🐚 CowrieOS

Privacy Policy

Plain-English version first; the principle throughout: your financial data is yours

What we collect

What you type: household members, incomes, assets, liabilities, insurance policies, goals, and planning assumptions. What we derive: plan calculations, recommendations, and net-worth snapshots. In the personal (self-hosted) edition, all of it lives in a local database on your own machine and never reaches our servers.

What leaves your machine

Three things, each only when you use the feature: (1) fund-name searches and NAV lookups sent to public mutual-fund data services (scheme names only — never amounts); (2) AI advisor questions, sent with a summary of your plan to Anthropic’s Claude API to generate the answer, subject to Anthropic’s data-use commitments; (3) nothing else. CAS statements are parsed locally and are never uploaded.

Your rights (DPDP-aligned)

Access and portability: export every table as JSON from Settings at any time. Correction: edit anything in the app. Erasure: delete the database (personal edition) — there is no copy; the hosted edition will provide one-click account deletion. We will never sell, rent, or share your financial data with advertisers, lenders, insurers, or distributors — the subscription is the business model, and that is a product commitment, not just a policy.

How your data is protected

Encryption in transit (TLS) and at rest. On top of that, the most sensitive free-text fields — the Continuity Kit’s notes on where your will, documents and passwords are kept — are encrypted at the application layer with AES-256-GCM, so even a database dump shows only ciphertext for those fields. We hold the key, so this is “strong-pragmatic,” not zero-knowledge: it defends against breaches and stray access, but we are not claiming we technically cannot read your data. (A true operator-blind “Vault” mode, where computation moves to your device and we hold only ciphertext, is on the roadmap.) We never log or store financial amounts in analytics.

Hosted edition (when it launches)

Will add: account authentication, India-region data residency (Mumbai), a designated grievance officer and contact, breach notification per the Digital Personal Data Protection Act, 2023, and this policy will be versioned with notice of changes before any payment is taken.

Cookies & analytics

The personal edition uses no cookies, trackers, or analytics. The hosted edition will use only session cookies for login and privacy-respecting, aggregate product analytics — never third-party ad trackers.