BEARINGby FundriseSettings
Launch draft · counsel review required

Privacy, in plain language.

Effective July 15, 2026. Bearing is designed to show you your financial picture without turning that picture into an advertising product.

What we collect

We collect the email address you use to sign in; onboarding answers you choose to save; account, balance, holding, transaction, liability, and optional property-address records you link, snap, enter, or attest to; product settings; and security and usage events needed to operate and protect the service.

How account connections work

Plaid handles institution authentication. Bearing receives provider tokens and financial records, not your bank password. Provider tokens are encrypted at rest and are never sent back to your browser. Account numbers are not intentionally stored; limited account masks may be retained to identify and deduplicate accounts.

How Snap works

Uploaded screenshots are read in memory to extract financial facts. The image itself is not written to durable storage and is discarded after processing. We instruct the extraction system to ignore names, addresses, Social Security numbers, routing numbers, and account numbers. You review extracted facts before they are filed.

How AI is used

AI reads documents and drafts prose from a facts pack. Application code calculates every displayed figure. Model providers receive only the information needed for the specific job. We do not permit models to create financial facts or perform displayed arithmetic.

How we use information

We use it to operate Bearing, generate your requested reports, keep connections current, deliver authentication and Brief emails, prevent abuse, measure product reliability, and meet legal obligations. We do not sell personal information or use your financial records for targeted advertising.

Retention and deletion

Financial facts remain until you delete them or your account, subject to narrowly required security, fraud-prevention, and legal records. Snap images are not retained. Expired authentication records and sessions are removed on a rolling schedule. Account deletion removes user-owned records and provider tokens. Backup retirement may take additional time and must be documented before public launch.

Your controls

You can export your records, change Brief cadence, disconnect providers, correct manual or snapped data, and delete your account from Settings. Contact and jurisdiction-specific request instructions must be added before public launch.

Service providers

Expected providers include hosting and database infrastructure, Plaid for aggregation, Resend for email, and an AI model provider for the limited jobs described above. The final production list and data-processing terms must be reviewed before launch.