Privacy Policy

Last updated: 2026-05-10

What we collect

• Your email — to log you in and send subscription alerts.
• Your bank-transaction history — pulled via Plaid, used only to detect recurring charges. We never see your bank login or password — Plaid handles auth and gives us a read-only token.
• Anonymous product analytics — page views, click events. No PII is sent to analytics providers.

What we don’t do

• We never sell your data. Ever.
• We never share your transaction data with advertisers, brokers, or third parties.
• We don’t train AI models on your transactions.

Where your data lives

Encrypted at rest in Supabase (Postgres on AWS, US region). Plaid access tokens are encrypted with a separate key. Transactions older than 24 months are pruned automatically.

Delete everything

Visit /delete-my-data any time. We delete your account, transaction cache, and revoke the Plaid token within 24 hours.

Contact

Email hello@quitly.xyz with any privacy questions.