Privacy Policy & Data Safety
Effective Date: July 17, 2026 | Version 2.1 (Google Play Compliant)
Our Core Privacy Promise
1. Information We Collect
ACRU is a financial utility. We prioritize client-side data isolation. In order to provide synchronization and billing, we interact with the following data classes:
- User Identity Data: Username, email address, and optional phone numbers (managed securely via Supabase Auth for login credentials).
- Financial Feeds (Plaid API): Read-only bank tokens, institutional names, and transactions. Financial credentials (usernames/passwords) are handled directly by Plaid and are never accessed or stored by ACRU.
- Manual Ingestion Data (CSV Porter): Uploaded statement columns are parsed in-memory and committed strictly to the device's local database.
2. How Data is Processed & Shared
All financial ledger analysis, Safe-to-Spend buffers, categorizations, and savings rate benchmark math are computed entirely on your device. We do not transmit transaction payloads to centralized databases for advertising or profiling. Billing operations (Stripe API) and bank feeds (Plaid API) represent the only outbound secure transmission endpoints.
3. Children's Privacy Compliance (COPPA)
ACRU complies strictly with the Children's Online Privacy Protection Act (COPPA) standards and Google Play Families Policies.
4. Data Control & Deletion Rules
You maintain absolute control over your financial history. You can use the **Danger Zone** in the settings panel to wipe the SQLite database or request complete profile deletion. Account deletions purge identity credentials from Supabase Auth and cascade-delete all transaction logs and Plaid connection records from our database in a single transaction.
5. Contact & Compliance
If you have any questions regarding this Privacy Policy or wish to file a compliance request, please contact our privacy officer at **compliance@acru.cloud**.
© 2026 ACRU. Fully compliant with Google Play Personal Financial Services policies.