Privacy Policy
Last updated: January 31, 2026
At UseKYN, privacy isn't a feature—it's our foundation. We built this app because we believe you deserve financial clarity without surveillance. This policy explains exactly what we collect, how we use it, and what we will never do.
🔒 Our Privacy Commitment
- Your financial data is anonymized before AI processing
- We have zero advertising partners
- We never sell, rent, or share your data for marketing
- When you delete your account, all data is removed immediately
What We Collect
Account Information
When you create an account, we collect:
- Email address
- Name (optional)
- Password (securely hashed, never stored in plain text)
Financial Data
When you connect your financial accounts, we receive:
- Account balances and types
- Transaction history (typically 12-24 months)
- Liability details (loans, credit cards, mortgages)
- Investment holdings and balances
We never receive or store your bank login credentials. Account connections are handled securely by Plaid (see Third-Party Services below).
Usage Data
We collect basic analytics to improve the app:
- Features used and frequency
- App performance metrics
- Crash reports
How We Use Your Data
Your data is used solely to provide UseKYN's features:
- Displaying your financial dashboard and money flow
- Generating AI-powered insights (with anonymized data)
- Tracking progress toward your financial goals
- Calculating debt payoff strategies
- Monitoring your investment portfolio
- Sending you important account notifications
Third-Party Services
We use carefully selected third-party services to power UseKYN. Here's exactly what each one does with your data:
Plaid (Bank Connections)
We use Plaid Inc. to securely connect your financial accounts. When you link an account:
- You authenticate directly with your bank through Plaid's secure interface
- Plaid retrieves your transaction history, balances, and account information
- We receive this data from Plaid—we never see your bank login credentials
- Plaid processes your data under their own Privacy Policy
OpenAI (AI Features)
Our AI chat assistant uses OpenAI to generate financial insights. Before any data is sent to OpenAI:
- We remove your name, email, and account identifiers
- We replace specific merchant names with generic categories
- We strip account numbers and other personally identifiable information
- OpenAI receives anonymized financial patterns only
OpenAI does not use API data for model training. See OpenAI's API data usage policy.
Amazon Web Services (Infrastructure)
Our app infrastructure runs on AWS, including:
- Cognito for secure authentication
- RDS for encrypted database storage
- KMS for encryption key management
All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
RevenueCat (Subscriptions)
We use RevenueCat to manage subscriptions. They process payment status and subscription state but do not access your financial data. See RevenueCat's Privacy Policy.
What We Will Never Do
🚫 We will NEVER:
- Sell your data to advertisers or data brokers
- Share data with marketing partners
- Use tracking pixels or ad network integrations
- Record your screen or session activity
- Ignore Do Not Track browser signals
- Send your raw financial data to AI without anonymization
- Retain your data after you delete your account
Unlike many finance apps, we have zero advertising relationships. No ad networks. No marketing partners. No "interest-based advertising." Your data exists to serve you—not to profile you.
Data Retention & Deletion
While Your Account is Active
We retain your data as long as your account is active to provide our services. Transaction data syncs continuously from Plaid to keep your dashboard current.
When You Delete Your Account
All personal data is removed immediately when you delete your account:
- Your Plaid connections are revoked (we call Plaid's /item/remove API)
- Your encrypted access tokens are cleared
- Your database records are permanently deleted via cascade delete
- Your authentication is removed from our identity provider
We maintain minimal audit logs for compliance purposes (recording that a deletion occurred) but these contain no financial data.
Your Rights
| Right | How to Exercise |
|---|---|
| Access your data | View all your data in the app, or request an export via Settings |
| Correct your data | Update your profile and preferences in the app |
| Delete your data | Delete your account in Settings → Account → Delete Account |
| Disconnect accounts | Remove linked accounts anytime in Settings → Linked Accounts |
| Opt out of AI features | Disable AI insights in Settings → Privacy |
| Opt out of analytics | Disable analytics in Settings → Privacy |
California Residents (CCPA)
If you're a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to know what personal information we collect and how it's used
- Right to delete your personal information
- Right to opt-out of the sale of personal information (we don't sell data, but you can still submit this request)
- Right to non-discrimination for exercising your rights
To exercise these rights, email support@usekyn.com.
Security
We implement comprehensive security measures:
- Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Key Management: Encryption keys managed via AWS KMS with automatic rotation
- Authentication: Secure authentication with optional biometric login
- No credential storage: We never store your bank login credentials
- Access controls: Strict internal access controls and audit logging
Children's Privacy
UseKYN is not intended for users under 18. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us immediately.
Changes to This Policy
We may update this policy periodically. We'll notify you of material changes via email or in-app notification before they take effect. Continued use after changes constitutes acceptance.
Contact Us
Questions about privacy? We're here to help.
- General support: support@usekyn.com