emori.← Back to app

Contents

Privacy Policy

Last updated: March 14, 2026

1. Introduction

Emori Inc. ("Emori", "we", "us", or "our") operates the website emori.ai and provides an AI-powered bookkeeping and financial intelligence service. We are committed to protecting your personal information and handling it responsibly and transparently.

This Privacy Policy describes what information we collect, how we use it, when we share it, how we protect it, and the choices you have. By using Emori, you agree to the practices described in this policy.

2. Information We Collect

We collect information in the following categories:

Account Information

  • Your name and email address when you register
  • Business name, type, and size as provided during onboarding
  • Billing information processed through our payment provider (we do not store card numbers)
  • Account preferences and settings

Financial Data

  • Bank account and credit card transaction history accessed via Plaid
  • Account balances and account metadata (account names, institution names)
  • Categorized transaction data generated by our AI systems
  • Financial reports and insights generated from your data

Usage Data

  • How you interact with the Emori dashboard and features
  • Features accessed, time spent, and navigation patterns
  • Queries submitted to the Financial Copilot
  • Error logs and performance data used to improve the service

Device and Technical Information

  • IP address and general geographic location (country/province)
  • Browser type and version, operating system
  • Session tokens and authentication identifiers

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To deliver the Emori service — processing transactions, generating your Weekly Brief, powering the Financial Copilot, and detecting financial signals
  • To personalize your experience — customizing reports, benchmarks, and insights to your industry and business size
  • To communicate with you — sending your Weekly Brief by email, account notifications, billing receipts, and service updates
  • To improve Emori — analyzing usage patterns and feedback to improve features and AI accuracy
  • To ensure security and prevent fraud — monitoring for unauthorized access and suspicious activity
  • To comply with legal obligations — meeting Canadian federal and provincial privacy law requirements

We do not sell your personal data or financial data to third parties. We do not use your financial data to train AI models for purposes beyond providing the Emori service to you.

4. Financial Data & Plaid

Emori uses Plaid Inc. ("Plaid") to securely connect your bank accounts and credit cards to the Emori service. Plaid is a trusted financial data aggregator used by thousands of applications including Venmo, Robinhood, and American Express.

  • Read-only access — Emori and Plaid receive read-only access to your transaction data. We cannot initiate transfers or make changes to your accounts.
  • Credentials not stored — You authenticate directly with your bank through Plaid's secure interface. Emori never sees or stores your banking username, password, or multi-factor authentication codes.
  • Plaid's privacy policy applies — When you connect accounts through Plaid, Plaid's own privacy practices also govern how your data is handled during the connection process. You can review Plaid's privacy policy at plaid.com/legal.
  • Revoking access — You can disconnect your financial accounts from within Emori settings at any time, which also revokes Plaid's access to your accounts.

5. Data Security

We take the security of your financial data seriously and implement multiple layers of protection:

  • Encryption in transit — All data transmitted between your browser and our servers is protected by 256-bit SSL/TLS encryption
  • Encryption at rest — Financial data and personal information stored in our databases is encrypted at rest
  • Access controls — Access to production data is strictly limited to authorized personnel on a need-to-know basis
  • SOC 2 compliance — We are working toward SOC 2 Type II certification and follow its security, availability, and confidentiality principles
  • Regular audits — We conduct periodic security reviews and engage third-party security assessors
  • Incident response — We maintain a security incident response plan and will notify affected users of any breach as required by law

No method of electronic transmission or storage is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security. If you discover a potential security issue, please contact us immediately at hello@emori.ai.

6. Data Retention

  • Active accounts — We retain your data for as long as your account is active and for a reasonable period afterward to allow you to re-activate
  • Account deletion — When you delete your account, we will remove your personal data from our active systems within 30 days. Anonymized or aggregated data may be retained indefinitely.
  • Financial transaction records — Transaction data may be retained beyond account deletion to the extent required by the Canada Revenue Agency (CRA) record-keeping requirements or other applicable law
  • Backup data — Data may remain in encrypted backups for up to 90 days after deletion from active systems
  • Legal holds — In cases where data is subject to litigation or legal proceedings, we may retain it beyond our standard periods

7. Your Rights Under Canadian Privacy Law

As a Canadian company, Emori operates under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. You have the following rights regarding your personal information:

  • Right to access — Request a copy of the personal information we hold about you
  • Right to correction — Request that we correct inaccurate or incomplete personal information
  • Right to deletion — Request that we delete your account and associated personal data, subject to legal retention requirements
  • Right to withdraw consent — Withdraw consent for processing where consent is the legal basis, though this may affect your ability to use the service
  • Right to complain — Lodge a complaint with the Office of the Privacy Commissioner of Canada if you believe we have violated your privacy rights

To exercise any of these rights, contact us at hello@emori.ai. We will respond within 30 days. We may need to verify your identity before processing your request.

8. Cookies

Emori uses a minimal set of cookies to operate the service:

  • Authentication cookies — Required to keep you signed in to your account across sessions
  • Preference cookies — Store your settings and preferences (e.g. selected date ranges, display options)
  • Security cookies — Protect against cross-site request forgery and other security threats

We do not use advertising cookies, tracking pixels, or third-party analytics cookies that follow you across other websites. You can manage cookies through your browser settings, but disabling essential cookies will prevent you from signing in to Emori.

9. Third-Party Services

We work with the following third-party service providers, each of whom may process your data as part of delivering the Emori service:

  • Plaid — Secure bank account connection and transaction data aggregation
  • Vercel — Application hosting and edge network infrastructure (United States)
  • Stripe — Payment processing for subscription billing (your payment card data is handled directly by Stripe)
  • Email service providers — Transactional email delivery for your Weekly Brief, account notifications, and communications

Where third parties process your data outside Canada, we take steps to ensure appropriate data protection standards are in place, including data processing agreements that require third parties to protect your information consistent with Canadian privacy law.

10. Children's Privacy

Emori is a business financial management tool intended for use by adults operating businesses. Our service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, please contact us at hello@emori.ai and we will delete that information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Send a notification to the email address associated with your account
  • Display a notice within the Emori app

We encourage you to review this policy periodically. Your continued use of Emori after we post changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or how we handle your personal information, please contact us:

  • Email: hello@emori.ai
  • Company: Emori Inc.
  • Location: Canada

We take privacy inquiries seriously and will respond within 30 days of receiving your request.