# worthi privacy policy

> How worthi collects, uses, protects, and shares information for the website, web app, and mobile app.

- Canonical URL: https://www.worthi.app/privacy
- Last updated: July 9, 2026

## Short version

- worthi is manual-first and does not ask for bank or brokerage login credentials.
- Sensitive finance fields are encrypted before ordinary database storage.
- worthi does not sell personal information or use manually entered financial records for third-party advertising.
- Payments and purchase validation are handled through Stripe, Apple, and RevenueCat.

## Information we collect

worthi collects account information such as an email address, an optional name, authentication-provider details, and sign-in session information.

worthi stores the financial records a user chooses to enter, including accounts, assets, holdings, transactions, recurring rules, categories, currencies, settings, and financial history.

worthi stores billing and purchase status, including Stripe customer, checkout, subscription, product, and price identifiers for web purchases, and RevenueCat purchase status for mobile access.

Support submissions include the name, email address, and message entered in the support form. Technical and usage information may include basic request metadata, diagnostics, analytics events, and cookie or similar technology data from the website.

## How we use information

worthi uses information to provide, secure, and maintain an account, dashboard, web app, and mobile app; save manually entered financial records; calculate dashboard views, totals, recurring cash flow, holdings, asset history, and currency conversions; authenticate sign-ins; send one-time sign-in emails; verify Apple sign-in; manage mobile refresh sessions; process access and billing state; respond to support requests; prevent misuse; debug issues; understand product usage; and improve the service.

## Financial data and credentials

worthi does not ask for bank, brokerage, or card login credentials. The user decides what financial records to enter. Public market and FX lookups may use ticker symbols, exchange names, dates, and currency codes, but not bank credentials. Card payment details are handled by Stripe or Apple payment infrastructure; worthi does not store full card numbers.

## Encryption and security

worthi uses HTTPS in transit and application-level encryption for sensitive finance fields before ordinary database storage. Sensitive finance fields use AES-256-GCM and per-user data keys. Encrypted values include authenticated metadata tied to the user, record type, field, and encryption version.

No service can be guaranteed perfectly secure, but worthi uses safeguards intended to reduce unauthorized access, disclosure, alteration, or loss.

## Service providers

worthi uses service providers for hosting, databases, email delivery, analytics, payments, purchase validation, authentication, market data, and FX rates. Current examples include Stripe for web checkout, RevenueCat for mobile purchase validation, Apple for Sign in with Apple and App Store purchases, Resend for sign-in email delivery, Google Analytics for website measurement, and public market or FX data providers.

These providers may process information under their own terms and privacy commitments.

## Sharing

worthi does not sell personal information and does not use manually entered financial records for third-party advertising. Information may be shared with service providers, when the user directs worthi to share it, to protect worthi and its users, or when required by law.

## Retention and deletion

Account and financial records are kept while an account is active or as needed to provide the service. Support requests, billing records, logs, backups, and security records may be retained as needed for support, accounting, fraud prevention, compliance, and business continuity.

A user can request access, correction, export, or deletion of information through support.

## User choices

A user can choose which financial records to enter, edit, or remove; avoid optional fields; use Apple private relay email where available; and contact support for account or data requests. Browser controls may limit cookies or similar technologies, although some site features may depend on them.

## Children

worthi is not directed to children under 13 and does not knowingly collect personal information from children under 13.

## Changes

This policy may change as worthi changes. The date on the canonical privacy page will be updated when the policy changes.

## Contact

For a privacy, account, or data request, use the [worthi support form](https://www.worthi.app/support).
