized words have defined meanings as set out below. These definitions apply whether the terms appear in singular or plural.

Definitions

For the purposes of this Privacy Policy:

  • Company (referred to as "the Company", "We", "Us", or "Our") refers to retirementfigures.com.
  • Cookies are small files placed on Your Device by a website, used to store preferences and session information.
  • Device means any device that can access the Service, such as a computer, phone, or tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Account means an optional account You may create, using an email address or a supported sign-in (such as Google), to store and sync Your plans. You may also use the Service without an account, in which case Your plan is stored only on Your Device.
  • Service refers to the Website and the retirement planning application provided through it.
  • Service Provider means any third-party company or individual that processes data on behalf of the Company to facilitate, provide, or support the Service.
  • Usage Data refers to data collected automatically through use of the Service or its infrastructure.
  • Website refers to retirementfigures.com, accessible at https://retirementfigures.com.
  • You means the individual accessing or using the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

Retirement Figures can be used without an account or with an optional account:

  • Without an account, Your planning data - financial account information, income, expenses, and other planning assumptions - is stored only on Your Device (in Your browser's local storage) and is never transmitted to or stored by Us.
  • With an account (created using an email address or a supported sign-in such as Google), We store Your account information (such as Your email address and authentication credentials) and Your planning data on Our servers so You can access and sync Your plans across devices. You may optionally enable end-to-end encryption, in which case Your planning data is encrypted on Your Device before it reaches Us and We cannot read it (see Security of Your Personal Data below).

In addition, We may collect or receive the following:

  • Subscription and billing information - if You subscribe, payment is handled by our payment processor (see below) and We receive limited subscription information (such as status and a customer identifier). An email address You provide at checkout is held by the payment processor.
  • Diagnostics and feedback - if an error occurs or You send feedback, We receive technical error details or the message You submit. These do not include Your planning data.
  • License activation data - to operate the Plus license-key system and discourage sharing, We receive Your license key and a non-identifying installation identifier when Plus is activated on a device.

Optional AI Review: the Service can prepare a copy of Your plan, along with a prompt, for You to paste into a third-party AI assistant (such as Claude or ChatGPT). This happens only if You choose to use the feature; the copying is initiated by You, and any data You paste into a third-party assistant is handled under that provider's terms, not Ours.

Usage Data

Usage Data is collected automatically when using the Service. This includes Your IP address, coarse location derived from it (such as country and city), Your browser's user-agent string, the pages visited, and timestamps. Recent session activity (including Your IP address) is retained only short-term and then automatically deleted; for longer-term unique-visitor statistics We retain only a one-way hashed (non-reversible) form of Your IP address, not the address itself. We do not use browser fingerprinting, advertising identifiers, or cross-site behavioral tracking.

Local Storage and Cookies

Your plan and preferences (such as display settings) are kept in Your browser's local storage on Your Device. If You sign in to an account, We use essential cookies to keep You signed in and to protect against cross-site request forgery; these are not used for advertising or cross-site tracking. Our infrastructure provider (Cloudflare) may set essential security cookies, and our payment processor may set cookies during checkout. None are used for advertising or cross-site tracking.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain the Service, including monitoring usage and performance.
  • To manage Your Account, if You create one, and provide access to features available to You as an account holder, including syncing Your plans across devices.
  • To process subscriptions and payments, including managing billing through our payment processor.
  • To communicate with You regarding account-related updates, security notices, or service communications when necessary, including by email where applicable.
  • To respond to Your requests and provide customer support.
  • To improve the Service using aggregated, non-identifying usage data.

Sharing Your Personal Data

We do not sell, rent, or share Your personal data with third parties for marketing or advertising purposes. We may share information in the following limited situations:

  • With Service Providers: We use third-party service providers to help operate and support the Service. These providers may process data on Our behalf for purposes such as payment processing and subscription management, account sign-in, email communications, hosting and cloud storage, security and content delivery, and other operational support. Our current service providers include Stripe (payment processing), Cloudflare (hosting, storage of account and plan data, email delivery, security, and content delivery), Google (used only if You choose to sign in with Google, in which case We receive Your email address and basic profile information to create or access Your account), and jsDelivr (a public content delivery network from which Your browser loads the in-browser calculation engine; that request exposes Your IP address to the network). Service providers are authorized to use Your data only as needed to perform services for Us.
  • Business transfers: In connection with a merger, acquisition, sale of assets, financing, or sale of the business, Your personal data may be transferred to the acquiring or successor entity as part of that transaction.
  • Legal requirements: We may disclose Your data if required by law or in response to valid legal requests (see Disclosure section below).
  • With Your consent: We may share Your information for other purposes if You give Us explicit consent.

