Privacy Policy

WhenIm64™ (“we”, “our”, or “us”) is a retirement planning application that helps individuals navigate Medicare enrollment, Social Security timing, Roth conversions, and tax-efficient withdrawal strategies. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

By using WhenIm64, you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.

Account information: When you create an account we collect your name, email address, and (if you choose password sign-in) a securely hashed password. You may also sign in via Google OAuth, in which case we receive your name and email from Google.

Profile information: To personalise your retirement plan you may provide your date of birth, ZIP code, tax filing status, biological sex (used for life expectancy calculations), and spouse details. All of this is voluntary and can be updated or deleted at any time.

Financial planning inputs: The Planning optimizer accepts income figures, account balances (IRA, Roth, taxable), Social Security estimates, and living-expense estimates. These are stored in our database solely to power your projections and are never sold or shared with third parties for marketing.

Brokerage data (Premium): If you connect a brokerage account via SnapTrade, we receive and store account names, balances, and holdings data on your behalf. SnapTrade acts as the OAuth intermediary; we do not receive your brokerage login credentials.

Usage data: We collect standard server logs including IP address, browser user-agent, pages visited, and timestamps. This information is used for security monitoring and debugging, not for individual tracking.

• To provide, personalise, and improve the WhenIm64 service
• To calculate retirement projections, tax estimates, and Medicare plan recommendations
• To send transactional emails (account verification, two-factor authentication codes, password reset)
• To detect and prevent fraud, abuse, and security incidents
• To comply with legal obligations

We do not sell your personal information. We do not use your financial planning data for advertising targeting.

WhenIm64 displays advertisements served by Google AdSense. Google AdSense uses cookies and similar tracking technologies to serve ads based on your prior visits to this and other websites. Google's use of advertising cookies enables it and its partners to serve ads based on your visit to WhenIm64 and/or other websites on the Internet.

You may opt out of personalised advertising by visiting Google Ads Settings or aboutads.info. You can also opt out of a third-party vendor's use of cookies for personalised advertising by visiting the Network Advertising Initiative opt-out page.

Ads are only shown to users on the free plan. Premium subscribers see no third-party advertising.

We use the following third-party services to operate WhenIm64:

• Google OAuth — optional sign-in via Google account. Governed by Google's Privacy Policy.
• Google AdSense — advertising platform for free users. Uses cookies for contextual and interest-based ad serving. See Google's Advertising Policy.
• Resend — transactional email delivery (verification codes, password reset). Resend receives your email address solely to deliver these messages.
• SnapTrade — brokerage OAuth connection for Premium portfolio import. SnapTrade's Privacy Policy governs their handling of your brokerage credentials.
• Turso (SQLite) — our cloud database provider. All data is stored in US data centres and encrypted at rest.

We retain your account and profile data for as long as your account is active. If you delete your account, we will delete or anonymise your personal information within 30 days, except where retention is required for legal compliance or fraud prevention.

Server log data is retained for up to 90 days. Aggregated, anonymised analytics may be retained indefinitely.

We use industry-standard security practices including HTTPS encryption in transit, bcrypt password hashing, and encrypted storage of sensitive values. We support two-factor authentication (email OTP and TOTP authenticator apps) for all accounts.

No method of electronic transmission or storage is 100% secure. We encourage you to use a strong password and enable two-factor authentication on your account.

You may at any time:

• Access or update your profile data on the Account page
• Delete individual financial planning inputs from the Planning and Dashboard pages
• Request a copy or deletion of all your data by contacting us (see below)
• Opt out of personalised ads via Google Ads Settings or browser cookie controls

If you are located in the European Economic Area or California, you may have additional rights under GDPR or CCPA. Please contact us to exercise them.

WhenIm64 is intended for adults planning for retirement and is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date at the top of this page. Continued use of WhenIm64 after a change constitutes acceptance of the revised policy.

If you have questions or requests regarding this Privacy Policy, please use our contact form or email us directly. We aim to respond within 5 business days.