Privacy Policy

Effective date: June 1, 2026  ·  Last updated: June 9, 2026

BigBankBonus ("we," "us," or "our") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information We Collect

We collect information you provide directly, including:

• Account information (name, email, password)
• Identity verification data (date of birth, last 4 digits of SSN, address) — encrypted at rest
• Bank account information via Plaid (read-only access; we never store your banking credentials)
• Payment information processed by Stripe (we do not store full card or ACH details)

We also collect usage data automatically (page views, feature interactions, device type) and transaction data routed through Plaid.

2. How We Use Your Information

• To operate the platform and personalize your bank bonus offer feed
• To process ACH transfers via Plaid Transfer for direct deposit requirements
• To verify your identity for compliance (KYC/AML)
• To send transactional emails and, with your consent, marketing communications
• To detect fraud and enforce our Terms of Service

3. Data Sharing

We do not sell your personal information. We share data only with:

• Plaid Technologies — for bank linking and ACH transfers
• Stripe — for subscription billing
• OpenAI — anonymized queries for the AI Bonus Agent
• Law enforcement or regulators when legally required

4. Data Security

We use 256-bit AES encryption at rest, TLS 1.3 in transit, and HMAC-signed tokens. SSN digits are hashed immediately on receipt and never stored in plain text. We are SOC 2 Type II compliant.

5. Your Rights (CCPA & GDPR)

You have the right to access, correct, export, or delete your personal data at any time. Submit requests to privacy@bigbankbonus.com. We respond within 30 days.

6. Cookies

We use strictly necessary cookies (session, CSRF) and optional analytics cookies. You may opt out of analytics cookies at any time via your account settings.

7. Data Retention

Account data is retained for the life of your account plus 7 years for regulatory compliance. You may request deletion; compliance-required records are retained per NACHA and BSA regulations.

8. Contact

Questions? Contact our Privacy Officer at privacy@bigbankbonus.com or write to BigBankBonus, Inc., 123 Finance St, Austin, TX 78701.