Privacy Policy

Last updated: November 2024

Privacy First Approach

Wealth Guardian is designed with privacy at its core. By default, all data processing is stateless - your files are analyzed in memory and immediately discarded.

1. Information We Collect

Account Information

When you create an account, we collect your email address and encrypted password. This is used solely for authentication purposes.

Financial Data (Stateless)

For free users and non-persisted sessions, uploaded CSV files and receipt images are processed entirely in memory. The data is analyzed, insights are generated, and then the data is immediately discarded. No copies are retained.

Financial Data (Pro Persisted)

Pro users who explicitly choose to save their data will have:

  • Receipt OCR text stored (always, if saved)
  • Parsed transaction data stored
  • Original receipt images stored only if STORE_RECEIPT_IMAGES is enabled

2. How We Use Your Information

  • To provide and improve our financial analysis services
  • To authenticate your account access
  • To process subscription payments
  • To send important service-related communications

3. Data Security

We implement industry-standard security measures including:

  • HTTPS encryption for all data transmission
  • Encrypted password storage using secure hashing algorithms
  • Secure database connections
  • Temporary file storage in /tmp with immediate deletion

4. Third-Party Services

We use the following third-party services:

  • Stripe: For payment processing. Your payment information is handled directly by Stripe and never stored on our servers.
  • OCR Services: Receipt images may be sent to OCR providers (Tesseract local, or optional cloud OCR) for text extraction. Only the image content is transmitted, and it is not retained by these services.

5. Data Retention

Stateless Data: Immediately deleted after processing.

Account Data: Retained until you delete your account.

Persisted Data (Pro): Retained until you delete individual receipts/sessions or your entire account.

6. Your Rights

You have the right to:

  • Access your stored data
  • Delete individual receipts and sessions
  • Delete your entire account and all associated data
  • Export your data
  • Opt out of non-essential communications

7. Cookies

We use essential cookies for session management and authentication. These cookies are necessary for the service to function and cannot be disabled.

8. Children's Privacy

Wealth Guardian is not intended for use by children under 13. We do not knowingly collect information from children under 13.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or through the service.

10. Contact Us

For privacy-related questions or concerns, please contact us through our support channels.