Privacy Policy
Your privacy is foundational to Savyy. This policy applies to both our website (savyy.net) and our mobile application. It explains what we collect, how we use it, and the choices you have.
Our Privacy Commitment
At Savyy, protecting your personal data is our top priority. Our mission is to use technology to help you manage your finances — to reclaim your banking and transaction data, understand it, and optimize your financial strategy. We collect certain personal data to fulfill this mission and provide you with the best possible service. Because we understand the importance and sensitivity of personal data, we comply with the latest data protection requirements, and we do not sell, and will never sell, your personal data to third parties.
- ✓Your data is never sold to third parties
- ✓Your data is never used to train external AI models
- ✓All sensitive data is encrypted with AES-256-GCM
- ✓We operate our own servers and database infrastructure
We collect and use only the personal data necessary for our operations and the purposes listed below, enabling us to provide you with personalized services tailored to your profile.
Account Information
- Identification data: name, email address, profile image
- Authentication data: encrypted passwords, OAuth tokens (Google, Apple)
- Session data: IP address and user agent for security purposes
Financial Data (when you connect your bank)
- Bank account information: account names, types, balances, currency, IBAN (encrypted)
- Transaction details: dates, amounts, descriptions, merchant names, payment status
- Connection data: consent status, synchronization timestamps
- User preferences: custom categories, budgets, alert configurations
Technical & Usage Data
- Navigation data: pages visited, features used, errors encountered
- Device information: browser type, operating system, mobile identifiers
- Performance data: response times, usage patterns for service improvement
We process your data for the following purposes, each with a specific legal basis:
Provide and maintain the Service (account management, bank synchronization, transaction display)
Contract performanceAutomatic transaction categorization with AI (using anonymized data only)
Legitimate interestSecurity measures: fraud prevention, rate limiting, abuse detection
Legitimate interestService improvement: analytics, performance monitoring, bug fixes
Legitimate interestLegal compliance: responding to legal requests, regulatory requirements
Legal obligationOur AI-powered categorization system is designed with privacy as its foundation. We operate our own AI infrastructure using open-source models — your data never leaves our control and is never used to train any external AI system.
How our privacy-first AI works:
- Anonymization: Before any AI processing, we remove all personally identifiable information (account numbers, IBANs, credit card numbers, phone numbers, email addresses). Merchant names are hashed using SHA-256.
- HMAC Signature: All requests are cryptographically signed with a timestamp and have a 5-minute validity window to prevent replay attacks.
- Local Processing: Our AI runs on our own dedicated infrastructure using open-source models. No data is sent to external AI providers.
- Result Mapping: Categorization results are mapped back to your transactions. Raw AI payloads are never logged.
What is sent to our AI (all anonymized):
- Merchant hash (not the actual merchant name)
- Sanitized description (all PII replaced with tokens like [NUMBER], [EMAIL])
- Amount magnitude and credit/debit indicator
What is NEVER sent to AI:
- Raw merchant names or original transaction descriptions
- Account numbers, IBANs, or card numbers
- Your personal information (name, email, etc.)
- Any data that could identify you
Under the EU General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide our services as agreed when you create an account.
- Legitimate Interests: Processing for service improvement, security, and fraud prevention, where our interests don't override your rights.
- Legal Obligations: Processing required to comply with applicable laws and regulations.
We only share your data with trusted partners necessary to provide our services, all operating under strict contractual obligations:
Data Recipients:
- Banking Aggregator (Bridge): Securely connects to your bank accounts with your explicit consent. Your banking credentials are never stored by Savyy — authentication is handled directly by this regulated partner.
- Payment Processor (Stripe): Processes subscription payments. We store only a customer reference, not your payment details.
- Email Service (AWS SES): Sends transactional emails (verification, password reset, notifications).
- Error Monitoring (Sentry): Production-only error tracking with automatic PII filtering.
- Infrastructure Providers: Hosting and database services with appropriate security certifications.
We retain your data only as long as necessary for the purposes described in this policy:
- Account Data: Retained for the duration of your account. Upon account deletion, your data is permanently removed.
- Session Data: Sessions expire after 24 hours of inactivity and are automatically cleaned up.
- Transaction Data: Retained for the lifetime of your account to provide historical analysis and insights.
- Verification Tokens: Email verification and password reset tokens expire within hours and are then deleted.
When you delete your account, all associated data (bank accounts, transactions, categories, budgets, alerts) is permanently deleted through cascading deletion. This action is irreversible.
Your data is primarily stored and processed within the European Union.
Under GDPR, you have comprehensive rights regarding your personal data:
- Right of Access: Obtain a copy of all personal data we hold about you.
- Right to Rectification: Correct inaccurate or incomplete personal data.
- Right to Erasure: Request deletion of your personal data ("right to be forgotten").
- Right to Restriction: Limit how we process your data in certain circumstances.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests.
- Right to Withdraw Consent: Withdraw any consent previously given, without affecting prior processing.
To exercise these rights, contact us via our contact page. We will respond within one month. If we need additional information to verify your identity, we will let you know.
We implement comprehensive security measures to protect your data:
- Encryption: All sensitive data (IBANs, tokens, passwords) is encrypted using AES-256-GCM, the industry standard for authenticated encryption.
- Secure Authentication: Battle-tested authentication library trusted by the community, with OAuth 2.0, email OTP, and password security checks (Have I Been Pwned integration).
- Request Signing: All API requests between services are HMAC-SHA256 signed with short expiration windows.
- Rate Limiting: Redis-based rate limiting protects against abuse and brute-force attacks.
- Webhook Verification: All incoming webhooks from banking providers are verified using HMAC signatures.
- Infrastructure: Own database servers (PostgreSQL), no shared infrastructure with other applications.
For any questions about this privacy policy or to exercise your rights, please contact us via our contact page.
If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.