ROE EngineROE Engine
Back to Home

Privacy Policy

Last updated: March 13, 2026

Overview

ROE Engine ("we," "our," or "us") respects your privacy. This policy explains what information we collect, how we use it, and your choices regarding your data. We are committed to protecting your personal and financial information.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored as a salted, one-way hash). If you enable two-factor authentication, we store an encrypted TOTP secret.

Property & Financial Data

You voluntarily enter property details, mortgage terms, operating expenses, and transaction records. This data is used solely to calculate portfolio metrics and generate recommendations. We never access your bank accounts, brokerage accounts, or credit reports.

Usage Data

We collect standard web analytics data including pages visited, feature usage, browser type, and device information. This helps us improve the product and diagnose issues.

Cookies & Local Storage

We use essential cookies for authentication and session management. We use local storage to save your UI preferences (e.g., table column order, theme settings). We do not use third-party advertising cookies.

How We Use Your Information

  • Portfolio Analytics: Calculate ROE, DSCR, cash flow, cap rate, and other metrics based on the data you provide.
  • Recommendations: Generate refinance, hold, and sell recommendations using your property data and current market rates.
  • Market Data Integration: Pull publicly available mortgage rates from the Federal Reserve (FRED API) to power refinance analysis.
  • Account Management: Manage your subscription, send transactional emails (e.g., password resets), and provide customer support.
  • Product Improvement: Analyze usage patterns in aggregate to improve features and fix bugs.

What We Don't Do

  • We never sell, rent, or share your personal or financial data with third parties for marketing purposes.
  • We never access your bank accounts, brokerage accounts, or credit reports.
  • We never use your property data to train machine learning models or for purposes unrelated to your account.
  • We never display third-party advertising.

Data Security

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Passwords are hashed using bcrypt with per-user salts. Two-factor authentication secrets are encrypted with AES-256-GCM. We follow SOC 2 security practices including access controls, audit logging, and rate limiting on all authentication endpoints.

Third-Party Services

We use the following third-party services to operate ROE Engine:

  • Stripe (payments): Processes subscription payments. We never store your full credit card number — Stripe handles all payment data under PCI DSS compliance.
  • Vercel (hosting): Hosts the application and serves static assets.
  • FRED API (market data): Federal Reserve Economic Data, a public data source for mortgage rates and economic indicators. No user data is sent to FRED.

Data Retention

Your data is retained as long as your account is active. If you cancel your subscription, your data is preserved but inaccessible until you reactivate. You may request full account deletion at any time by contacting support — we will permanently delete all your data within 30 days.

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and download your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to certain types of data processing
  • Data portability (export your data in a standard format)

To exercise any of these rights, contact us at privacy@roeengine.com.

Children's Privacy

ROE Engine is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email or an in-app notification. Continued use of the service after changes constitutes acceptance of the revised policy.

Contact Us

If you have questions about this privacy policy or your data, contact us at privacy@roeengine.com.