Privacy Policy

Acuity ("we", "us", "our") is a personal finance tracking application. This policy explains what data we collect, how we use it, and your rights over it. By using Acuity you agree to the practices described here.

• Account data — your email address and a hashed password (or OAuth token) used to authenticate you.
• Bank transaction data — when you connect a bank via Plaid, transaction records (merchant, amount, date, category) are fetched and stored in your personal account. We do not store your bank credentials; Plaid handles that securely.
• Email receipt data — when you connect Gmail, we request read-only access to scan for financial emails (receipts, invoices). Email body text is sent to our AI provider for transaction extraction and is not stored beyond what is needed to produce a transaction record.
• Uploaded receipts — images and PDFs you upload are sent to our AI provider for extraction and are not stored on our servers after processing.
• Usage preferences — dashboard layout and notification settings you configure.

• To provide and improve the Acuity service.
• To send you notification emails you have opted into (weekly digest, new subscription alerts, large transaction alerts).
• We do not sell your data to third parties.
• We do not use your financial data for advertising.

• Supabase — database and authentication hosting. Data is stored in Supabase's managed PostgreSQL database with row-level security enabled so only you can access your records.
• Plaid — bank connection infrastructure. Plaid's privacy policy applies to data exchanged during bank linking.
• Anthropic — AI-powered extraction. Email text and receipt images are sent to Anthropic for transaction data extraction. Anthropic's data usage policies apply.
• Resend — transactional email delivery for notifications you have opted into.

Your data is retained as long as your account is active. You may delete your account at any time from Settings → Account → Delete Account. Deletion permanently removes all your transactions, connections, and preferences from our database within 30 days.

Depending on your jurisdiction you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict certain processing.
• Data portability.

To exercise any of these rights, contact us at the address below.

We use industry-standard measures including HTTPS, row-level security in the database, and OAuth 2.0 for third-party integrations. No method of transmission or storage is 100% secure; use Acuity at your own risk.

We may update this policy occasionally. We will notify you by email or in-app notification for material changes. Continued use after changes constitutes acceptance.

For privacy questions or data requests, email us at Support@acuity.finance.