Privacy Policy | WonderFunds

1. Overview

Protecting your personal data is a core priority. This Privacy Policy explains what data we collect when you use WonderFunds, how we process it, and what rights you have.

WonderFunds is a privacy-first personal finance management service. We do not connect to bank accounts, we delete uploaded raw files after processing, and we encrypt financial data using a DEK/KEK scheme that prevents linking data to your identity even in the event of a database breach.

2. Data Controller

The data controller within the meaning of the GDPR is:

SKAJ Ventures GmbH
Sonnenlandstraße 4
14471 Potsdam
Germany

Managing Director: Stefan Köhn
Email: datenschutz@wonderfunds.org

3. Data We Collect

We collect and process the following categories of personal data:

Data Category	Examples	Purpose
Account data	Name, email address, hashed password, profile picture (Google sign-in)	Authentication, account management
Financial data	Transactions (merchant, amount, date), categories, tags	Core service functionality
Usage data	Page views, feature usage, device type	Service improvement
Payment data	Subscription status, billing history (via Stripe)	Subscription management

We do not collect bank account numbers, PINs, TANs, or any other banking credentials.

4. Legal Basis for Processing

We process your data based on the following legal grounds under the GDPR:

Art. 6(1)(b) GDPR: Contract performance: Processing account and financial data to provide the Service.
Art. 6(1)(a) GDPR: Consent: Processing data through AI-powered features when you actively use them.
Art. 6(1)(f) GDPR: Legitimate interest: Creating anonymized, aggregate statistics; improving the Service; fraud and abuse prevention.
Art. 6(1)(c) GDPR: Legal obligation: Retention of billing data in accordance with tax regulations.

5. Account Data and Authentication

During registration, we collect your name, email address, and a password. The password is stored exclusively as a bcrypt hash. We never have access to your plaintext password.

Alternatively, you can sign up or sign in using your Google account. In this case, Google transmits your name, email address, and profile picture to us. No password is stored for Google-authenticated accounts.

Authentication is handled via NextAuth v5 with JWT-based session management. You can optionally enable two-factor authentication (TOTP or email OTP).

Your email address is used for:

Login and account recovery
Email verification
Notifications about contract changes (e.g., Terms updates)
Optional product notifications (can be unsubscribed)

6. Financial Data and Encryption

Your financial data (transactions, categories, rules) is not directly linked to your user account. Instead, we use a pseudonymous token (userDataToken) protected by a DEK/KEK encryption scheme:

Each user receives an individual Data Encryption Key (DEK).
The DEK is stored encrypted with a Key Encryption Key (KEK).
Financial data and user identity are separated in the database, so even in a breach, no association is possible.

We store only: merchant names, amounts, dates, categories, and tags. No account numbers, IBANs, or other account identifiers.

7. File Upload and Processing

When you upload a file (CSV or PDF), the following happens:

The file is temporarily stored on the server.
Transactions are extracted and added to your encrypted financial data.
The original file is permanently deleted. We do not store bank statements.

This process ensures that sensitive banking documents do not remain on our servers.

8. AI-Powered Processing

WonderFunds uses artificial intelligence for:

Automatic transaction categorization based on merchant patterns
Recurring payment detection
Spending insight generation

AI processing is user-specific. Your data is not mixed with other users' data or used to train general AI models. The AI learns exclusively from your own corrections and rules.

The AI categorization prompt includes guidance about own-transfer patterns. To match transfers between your own accounts, the names of your registered financial sources may be included in the prompt sent to the AI model.

AI-generated results are not shared with third parties and are not used for advertising purposes.

9. Cookies and Local Storage

WonderFunds uses only strictly necessary cookies:

Cookie	Purpose	Duration
Session cookie	Authentication (JWT)	Session / max. 30 days
Locale cookie	Language preference (en/de)	1 year

We do not use tracking cookies, third-party analytics cookies, or advertising cookies.

10. Third Parties and Data Processors

We use the following third-party services:

Provider	Purpose	Data	Location
Vercel	Hosting and serving the web application	IP address, request data	EU (Frankfurt)
PostgreSQL hosting	Database operations	Encrypted account and financial data	EU (Frankfurt)
Stripe	Payment processing	Email, subscription status, payment method	EU (Ireland)
WonderBlogs	AI-powered blog content generation (admin only)	Blog topics and content (no personal user data)	EU
Vercel Blob	Storage of generated blog images	Blog featured images (no personal user data)	EU (Frankfurt)
Google (OAuth)	Optional sign-in via Google account	Name, email address, profile picture (only when you choose Google sign-in)	EU
Cloudflare (Turnstile)	Bot protection on login, registration, and password reset forms	IP address, browser challenge metadata (no cookies, no fingerprinting)	Global (Cloudflare network)

Data processing agreements pursuant to Art. 28 GDPR are in place with all processors. When you sign in with Google, Google transmits your name, email address, and profile picture to us. We do not share any of your financial data with Google. Cloudflare Turnstile is used solely for bot protection on authentication forms. It does not set cookies, does not perform browser fingerprinting, and does not track users across sites.

11. Data Storage Location

All personal data is processed and stored on servers in the European Union, primarily in Frankfurt am Main, Germany.

No data is transferred to countries outside the European Economic Area (EEA).

12. Data Retention

We retain your data only as long as necessary for the respective purpose:

Data Type	Retention Period
Account data	Until account deletion
Financial data (transactions, categories)	Until account deletion
Uploaded files	Deleted immediately after processing
Billing data	10 years (statutory retention obligation per § 147 AO)
Server logs	Max. 30 days

Upon account deletion, all data, including encryption keys, is permanently and irreversibly deleted. Billing data is retained in accordance with statutory requirements.

13. Your Rights

Under the GDPR, you have the following rights:

Right of access (Art. 15 GDPR): You can request information about the data we process.
Right to rectification (Art. 16 GDPR): You can request correction of inaccurate data.
Right to erasure (Art. 17 GDPR): You can request deletion of your data. You can do this yourself via Settings → Delete Account.
Right to restriction (Art. 18 GDPR): You can request restriction of processing.
Right to data portability (Art. 20 GDPR): You can export your data in a machine-readable format (CSV export in Settings).
Right to object (Art. 21 GDPR): You can object to processing based on legitimate interests.
Right to lodge a complaint: You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is the State Commissioner for Data Protection and the Right to Inspect Files of Brandenburg.

14. Minimum Age

WonderFunds is intended for persons aged 18 and older. We do not knowingly collect personal data from minors. If we become aware that a minor has created an account, we will promptly delete the account and associated data.

15. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy as needed, particularly when the Service or legal requirements change. Material changes will be communicated to you via email or a notice within the Service.

The current version is always available at wonderfunds.org/privacy.

16. Contact

For questions about data protection or to exercise your rights, please contact:

SKAJ Ventures GmbH
Sonnenlandstraße 4
14471 Potsdam
Email: datenschutz@wonderfunds.org