Privacy policy

Your core financial data stays close to you.

Catalyst Cash is built around local-first storage, optional connections, and a simple promise: we do not sell your personal data or use your financial data to build advertising profiles. The app keeps your core financial records on your device. When you use Plaid, AI, rewards, or backup features, some data leaves the device because those features need a network service to work. When you use AI features, the app sends only the context needed for useful guidance through the Catalyst Cash backend proxy to the selected model provider. Card names, merchant context, and money amounts may be included so answers stay specific; private account identifiers and access details are left out. Your raw financial payloads are not stored on our servers. The backend logs a short scrubbed excerpt of the AI response (up to 600 characters) for service reliability; this fragment never contains account numbers, balances, or other raw financial data. The backend also keeps daily usage counts for AI requests and Plaid refreshes by internal user ID so we can monitor costs and abuse without storing prompts, responses, or raw financial payloads in the usage tracker.

Effective date: 2026-03-05 | Last updated: 2026-04-30
Stored locally

Accounts, debts, renewals, history

Your balances, debts, budgets, settings, and audit history live on-device by default.

Not for sale

No data selling or ad profiles

Catalyst does not sell your personal data and does not use your financial data to build advertising profiles.

Sent only when used

Scrubbed AI, Plaid, and rewards requests

AI requests, Plaid-linked account sync, and location-based rewards helpers only run when you choose to use those features.

Excluded from backup

Secrets stay out of manual exports

Passcodes, API keys, device IDs, and subscription state are excluded from manual backups.

What We Handle

What data exists, where it lives, and why.

1

Information stored on your device

  • Manually entered financial data such as balances, debts, card metadata, renewals, goals, and notes.
  • Audit results, dashboard history, settings, and local reminders.
  • Optional chat history, unless privacy mode is enabled.
2

Information sent when you use AI features

  • Before an audit or AskAI chat sends data to an AI service, the app asks for your AI Data Consent in the app.
  • When you run an audit or AskAI chat after consenting, the app sends a scrubbed and minimized request through the Catalyst Cash backend proxy. The request can include useful context such as card names, merchant descriptions, balances, deadlines, and goals so the answer is not generic.
  • Private account identifiers, access details, and sensitive number patterns are excluded or redacted before the request is sent.
  • The proxy forwards the request to the selected production AI provider, currently OpenAI.
  • OpenAI states that data sent to its API is not used to train or improve OpenAI models by default unless the customer explicitly opts in. Catalyst does not opt in to training on your API data.
  • OpenAI may retain API abuse-monitoring logs for up to 30 days unless a longer period is legally required. Catalyst also logs only the short scrubbed response excerpt described below for reliability.
  • Your raw financial payload is not stored on our servers. A short scrubbed excerpt of the AI response (up to 600 characters, no account numbers or balances) is logged for service reliability analysis and automatically purged after 30 days on a rolling basis.
  • For cost and abuse monitoring, the backend records daily aggregate AI usage by internal user ID, feature, model, request count, token count, and success/error count. It does not store prompts, chat messages, AI responses, or raw financial payloads in this usage table.
3

Optional Plaid connection

  • If you connect accounts with Plaid, your bank credentials are entered into Plaid's interface, not ours.
  • Plaid may provide balances, account metadata, and transaction data to Catalyst so your local records stay more current.
  • Catalyst uses Plaid-linked data to power app features you choose, not to sell your data or build advertising profiles.
  • Plaid's data handling is governed by Plaid's End User Privacy Policy.
4

Optional location-based rewards

  • If you allow location access, Catalyst Cash can use your approximate nearby context to help identify merchants and suggest the strongest card before you pay.
  • Location access is optional, permission-based, and used for app functionality rather than advertising or tracking.
  • You can disable location access at any time in iOS Settings.
5

Purchases and entitlement checks

  • Subscriptions are handled through Apple and RevenueCat.
  • For entitlement verification, the app may send a RevenueCat app user identifier to the backend.
  • This verification path does not require sending your financial dataset.
6

Chat retention and privacy mode

  • Chat messages are stored locally and auto-expire after 24 hours.
  • Sensitive patterns are scrubbed before any local chat persistence.
  • If privacy mode is enabled, chat content is not written to disk.
7

Backups, encryption, and secure storage

  • Passcodes and similar secrets are stored with native secure storage when available.
  • Optional backups use encryption, and manual exports intentionally omit sensitive keys.
  • Factory reset clears local financial data and security-sensitive local state.
8

Operational telemetry

  • In production, Catalyst Cash may send scrubbed funnel milestones, support-risk events, and error diagnostics to help keep the app reliable.
  • Telemetry is designed to avoid raw financial details, account numbers, contact details, API keys, and access tokens. The backend also redacts high-risk patterns before telemetry context is stored.
  • These events may include a device identifier, timestamp, app action label, sanitized context, stack trace, or user-agent details.
  • Plaid and AI usage ROI tracking is limited to daily aggregate counts by internal user ID, feature/source, model, institution item, and estimated cost inputs. Admin reports avoid exposing raw AI prompts, responses, access tokens, or account payloads.
9

What we do not do

  • We do not sell your personal data.
  • We do not use your financial data for advertising profiles.
  • We do not sell Plaid-linked account data, AI prompts, chat content, audit history, or manually entered financial data.
  • We do not store raw financial payloads on our servers. Only a short scrubbed AI response excerpt is logged for reliability; it is purged after 30 days on a rolling basis. Usage tracking stores operational counts and token totals, not the underlying financial content.
10

Your choices

  • Use manual entry instead of Plaid.
  • Clear chat history, audit history, or all app data at any time.
  • Enable privacy mode and use a passcode or Face ID for tighter local protection.
11

Security measures

  • Native secure storage is used for passcodes and comparable sensitive local values where available.
  • API requests use a secured backend proxy instead of exposing provider keys in the app.
  • Manual backup import rejects known sensitive keys that should never be restored from export files.
12

Policy changes and contact

  • We may update this policy as the product evolves.
  • Material changes will be reflected with a new effective date on this page.
  • Questions can be sent to support@catalystcash.app.
Related Pages

Read the full product guide and the terms too.

Privacy only makes sense when it matches the product and the legal language. The guide and terms pages are kept in sync with the same shipping behavior.

Read the Guide View Terms