Avagance Advisor App — Privacy Policy

Last updated: 6 July 2026

Avagance Advisor for iOS and Android — for UK financial advisers and their firm staff.

This policy covers the Avagance Advisor mobile app. It sits alongside our Website Privacy Notice, Cookie Notice and Compliance & Data Protection page, which govern the wider platform, the full sub-processor list, international transfers and cookies. Where this app policy and those pages differ, the wider-platform detail applies.


1. Who we are

Bro In Finance Ltd (trading as Avagance, referred to here as "Avagance", "we", "us" or "our") provides the Avagance Advisor app. We are registered in England and Wales under company number 15991387, registered office 128 City Road, London, EC1V 2NX. We are a software provider for UK financial advice firms and are not FCA-authorised; we do not provide financial advice.

Data-protection / privacy contact: policy@broinfinance.com (person responsible for data protection: Mr Ranepura Ranepura).

The app is a companion to the Avagance web platform. Accounts are created by your firm on the web (invite only) — the app is sign-in only. New users cannot register in the app.


2. What the app is for

A read-and-light-action tool for advisers: view your client book, portfolios, meetings, escalations and compliance items; log calls, tasks and meetings; and use Ava, our AI assistant. It is a window onto the same platform your firm already uses on the web.


3. Data the app collects and processes

Your account data

Your name, email address, user ID, role and firm — used to sign you in and show your profile.

Authentication

When you sign in, your session is held as secure httpOnly cookies in the device's native cookie store — the app does not store your password. A copy of your profile (name, email, firm) is cached on the device so the app opens quickly; this is not a credential.

Your clients' data (processed on behalf of your firm)

Because you are an adviser, the app shows data about your clients — people who are not the app's user. This can include names, contact details and household make-up; financial data (portfolios, holdings, AUM, tax wrappers, risk profiles, goals); compliance and vulnerability information (which may touch health or capacity); and meetings, notes and escalations. We process this only to provide the service to your firm, on your firm's instructions.

Meeting recordings (only when your firm enables the feature)

If your firm enables meeting capture and you start a recording, the app records audio of the meeting on the device and uploads it to secure storage for transcription and an AI summary. Recording only proceeds after consent is captured (in line with FCA COBS 11.8 and UK GDPR), and it requires microphone permission. This feature is off by default.

Ava (AI assistant)

Your typed messages to Ava — and, if your firm enables Ava voice, your spoken messages — together with relevant on-screen context, are sent to our AI provider to generate answers. Please do not enter anything into Ava that you would not want processed by an AI service. Ava's output is assistive only and must be reviewed by a qualified adviser before it is relied on or sent to a client.

Device permissions the app may request

What the app does NOT collect

No location, no contacts, no photos, no calendar, no camera, and no health-app data. No advertising identifier, no third-party analytics SDK, no crash-reporting SDK, and no tracking of you across other apps or websites.


4. Who we share data with

We use the processors below to run the app; each receives only the data its function needs. They act under contract and only on our instructions.

Processor Purpose Data it receives
Google Cloud Hosting, database & file storage; stores meeting recordings Service data; meeting audio
OpenAI Ava assistant (chat and, if enabled, voice) Messages & on-screen context you send to Ava
Deepgram (EU region) Meeting transcription (speech-to-text) Meeting audio
Stripe Firm subscription & billing Firm billing data (not client holdings)
Resend Transactional email (sign-in, invitations) Email addresses & message content

The app runs on the wider Avagance platform. The full, current sub-processor list — which also includes providers such as Modal (machine-learning compute) and Cloudflare (security) — and the applicable UK/EEA data-residency and international-transfer safeguards are set out in our Website Privacy Notice and our DPA.

We do not sell personal data.


5. How we protect data

Data is encrypted in transit (HTTPS/TLS) and at rest (provider server-side encryption). Sessions use httpOnly cookies with CSRF protection; any stored firm integration credentials are encrypted (AES-256-GCM). Access is role-based and least-privilege, and multi-tenant-isolated so each firm's data is kept separate. The optional biometric app-lock is enforced entirely on the device. Customer data is backed up regularly (encrypted), and we test our ability to recover it as part of business-continuity planning.


6. How long we keep data

We keep personal data only for as long as necessary for the purposes above and to meet legal, regulatory (including FCA record-keeping), tax and accounting obligations. In outline:

When personal data is no longer needed, we securely delete or anonymise it.


7. Your rights (UK GDPR)

Subject to the conditions and exemptions in UK data-protection law, you have the right to access, rectify, erase, restrict or object to the processing of your personal data, and to data portability. Because adviser accounts are created and managed by your firm:

You may also complain to the UK supervisory authority, the Information Commissioner's Office (ICO)ico.org.uk, helpline 0303 123 1113.


8. Children

The app is a professional tool and is not directed at children or intended for anyone under 18. Any data about a firm's clients (who may in limited cases include minors, e.g. a Junior ISA) is processed only as a processor on the firm's instructions.


9. Changes to this policy

We may update this policy from time to time. When we do, we will change the "Last updated" date above and, where appropriate, notify you.


10. Contact us

Bro In Finance Ltd (trading as Avagance) · Company number 15991387 (England and Wales) Registered office: 128 City Road, London, EC1V 2NX Person responsible for data protection: Mr Ranepura Ranepura · policy@broinfinance.com ICO registration reference: ZC187167