Privacy Policy

Last updated: 8 March 2026

Introduction

Welcome to Trusty ("we", "our", "us"). We are committed to protecting your personal data and being transparent about how we collect, use, and store it.

This Privacy Policy explains what information we gather when you use the Trusty personal finance application ("App"), how we use it, and your rights regarding your data.

By using Trusty, you agree to the collection and use of your information in accordance with this policy. If you do not agree, please do not use the App.

Information We Collect

1. Account Information

When you sign up, we collect:

  • Email address
  • Display name (if provided)
  • Authentication credentials (managed via Supabase Auth)

2. Financial Data

To provide our services, we may collect:

  • Transaction entries you create (amounts, categories, descriptions)
  • Budget and financial goal information
  • Recurring transaction details
  • Bank connections and synced transaction data (via Plaid or Basiq)

2a. Bank Data via Plaid

If you connect a bank account via Plaid (available in the US, Canada, UK, and EU), Plaid facilitates a secure connection between your bank and Trusty. Your bank login credentials are entered directly into Plaid's secure interface — Trusty never sees them. We receive a secure access token, transaction data (amounts, dates, merchant names, categories), account balances, and basic account details (account type, last 4 digits). We do not access full account numbers.

2b. Bank Data via Basiq & Consumer Data Right (CDR)

If you connect a bank account in Australia or New Zealand, we use Basiq as our accredited data recipient intermediary. Basiq operates under Australia's Consumer Data Right (CDR) legislation, which provides additional protections for your bank data.

When you connect via Basiq:

  • You provide explicit consent through Basiq's secure consent flow before any data is accessed.
  • We collect transaction data (amounts, dates, descriptions, categories), account balances, and basic account details necessary to provide the App's features.
  • Your bank login credentials are handled entirely by Basiq — Trusty never sees or stores them.
  • CDR data is only used to provide you with the services described in this policy. We do not use CDR data for marketing, advertising, or any purpose beyond operating the App.
  • CDR data is not sold, shared with third parties, or used for profiling.

Withdrawing CDR Consent: You may withdraw your consent to share bank data at any time by disconnecting your bank account within the App (Profile → Bank Connections → Disconnect), or by contacting us at support@trustyfinance.app. Upon withdrawal, we will cease collecting new data from your bank and delete all previously collected CDR data within 30 days, unless required by law to retain it.

3. Device & Usage Data

We may automatically collect:

  • Device type, OS version, and app version
  • Crash reports and performance data
  • General usage patterns to improve the app experience

How We Use Your Information

We use your data to:

  • Provide, operate, and maintain the App
  • Sync your financial data across devices
  • Generate personalised insights and AI-powered analysis
  • Process subscription payments (via RevenueCat / Apple / Google)
  • Improve the App through aggregated, anonymised analytics
  • Respond to support requests and feedback

How We Store Your Data

Your data is stored securely using Supabase (hosted on AWS infrastructure) with Row Level Security (RLS) enabled. This ensures that only you can access your own data.

Bank connection tokens (via Plaid or Basiq) are encrypted and stored separately. We never store your bank login credentials. Bank statement files uploaded for import are processed and then deleted — we do not retain the original files.

All API communications occur over HTTPS. Passwords are hashed and managed by Supabase Auth — we do not store plain-text passwords.

Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete all associated data within 30 days, except where we are required by law to retain it.

Bank data retention: Synced bank transaction data is retained for as long as your bank connection is active and your account exists. If you disconnect a bank account or withdraw consent, we will delete the associated bank data within 30 days. You can request earlier deletion by contacting us.

Sharing Your Data

We do not sell your data. We may share data with:

  • Supabase — for database hosting and authentication
  • Plaid — for bank account connections in the US, Canada, UK, and EU (only if you use this feature)
  • Basiq — for bank account connections in Australia and New Zealand under CDR legislation (only if you use this feature)
  • RevenueCat — for subscription management
  • Anthropic (Claude) — for AI-powered insights and categorisation (anonymised data only)

We do not sell, rent, or share your financial data with advertisers, data brokers, or any other third parties. CDR data collected via Basiq is never used for purposes beyond providing the App's features.

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent at any time (including CDR consent for bank connections)
  • Object to certain types of data processing

To exercise these rights, contact us at support@trustyfinance.app. We will respond within 30 days.

Data Deletion Process

You can request deletion of your data in the following ways:

  • Delete your account: Go to Profile → Settings → Delete Account. This will permanently delete all your data within 30 days.
  • Disconnect a bank: Go to Profile → Bank Connections → Disconnect. This revokes consent and triggers deletion of synced bank data within 30 days.
  • Email us: Send a deletion request to support@trustyfinance.app and we will process it within 30 days.

Children's Privacy

Trusty is not intended for use by children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes through the App or by email. Continued use of the App after changes means you accept the updated policy.

Contact Us

If you have any questions about this policy, you can reach us at:

support@trustyfinance.app
trustyfinance.app

Trusty — trustyfinance.app