We Only Keep What We Need.

When you sign up: your email address and a hashed password (we never see the plain password). Optionally, your name and display currency.

When you use the app: the transactions, budgets, categories, and goals you create. AI insights are generated from this data on demand and cached for a short window so we don't re-spend tokens.

When you sign in or attempt to sign up: a timestamp, your email (if provided), and the IP address of the request. We use this only for rate-limiting and abuse detection.

No analytics tracking pixels, no third-party advertising trackers, no fingerprinting. We do not connect to your bank, your wallet, or any third-party financial service.

Only you. We do not share your transactions with anyone. AI insight generation sends your aggregated category totals to Google's Gemini API to produce the editorial summary — that request goes over TLS and is governed by Google's API privacy terms. We do not include personally identifying information in those requests.

The database is hosted on Supabase (Singapore region). The app runs on Vercel. Backups are encrypted at rest. We do not maintain copies of your data outside these providers.

As long as you have an account. Delete your account from Settings and we delete the underlying records permanently within 30 days (sometimes faster, depending on backups).

You can export your data, correct it, or delete your account at any time. Email us if anything in the app doesn't let you do that directly — we'll help.

We use a single session cookie to keep you signed in, and a preference cookie that remembers your language choice. No third-party cookies.

Email hello@monark.app. Privacy questions get answered first.