What we collect
Account data (your email, name, hashed password) and the financial records you choose to store (accounts, transactions, budgets, goals). Placeholder copy — replace with real disclosures before launch.
How we use it
Solely to operate the service: authenticate you, render your dashboards, compute reports, and run scheduled jobs (FX refresh, recurring transactions). We do not sell your data, and we do not show you ads.
Where we store it
Application data lives in a managed PostgreSQL database. Connections are encrypted in transit (TLS). Passwords are hashed with bcrypt. Refresh tokens are stored as httpOnly cookies.
Third parties
We use a transactional email provider to send verification and magic-link emails, and a public FX rate source (Frankfurter) to keep exchange rates current. No PII is shared with them beyond what is strictly required to deliver the service.
Your rights
You can export your data at any time via Settings → Export, or delete your account permanently from Settings → Profile. We retain backups for up to 30 days.
Cookies
We use first-party cookies only, strictly for authentication and preference storage (theme, language, selected household). No analytics or advertising cookies.
Contact
Questions or requests? privacy@example.com. See also our Terms of Service.