Privacy
What we do with your data. What we'll never do.
The legal privacy policy is comprehensive and binding. This page says the same things in plain English — so you know exactly what you're signing up for before you read the fine print.
Six commitments. Written down. Held to.
What we'll never do.
- 01
We'll never sell your data.
Not to lenders, not to advertisers, not to data brokers, not to anyone. Our business model is a paid subscription — yours to end any time.
- 02
We'll never show you ads.
No banner ads. No sponsored categories. No "recommended credit cards" slot in the sidebar. You paid us. We work for you, not the advertiser.
- 03
We'll never share your transactions with lenders, advertisers, or data brokers.
Your transaction history stays inside Arden. It doesn't get aggregated, anonymized-and-sold, or handed to partners "to improve your experience."
- 04
We'll never require a bank login to use Arden.
Plaid is an option, not a gate. CSV import is a first-class flow — every feature works without connecting a single account.
- 05
We'll never prevent you from exporting every piece of data we hold about you.
Full CSV and JSON export is available from Settings → Privacy & Data Export. Every transaction, budget, category, account, and holding. One click.
- 06
We'll never use dark patterns to keep you subscribed.
Cancel in one click, no "talk to a human" wall. Your data exports before you cancel, not after. Re-subscribe any time at the same price.
Commitments updated April 2026. Changes to this list are announced at least 30 days in advance via email to every active user.
Where your data moves
From your file. To your eyes. That's the whole list.
Four stages. No detours. No third-party analytics on the pages where your financial data lives.
01
Your CSV file
Lives on your device. Uploaded by you, only when you choose.
02
Your browser
Parsed in-page on your device. We never receive the raw file or your bank login.
03
Your encrypted database row
Scoped to your user ID alone. Encrypted at rest. Never pooled, never aggregated.
04
Nowhere else
No third-party analytics. No data brokers. No lender pipelines. No ad networks.
Every piece of data we touch
Five categories. No vague “etc.”
If something collects data, it's on this list. If it's not on this list, it doesn't happen.
01
Your email address and password
- When
- At signup
- Where it lives
- Our database, hosted on Neon (US region). Password is bcrypt-hashed — we never see the plaintext.
- Why
- So you can log in. We use email for account-recovery and critical notices only. No newsletters without your explicit opt-in.
02
Transactions you enter or import
- When
- When you upload a CSV, type a transaction, or connect a bank
- Where it lives
- Our database, scoped to your user ID. Never pooled with other users' data.
- Why
- To show you the budget, net worth, and reports. That's it.
03
Bank and brokerage account info, if you use Plaid
- When
- Only when you explicitly connect an account — Plaid is optional
- Where it lives
- Plaid receives your credentials directly; we never see them. Plaid sends us balances, transactions, and holdings.
- Why
- To keep your balances and transactions in sync without manual imports. You can skip Plaid entirely and work from CSVs.
04
Stock ticker symbols
- When
- When you hold investments in Arden
- Where it lives
- We send ticker symbols to Finnhub to get live prices. No personal info, no account data — just "AAPL, VTI, BRK.B".
- Why
- So the investments page shows prices that matter today, not whatever price you last pasted in.
05
Standard server logs (IP, browser, URL)
- When
- Automatically, like every website
- Where it lives
- Server logs, retained short-term for security and debugging.
- Why
- Rate limiting, abuse detection, and understanding when something breaks. No third-party analytics on the pages where your financial data lives.
The fine print, for when you want the fine print.
This page is the human version. The documents below are what you legally agreed to when you signed up.