Privacy Policy
Last updated: May 12, 2026
1. Who We Are
Tamias is operated by an individual based in the Netherlands, who acts as the data controller responsible for your personal data. There is no registered legal entity behind Tamias at this time. If you have any questions about this policy or how we handle your data, contact us at [email protected].
2. What Data We Collect
We may collect the following categories of personal data:
Information you provide directly
- Name and email address (e.g., when signing up or contacting us)
- Account credentials
- Payment information (processed securely via third-party providers)
- Any content or messages you submit through our platform
Information collected automatically
- IP address and approximate location
- Browser type, device type, and operating system
- Pages visited, time spent, and navigation paths (via cookies and analytics)
- Referral URLs
Financial account data (core service data)
- Bank account balances, transaction history, and account metadata retrieved via Open Banking connections (Rabobank, ABN AMRO, and other supported banks)
- Investment portfolio holdings, valuations, and transaction records (e.g., from Interactive Brokers, B3 file uploads)
- Asset and liability data you enter manually
EU bank connections are made through Enable Banking Oy (Finland), a licensed Account Information Service Provider (AISP) under PSD2. Enable Banking retrieves your bank data on our behalf under their own authorisation. Once retrieved, that data is stored and processed by Tamias under this policy.
Information from third parties
- Data from social login providers (e.g., Google, GitHub) if you choose to authenticate through them
3. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Providing and improving our services | Performance of a contract |
| Sending transactional emails (e.g., receipts, alerts) | Performance of a contract |
| Sending product updates and newsletters | Consent (you may opt out at any time) |
| Analyzing usage to improve the product | Legitimate interests |
| Complying with legal obligations | Legal obligation |
| Preventing fraud and ensuring security | Legitimate interests |
4. Cookies and Tracking
We use cookies and similar tracking technologies to operate our services and understand how users interact with our website.
- Essential cookies — required for the site to function (no consent needed)
- Analytics cookies — help us understand usage patterns (requires consent)
- Preference cookies — remember your settings and choices (requires consent)
You can manage cookies by configuring your browser settings. Note that disabling non-essential cookies may limit some features of the Service.
5. Sharing Your Data
We do not sell your personal data. We may share it with:
- Service providers acting on our behalf (e.g., hosting, analytics, payment processing), bound by data processing agreements
- Legal authorities when required by law or to protect our rights
All third-party providers are required to handle your data securely and in accordance with applicable data protection laws.
6. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes described in this policy, or as required by law. When your data is no longer needed, it is securely deleted or anonymized.
If you close your account, we will delete your data within 30 days, except where retention is required for legal or compliance reasons.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure — request deletion of your data ("right to be forgotten")
- Restriction — ask us to limit how we process your data
- Portability — receive your data in a machine-readable format
- Objection — object to processing based on legitimate interests
- Withdraw consent — at any time, where processing is based on consent
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
If you are located in the EU/EEA, you also have the right to lodge a complaint with your local Data Protection Authority (DPA).
8. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS/HTTPS) and at rest
- Access controls and authentication requirements
- Regular security reviews and monitoring
No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
9. International Transfers
Your data may be processed in countries outside your own. Where we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
10. Children's Privacy
Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we will notify you via email or a prominent notice on our website.
We encourage you to review this policy periodically.
12. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy, please reach out:
- Email: [email protected]