This Privacy Policy explains how Kova (“Kova”, “we”, “us”, or “our”) collects, uses, stores, and protects personal data when users access or use our financial management services.
Kova provides tools that help businesses connect financial accounts, view balances and transaction history, monitor cash flow, categorize income and expenses, generate reports, and manage business financial information.
By using Kova, you acknowledge that you have read and understood this Privacy Policy.
Kova is operated by:
Baratto & Co Sas di Giovanni Nappa
Via Benedetto Cairoli 66, Napoli NA - 80141, Italy
Contact email: info@barattostore.com
For the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR), Kova may act as a data controller for certain personal data collected through the service.
We may collect the following categories of personal data:
When you create or use an account, we may collect information such as:
When you choose to connect a bank account or financial account, we may collect or access certain financial data, including:
We only collect financial data when you choose to connect a financial account and authorize access through the relevant financial connection flow.
Kova may use Stripe Financial Connections and other Stripe services to allow users to securely connect their financial accounts.
When you provide personal data in connection with Kova, Stripe receives that personal data and processes it in accordance with the Stripe Privacy Policy.
You can read Stripe’s Privacy Policy here: https://stripe.com/privacy
Stripe may process personal data and financial account data to provide financial connection services, verify account ownership, retrieve account information, support payments or transfers where applicable, prevent fraud, ensure security, comply with legal obligations, and provide its services in accordance with its own privacy policy and applicable laws.
We use personal data and financial data for the following purposes:
We do not sell users’ personal data.
Where the GDPR applies, we process personal data based on one or more of the following legal bases:
Users may withdraw consent where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal.
We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.
These measures may include:
However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
We do not sell, rent, or share users’ personal data with third parties for their own marketing, advertising, or independent commercial purposes.
We may make personal data and financial account data available only to trusted service providers, vendors, infrastructure providers, and financial technology partners when strictly necessary to provide, secure, operate, or improve the service, or where required by law.
These service providers and vendors may include:
These service providers and vendors are authorized to process personal data only as necessary to provide services to us, comply with applicable laws, protect the security and integrity of the service, or fulfill our instructions.
We do not allow service providers or vendors to use users’ personal data for their own marketing, advertising, or unrelated commercial purposes.
Personal data and financial data collected through Kova may be stored and processed in the European Union and/or in the United States, depending on the infrastructure, service providers, and financial technology partners used to provide the service.
We do not intentionally store users’ personal data or financial data outside the European Union or the United States.
Some of our service providers, including Stripe, may process personal data in the United States, the European Union, or other locations where they operate, in accordance with their own privacy policy and applicable data protection laws.
Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards required by applicable law, such as Standard Contractual Clauses, adequacy decisions, or other legally recognized transfer mechanisms.
Stripe may process personal data and financial account data in accordance with the Stripe Privacy Policy, available at: https://stripe.com/privacy
We retain personal data only for as long as necessary to provide the service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security.
Financial data may be retained for as long as the user maintains an active account or as otherwise required for legitimate business, legal, accounting, or compliance purposes.
Users may request deletion of their personal data, subject to legal or regulatory retention obligations.
Depending on your location and applicable law, you may have the right to:
To exercise these rights, contact us at: info@barattostore.com
Users may disconnect their financial accounts from the service where this feature is available.
Disconnecting a financial account may stop future access to new financial data, but we may retain previously collected data where necessary to provide the service, comply with legal obligations, resolve disputes, maintain security, or enforce agreements.
Kova is intended for business users and is not directed to children. We do not knowingly collect personal data from children under the age required by applicable law.
We may update this Privacy Policy from time to time. When we make changes, we will update the “Last updated” date at the top of this page.
If changes are material, we may notify users through the service or by other appropriate means.
For questions about this Privacy Policy or how we process personal data, contact us at: info@barattostore.com