Privacy Policy

Last Updated: February 23, 2026

1. Introduction

Disco Financial Distribution, Inc. ("Disco," "we," "us," or "our") operates the Disco mobile application. This Privacy Policy explains how we collect, use, and protect your information when you use our app.

By using Disco, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account Information

  • Full name
  • Email address
  • Phone number
  • Date of birth
  • State and ZIP code
  • Occupation

Financial Information

  • Bank account details (collected via Plaid)
  • Account balances
  • Transaction history

Device Information

  • Device type and operating system
  • Push notification tokens
  • App usage and interaction data

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your Disco account
  • Connect to your external bank accounts via Plaid
  • Detect income deposits and categorize transactions
  • Automatically split your income into spending, tax reserve, and savings
  • Send you notifications about account activity
  • Respond to your requests and provide customer support
  • Improve and develop our services

4. How We Share Your Information

We share your information only with trusted partners necessary to provide our services:

  • Plaid Inc. — To securely connect your bank accounts. Plaid accesses your bank data with read-only permissions. Your bank credentials are never stored by Disco.
  • Supabase — To securely store and process your account data with encryption at rest.
  • Sentry — To monitor app performance and errors. No financial data is sent to Sentry.
  • Banking Partners — If and when banking features are enabled, to create and manage deposit accounts and process transfers.

We do not sell your personal information to third parties.

We may also disclose information if required by law or to protect our legal rights.

5. Data Security

We take the security of your information seriously:

  • All data is encrypted in transit using TLS
  • Sensitive data is encrypted at rest using AES-256 encryption
  • Bank connections use Plaid's bank-level security infrastructure
  • Your bank credentials are never stored by Disco
  • Access to personal data is restricted to authorized personnel only

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal information within 30 days, except where we are required by law to retain it.

7. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Delete your account and personal data
  • Opt out of marketing communications

To exercise these rights, contact us at support@getdisco.io.

8. Children's Privacy

Disco is not intended for users under 18 years of age. We do not knowingly collect information from anyone under 18.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy in the app or sending you an email.

10. Contact Us

If you have questions about this Privacy Policy, contact us at:

Email: support@getdisco.io