PointsMax

Privacy Policy

Last updated: June 8, 2026

This Privacy Policy explains how PointsMax (“PointsMax,” “we,” “us,” or “our”), operated by Nathan Jones, collects, uses, and protects your information when you use our website and services (the “Service”). By using the Service, you agree to the practices described here.

1. Information We Collect

Information you provide

  • Account information: your email address and password when you create an account.
  • Financial profile inputs: the monthly spending amounts, cards you own, travel preferences, and planned purchases you enter to generate recommendations. These describe your spending categories; we do not ask for or store full card numbers, bank credentials, or Social Security numbers.

Information collected automatically

  • Usage and device data: pages visited, interactions, approximate location, browser type, and device information, collected through analytics (see Section 5).
  • Cookies and similar technologies: used to keep you signed in and to understand how the Service is used.

2. How We Use Your Information

  • To provide, maintain, and personalize the Service and your recommendations.
  • To create and secure your account and authenticate you.
  • To analyze usage so we can improve features and performance.
  • To communicate with you about your account or the Service.
  • To comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information.

3. How Your Information Is Stored and Secured

Account data and your financial profile are stored using Supabase (database and authentication), and the Service is hosted on Vercel. Access to your records is restricted to your authenticated account through database row-level security. While we take reasonable measures to protect your data, no method of transmission or storage is completely secure.

4. Affiliate Links and Advertising

PointsMax participates in affiliate programs and may earn a commission when you click an “Apply” link and are approved for a card. Affiliate partners may set their own cookies once you leave our site. See our Advertiser & Affiliate Disclosure for details.

5. Third-Party Services

We rely on the following third parties, each with its own privacy policy:

  • Supabase — database, authentication, and storage.
  • Vercel — hosting and privacy-friendly web analytics.
  • Affiliate networks and card issuers — when you choose to apply for a card through an outbound link.

6. Cookies

We use strictly necessary cookies to operate the Service (for example, keeping you signed in) and analytics cookies to measure usage. You can control cookies through your browser settings; disabling some cookies may affect functionality.

7. Your Rights and Choices

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, and to object to or restrict certain processing. California residents have rights under the CCPA/CPRA, and residents of the EEA/UK have rights under the GDPR/UK GDPR. To exercise any of these rights, contact us at privacy@pointsmax.app. You may also delete your account at any time, which removes your stored profile.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we delete or anonymize your personal data within a reasonable period.

9. Children’s Privacy

The Service is not directed to anyone under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can remove it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a revised “Last updated” date.

11. Contact Us

Questions about this Privacy Policy? Contact Nathan Jones at privacy@pointsmax.app.