Your core financial data stays close to you.
Catalyst Cash is built around local-first storage. The app keeps your core financial records on your device. When you use shipped AI features, the app sends scrubbed prompts through the Catalyst Cash backend proxy to the selected model provider. Raw financial payloads are not retained on our servers.
Accounts, debts, renewals, history
Your balances, debts, budgets, settings, and audit history live on-device by default.
Scrubbed AI requests and optional Plaid traffic
AI requests and Plaid-linked account sync only happen when you choose to use those features.
Secrets stay out of manual exports
Passcodes, API keys, device IDs, and subscription state are excluded from manual backups.
What data exists, where it lives, and why.
Information stored on your device
- Manually entered financial data such as balances, debts, card metadata, renewals, goals, and notes.
- Audit results, dashboard history, settings, and local reminders.
- Optional chat history, unless privacy mode is enabled.
Information sent when you use AI features
- When you run an audit or AskAI chat, the app sends a scrubbed request through the Catalyst Cash backend proxy.
- The proxy forwards the request to the selected provider such as OpenAI or Google.
- Raw financial payloads are not retained on our servers after routing.
Optional Plaid connection
- If you connect accounts with Plaid, your bank credentials are entered into Plaid's interface, not ours.
- Plaid may provide balances and transaction data to the app so your local records stay more current.
- Plaid's data handling is governed by Plaid's End User Privacy Policy.
Purchases and entitlement checks
- Subscriptions are handled through Apple and RevenueCat.
- For entitlement verification, the app may send a RevenueCat app user identifier to the backend.
- This verification path does not require sending your financial dataset.
Chat retention and privacy mode
- Chat messages are stored locally and auto-expire after 24 hours.
- Sensitive patterns are scrubbed before any local chat persistence.
- If privacy mode is enabled, chat content is not written to disk.
Backups, encryption, and secure storage
- Passcodes and similar secrets are stored with native secure storage when available.
- Optional backups use encryption, and manual exports intentionally omit sensitive keys.
- Factory reset clears local financial data and security-sensitive local state.
What we do not do
- We do not sell your personal data.
- We do not use your financial data for advertising profiles.
- We do not retain raw financial payloads on our servers after AI request routing.
Your choices
- Use manual entry instead of Plaid.
- Clear chat history, audit history, or all app data at any time.
- Enable privacy mode and use a passcode or Face ID for tighter local protection.
Security measures
- Native secure storage is used for passcodes and comparable sensitive local values where available.
- API requests use a secured backend proxy instead of exposing provider keys in the app.
- Manual backup import rejects known sensitive keys that should never be restored from export files.
Policy changes and contact
- We may update this policy as the product evolves.
- Material changes will be reflected with a new effective date on this page.
- Questions can be sent to [email protected].
Read the full product guide and the terms too.
Privacy only makes sense when it matches the product and the legal language. The guide and terms pages are kept in sync with the same shipping behavior.