Privacy Policy

Arete Money is a personal finance application that helps you understand your spending, track your savings rate, detect recurring charges, and monitor your financial health over time. Arete Money is operated by John Muirhead (“we,” “us,” or “our”).

If you have questions about this policy or your data, contact us at support@aretemoney.com.

Account Information

When you create an account, we collect the information you provide directly:

• Your name and email address.
• A password (stored only as a cryptographic hash — we never store your password in readable form).
• Profile information you choose to add (such as financial goals or preferences).

Financial Information

When you connect a bank or credit card account through Plaid (see “Financial Data and Plaid” below), we receive and store:

• Account names, types (checking, savings, credit card), and balances.
• Transaction history, including amounts, dates, merchant names, and categories.
• Institution names (e.g., “Chase,” “Bank of America”).

We do not receive or store your bank login credentials, account numbers, or routing numbers. We access your financial data on a read-only basis — Arete Money cannot move money or make changes to your accounts.

Usage and Device Information

When you use Arete Money, we automatically collect:

• Basic device information (browser type, operating system, screen size).
• IP address and approximate location (country/region level, not precise).
• Pages visited and features used within the app.
• Error logs and performance data to diagnose issues.

We do not use tracking pixels, third-party advertising cookies, or cross-site tracking.

Communication Information

If you contact us for support or we send you service-related emails (such as invite links or password resets), we retain those communications to provide and improve our service.

• Directly from you — when you create an account, set preferences, or contact support.
• From Plaid — when you connect a financial account through Plaid's secure Link widget (see below).
• Automatically — when you use the app, through standard web and mobile application logging.

We use the information we collect to:

• Provide the service — display your accounts, transactions, balances, health signals, trends, and insights.
• Detect patterns — identify recurring charges, spending anomalies, and savings opportunities.
• Maintain security — authenticate your identity, prevent abuse, enforce rate limits, and log administrative actions.
• Improve the product — analyze usage patterns in aggregate (not tied to individual users) to understand which features are useful.
• Communicate with you — send service-related messages such as invite links, password resets, and important notices.

We do not use your financial data for advertising, credit decisions, or any purpose unrelated to providing Arete Money's features to you.

Arete Money uses Plaid Inc. (“Plaid”) to connect your financial accounts. When you tap “Connect Account,” Plaid's secure Link widget opens. You enter your bank credentials directly into Plaid's interface — your login information is transmitted to your bank by Plaid and never passes through or is stored on Arete Money's servers.

After you authorize the connection, Plaid transmits your account information and transaction history to Arete Money. We use this data solely to power the features described in this policy.

Plaid's collection and use of your information is governed by Plaid's own End User Privacy Policy, available at https://plaid.com/legal/#end-user-privacy-policy. We encourage you to review it.

You can disconnect your financial accounts at any time through Arete Money (see “Data Deletion” below) or by visiting Plaid's consumer portal at my.plaid.com.

We do not sell, rent, or trade your personal or financial information.

We share information only in these limited circumstances:

• Service providers — We use a small number of third-party services to operate Arete Money, including Supabase (database and authentication), Vercel (hosting), Resend (transactional email), Plaid (financial data), Anthropic (AI-powered transaction categorization and spending insights), and Sentry (error monitoring and performance). These providers receive only the data necessary to perform their function. Transaction data sent to Anthropic is used solely for categorization and explanation and is not retained by Anthropic for training.
• Legal requirements — We may disclose information if required by law, regulation, legal process, or enforceable governmental request.
• Safety and fraud — We may share information if we believe in good faith that it is necessary to prevent fraud, protect safety, or enforce our Terms of Service.

We do not share your financial data with other users, advertisers, data brokers, or any party for marketing purposes.

We retain your account information and financial data for as long as your account is active and you maintain connected financial accounts.

Disconnecting an account: When you disconnect a financial account within Arete Money, we stop receiving new data for that account from Plaid and remove the connection on Plaid's side. Previously received transaction and account data is retained to preserve your historical insights unless you request deletion.

Deleting your account: You may delete your account and all associated data directly from the Settings page within Arete Money, or by emailing support@aretemoney.com. When we process a deletion request:

• Your account and profile information are permanently deleted.
• Your financial data (accounts, transactions, derived metrics) is permanently deleted from our systems.
• Connections to your financial institutions are removed from Plaid.
• Primary data is deleted within 24 hours. Backup copies, if any, are purged within 30 days.

Data export: You may download a copy of your financial data (accounts and transactions) at any time from the Settings page.

Some information may be retained if required by law (for example, records related to legal disputes or regulatory obligations).

We take reasonable measures to protect your information, including:

• Encryption in transit — All data transmitted between your device, our servers, and third-party services uses TLS encryption.
• Encryption at rest — Plaid access tokens are encrypted in our database using server-side encryption functions. Financial data is stored in a managed database with encryption at rest.
• Access controls — Administrative access to production systems is restricted and protected by multi-factor authentication.
• Audit logging — Administrative actions are logged with timestamps and actor identification.
• Rate limiting — API endpoints are protected by durable rate limiting to prevent abuse.

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at support@aretemoney.com.

Depending on where you live, you may have specific rights regarding your personal information under state privacy laws, including the California Consumer Privacy Act (CCPA) and similar laws in Virginia, Colorado, Connecticut, and other states.

Your Rights

• Right to know — You can request details about what personal information we collect, how we use it, and who we share it with.
• Right to delete — You can request deletion of your personal information. You can do this directly from Settings or by contacting us.
• Right to data portability — You can download a copy of your financial data from Settings at any time.
• Right to opt out of sale — We do not sell your personal information to any third party, so there is nothing to opt out of.
• Right to non-discrimination — We will not treat you differently for exercising any of these rights.

To exercise any of these rights, use the self-service options in Settings or contact us at support@aretemoney.com. We will respond to verifiable requests within 45 days.

Arete Money is not intended for children under 18. We do not knowingly collect information from anyone under 18. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you by email or through the app.

Your continued use of Arete Money after changes take effect constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy, your data, or how to exercise your rights, contact us at:

Email: support@aretemoney.com

Arete Money is operated by John Muirhead, based in the United States.