Payment Processing

Subscription payments are processed through Stripe Checkout. When You subscribe to a paid plan, You are directed to a Stripe-hosted checkout page to enter Your payment information. We do not directly collect, store, or process payment card details on Our servers. We may receive limited subscription and transaction information from Stripe, such as subscription status, billing dates, and customer identifiers, which We use for account management, billing recordkeeping, and customer support.


Retention of Your Personal Data

If You use the Service without an account, Your plan data lives on Your Device for as long as You keep it in Your browser; We never receive or store it, so there is nothing for Us to retain or delete. If You have an account, We retain Your account information and plans for as long as Your account is active or as needed to provide the Service, and We delete them when You delete Your account, subject to the limited retention described below. The other records We hold (subscription/billing records and any diagnostics or feedback You submit) are retained only as long as necessary for the purposes described here, including legal, accounting, and security needs.


Transfer of Your Personal Data

Your information, including Personal Data, may be processed on servers located outside Your jurisdiction, where data protection laws may differ. Your use of the Service and submission of information constitutes Your agreement to such transfers.

We take reasonable steps to ensure that Your data is treated securely and in accordance with this Privacy Policy.


Delete Your Personal Data

If You use the Service without an account, Your plan data is stored only on Your Device and You are always in control of it: delete it at any time using the "Delete All Local Data" option in the Service, or by clearing Your browser's storage for this site - no request to Us is needed.

If You have an account, You can delete Your account and the data stored under it using the account management options in the Service, or by contacting Us. For the other records We hold (subscription/billing records, diagnostics, or feedback), You may contact Us to request access, correction, or deletion. We may retain certain information as described in the Retention section above.


Disclosure of Your Personal Data

Business Transfers

If the Company is involved in a merger, acquisition, financing, or sale of assets, Your Personal Data may be among the assets transferred to the acquiring or successor entity. We will make reasonable efforts to notify You before Your data becomes subject to a materially different privacy policy.

Law Enforcement

The Company may be required to disclose Your Personal Data if required by law or in response to valid requests by public authorities.

Other Legal Requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public
  • Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us. We use commercially reasonable measures to protect Your data, but no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

Optional End-to-End Encryption

If You have an account, You can optionally turn on end-to-end encryption for Your cloud plans. When it is enabled, Your planning data is encrypted in Your browser using a passphrase that only You know, before it is sent to Us. The passphrase, and the keys derived from it, never leave Your Device, and We store only the encrypted result. As a result, while encryption is enabled We cannot read Your planning data, cannot access it on Your behalf, and cannot disclose its contents to anyone, including in response to a legal request.

This encryption passphrase is separate from Your account password. Because only You hold it, there is no way for Us to recover it. If You forget Your encryption passphrase, Your encrypted plans cannot be recovered by Us or by anyone else. A plain (unencrypted) backup file that You export from the Service is the only way to recover Your plan in that case, so We strongly encourage keeping a current export somewhere safe.

Encryption is optional and off by default. Whether or not encryption is enabled, We can still see limited non-content information such as that an account has plans, their number and approximate size, and when they were last changed. Exported backup files are not encrypted, so that they remain portable to other tools; treat them as sensitive and store them securely.


Children's Privacy

The Service is not intended for or offered to anyone under the age of 18, and We do not knowingly collect personal data from anyone under 18. If You are a parent or guardian and believe a minor has provided Us with Personal Data, please contact Us so We can take steps to remove that information.



Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

For material changes, We will make reasonable efforts to notify You, such as by posting a notice on the Service. We encourage You to review this Privacy Policy periodically.


Contact Us

If you have any questions about this Privacy Policy, contact us at info@retirementfigures.com.