Privacy Policy
Effective date: April 26, 2026
Overview#
Bonsave is a personal finance dashboard that helps you track your net worth, monitor spending, and receive daily AI-powered financial insights. This policy explains what data we collect, how we use it, and how we protect it.
Information we collect#
Account information
When you create an account, we collect your email address, name, and profile image through our authentication provider, Clerk. We also collect optional financial profile information you choose to provide, including monthly income, annual salary, date of birth, employer retirement match percentage, and financial goals.
Financial data from linked accounts
When you connect a bank or financial institution through Plaid, we receive read-only access to:
- Account names, types, and current balances
- Transaction history (up to 90 days): date, amount, merchant name, and category
- Investment and retirement account holdings
We do not receive or store your bank login credentials, account numbers, or routing numbers. Plaid handles all direct communication with your bank.
Data you create in Bonsave
- Manual holdings (real estate, vehicles, crypto, and other assets or liabilities)
- Budgets and spending categories
- Transaction category overrides
- Interest rate annotations on accounts
Automatically generated data
- Daily net worth snapshots (total net worth, cash, investments, and debt)
- Daily account balance and holding value snapshots
- AI-generated financial insights
- Recurring transaction detection
Mobile app data
When you use the Bonsave iOS app, we additionally collect:
- Apple Push Notification Service (APNs) device tokens, when you opt in to notifications, so we can deliver daily insights and account alerts to your device.
- Subscription and purchase records associated with your in-app purchases. Apple handles the payment itself; we receive transaction identifiers, subscription status, and renewal events through RevenueCat.
- Your appearance preference (light/dark/system) and selected color theme, so the app remembers your choice across launches.
We do not collect your Apple ID, payment instrument, IDFA (advertising identifier), precise location, contacts, photos, or microphone data.
How we use your data#
Your data is used solely to provide the Bonsave service:
- Display your accounts, balances, and net worth
- Track your net worth and spending over time
- Generate personalized AI financial insights
- Detect recurring transactions and track budgets
- Calculate financial projections and retirement benchmarks
We do not sell your data. We do not use your data for advertising. We do not share your data with third parties for their own purposes.
AI insights and Anthropic#
Bonsave generates daily financial insights using the Anthropic Claude API. When generating an insight, we send a computed summary of your financial position to Anthropic. This summary includes aggregated figures such as your net worth breakdown, savings rate, top spending categories, account balances, and your stated financial goals.
We do not send personally identifying information (name, email), raw transaction data, bank account numbers, or Plaid access tokens to Anthropic. Your age is calculated and sent as a number; your date of birth is not transmitted.
Anthropic processes this data to generate insights and does not use it to train their models, per their API data usage policy.
Third-party services#
Bonsave relies on the following third-party services to operate:
Clerk
Handles authentication, session management, and stores your login credentials securely.
Plaid
Connects to your financial institutions and provides read-only access to account data. Your bank credentials are stored by Plaid, never by Bonsave.
Anthropic
Processes aggregated financial metrics to generate personalized insights via the Claude API.
Apple (App Store and In-App Purchase)
Processes payments for iOS subscriptions. Apple shares anonymized transaction identifiers and subscription status (via RevenueCat) so we can grant access to paid features. We never receive your Apple ID, name, or payment information.
RevenueCat
Manages subscription state for the iOS app. We send your Bonsave user ID to RevenueCat to associate your purchases with your account. RevenueCat receives subscription status, transaction history, and Apple-issued purchase receipts.
Expo (push notifications)
Relays push notifications from our servers to Apple Push Notification Service. Your device-issued push token is sent to Expo so notifications can be delivered to your device.
PostHog
Captures product analytics and unhandled exceptions on the web and iOS apps to help us understand usage and diagnose crashes. We send your Bonsave user ID, email, and name so we can correlate sessions to your account, plus standard usage events (screens viewed, lifecycle events) and any uncaught error stack traces. We do not send your financial data, transactions, or AI insights to PostHog.
Neon
Hosts our PostgreSQL database where your account and financial data is stored.
Vercel
Hosts the Bonsave web application. Standard web server logs (IP address, user agent) are collected by Vercel.
Gravatar
We send a hashed (SHA-256) version of your email address to Gravatar to retrieve your profile image. Your email address itself is not sent.
Google Fonts
The Inter typeface is loaded from Google Fonts. This sends your IP address to Google as part of the standard font request.
Data security#
We protect your data through several measures:
- All data is transmitted over HTTPS (enforced by the .app domain)
- Plaid access tokens are encrypted at rest using AES-256-CBC with a random initialization vector
- Database connections use SSL in production
- All API endpoints require authentication
- Multi-factor authentication (MFA) is required for all user accounts
- Your bank credentials are never stored on our servers
Data retention and disposal#
Your data is retained for as long as your account is active:
- Net worth and balance snapshots are stored daily and retained indefinitely to support historical tracking.
- Transaction data is initially synced from your financial institutions for the most recent 90-day window via Plaid, and is then retained indefinitely to support long-term spending history and trend analysis.
- AI-generated insights, manual holdings, budgets, and financial profile data are retained for the life of your account.
When you delete your account, all associated data is permanently and immediately removed from our systems, including your profile, linked accounts, transactions, snapshots, insights, and manual holdings. Backups containing your data are purged on the next backup cycle. We do not retain any personally identifiable information after account deletion.
Plaid access tokens are revoked at the time of account deletion. You can also independently revoke Plaid access at my.plaid.com.
Account deletion#
You can delete your account and all associated data at any time from the Settings page. Deletion is immediate and permanent. All of the following data is removed:
- Your user profile and financial profile
- All linked accounts and Plaid connections
- All transactions, balances, and snapshots
- All manual holdings and their history
- All AI-generated insights
- All budgets and recurring transaction records
Deletion from Bonsave does not automatically close your accounts at your financial institutions or delete your Plaid account. You can revoke Plaid access separately at my.plaid.com.
Children#
Bonsave is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.
Changes to this policy#
We may update this privacy policy from time to time. If we make material changes, we will notify you through the app or by email. Continued use of Bonsave after changes constitutes acceptance of the updated policy.
Contact#
Questions about this policy? Contact us at privacy@bonsave.app.