Privacy Policy

Last updated: April 16, 2026

Elm ("we," "us," or "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our mobile application and website.

Information We Collect

We collect information you provide directly:

• Account Information: Name, email address, and password when you create an account.
• Financial Data: Transaction data, account balances, and financial information you enter manually or connect through Plaid.
• Profile Information: Financial goals, preferences, and settings you configure in the app.
• Communications: Messages you send through Elm AI Coach and feedback you provide.

How We Use Your Information

• To provide and improve our financial tracking services
• To calculate budgets, savings progress, and financial summaries
• To power Elm AI Coach responses
• To send notifications you've opted into (budget alerts, bill reminders)
• To generate tax estimates and financial reports
• To improve our app through anonymous analytics

How We Protect Your Data

• Encryption: All data is encrypted on your device and in transit using 256-bit encryption.
• Credentials: Login credentials are stored in your device's secure Keychain only.
• Read-Only Access: Elm cannot move your money. Bank connections through Plaid are read-only.
• No Data Sales: We never sell, rent, or share your personal financial data with third parties for marketing.
• Anonymous Analytics: We collect only anonymous usage data to improve the app.
• App Switcher Privacy: Amounts are hidden when you switch between apps.
• Biometric Lock: Optional Face ID protection for app access.

Third-Party Services

Plaid: We use Plaid Inc. to connect your financial accounts. When you connect an account, Plaid collects and processes your financial data according to their End User Privacy Policy.

Supabase: We use Supabase for authentication and data storage, which employs industry-standard security practices.

Data Retention

We retain your data for as long as your account is active. You can delete all your data at any time through the Settings page. Upon deletion, all personal and financial data is permanently removed from our systems within 30 days.

Your Rights

• Access and export your data at any time (CSV or PDF)
• Correct any inaccurate information
• Delete your account and all associated data
• Opt out of non-essential communications
• Request information about data we hold about you

Do Not Sell My Personal Information

We do not sell your personal information. Period. Your financial data is yours.

Children's Privacy

Elm is not intended for use by children under 13. We do not knowingly collect information from children under 13.

Changes to This Policy

We may update this policy from time to time. We will notify you of any material changes through the app or by email.

Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@getelm.app.