OpenBudget is a personal finance copilot designed to help you understand your spending, detect where money may be leaking, and make short-term financial decisions based on your available financial data. This Privacy Policy explains what information OpenBudget collects, how it is used, how it is protected, and what choices you have.
OpenBudget is designed around a pull-based, user-controlled data model. OpenBudget does not use Plaid, does not continuously sync your bank accounts, does not store bank login credentials, and does not require persistent access to your Gmail account.
When you choose to refresh your financial data, OpenBudget may ask you to temporarily authorize access to your Gmail account so it can find finance-related emails, transaction alerts, payment confirmations, statements, or statement attachments. This access is used only during the refresh process. OpenBudget is designed to store extracted financial facts, not long-term raw email content.
When you create or access your OpenBudget account, we may collect basic account information such as your name, email address, authentication provider identifier, account creation date, and login/session metadata. Authentication may be handled by a third-party authentication provider such as Clerk.
OpenBudget may process financial information from sources you choose to provide or authorize, including emailed transaction alerts, payment confirmations, monthly statements, statement attachments, uploaded statements, uploaded CSV files, or manually entered financial information. This information may include transaction dates, amounts, merchants, account or institution names, statement periods, balances, categories, recurring charges, unusual charges, and spending trends.
If you choose to refresh financial data using Gmail, OpenBudget may temporarily access your Gmail account through Google OAuth. OpenBudget may search for and process finance-related emails such as bank transaction alerts, credit card transaction alerts, payment confirmations, monthly statement emails, statement attachments, subscription receipts, and bill reminders. OpenBudget does not intentionally use Gmail access to process unrelated emails, but depending on the Google OAuth scope granted, the temporary access token may technically allow broader Gmail read access during the short authorization window. OpenBudget limits its own processing to finance-related emails and uses filtering logic to reduce unnecessary access.
OpenBudget may also collect limited technical information to operate and secure the app, such as device and browser information, IP address, log events, error events, security events, session metadata, and feature usage events.
OpenBudget uses information to provide personal finance features, including tracking expenses, identifying spending trends, detecting unusually high spending, estimating current-month spending pace, comparing current spending against prior patterns, identifying recurring or increased charges, helping you decide whether a short-term purchase is safe, reconciling provisional transaction alerts against monthly statements, showing confidence and freshness of financial data, generating AI-assisted explanations of spending behavior, and securing and maintaining the app.
OpenBudget is not designed to provide financial, investment, tax, legal, or accounting advice.
OpenBudget is not designed to be a real-time bank-syncing system. Financial data refreshes are user-initiated. When you want updated financial data, you may choose to start a refresh. During that refresh, OpenBudget may temporarily access Gmail or process uploaded files. After the refresh is complete, OpenBudget updates your financial records and shows the freshness and confidence of the data.
OpenBudget may show freshness labels such as “Reconciled through Apr 30,” “Current month based on email alerts,” “Confidence: Medium,” or “Missing latest statement.” OpenBudget does not claim that all financial data is complete, real-time, or perfectly accurate.
If OpenBudget accesses information from Google APIs, OpenBudget’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
OpenBudget uses Google user data only to provide user-facing finance features that you request. OpenBudget does not use Google user data for advertising, does not sell Google user data, and does not use Google user data to train generalized AI models. OpenBudget does not allow humans to read your Gmail content except where necessary for security, debugging, legal compliance, or with your explicit permission.
OpenBudget separates normal app login from sensitive data import. Normal app access may be handled through your OpenBudget login session, while Gmail data refresh requires separate Google OAuth authorization.
OpenBudget is designed so that Gmail access tokens are used only during the refresh process, kept server-side, not sent to the frontend, not intentionally logged, not stored as long-lived credentials, and discarded or revoked after the refresh process when possible. OpenBudget is designed not to store Gmail refresh tokens for ongoing background access.
OpenBudget is designed to minimize retention of raw sensitive data. Where possible, OpenBudget extracts structured financial facts from emails, statements, or uploaded files, then stores only the information needed to provide the app’s finance features. Examples include amount, date, merchant, category, institution, statement period, reconciliation status, and confidence level.
OpenBudget should avoid storing full raw email bodies or raw statement attachments longer than necessary unless needed for user review, debugging, auditability, or a feature you explicitly use.
OpenBudget may use AI services to help analyze and explain your financial data. AI may be used for merchant cleanup, transaction categorization, spending summaries, unusual spending explanations, decision explanations, statement parsing assistance, and natural language answers about your finances.
OpenBudget should send only the information reasonably necessary for the requested analysis. OpenBudget does not use your personal financial data to train generalized AI models. AI-generated outputs may be inaccurate or incomplete, and you should review important financial decisions yourself.
OpenBudget uses cookies and similar technologies that are necessary for the app to function. These cookies may be used to keep you signed in, authenticate requests between the frontend and backend, protect sessions, prevent unauthorized access, and maintain security.
OpenBudget does not use cookies for advertising or cross-site tracking. If OpenBudget later uses analytics or other non-essential cookies, this policy will be updated and, where required, appropriate notice or consent controls will be provided.
OpenBudget does not sell your personal information. OpenBudget may share limited information with service providers that help operate the app, such as authentication providers, cloud hosting providers, database providers, AI model providers, email or file processing infrastructure, monitoring tools, or security tools. These providers may process information only as needed to provide services to OpenBudget.
OpenBudget may also disclose information if required to comply with law, respond to legal requests, protect users, prevent fraud or abuse, address security threats, enforce terms or policies, or protect the rights, property, or safety of OpenBudget or others.
OpenBudget is designed with security in mind. Security practices may include HTTPS encryption in transit, encryption of sensitive data at rest where appropriate, server-side handling of OAuth tokens, avoiding frontend exposure of provider tokens, avoiding storage of long-lived Gmail credentials, access controls for stored financial data, minimizing raw data retention, and logging controls to avoid sensitive token leakage.
OpenBudget retains information for as long as needed to provide the app’s functionality, comply with legal obligations, resolve disputes, enforce agreements, or maintain security. OpenBudget may retain account information while your account is active, normalized financial records for historical spending analysis, import metadata for data freshness and reconciliation, and user preferences or app settings.
No system is perfectly secure. OpenBudget cannot guarantee absolute security, but it is designed to reduce unnecessary exposure of sensitive financial and email data.
You may choose whether to create an OpenBudget account, refresh data from Gmail, upload statements or CSVs, manually enter financial data, delete imported data, revoke Google OAuth access, or stop using OpenBudget.
You can revoke OpenBudget’s access to your Google account through your Google Account permissions page. If you revoke access, OpenBudget will no longer be able to refresh Gmail data unless you authorize it again.
You may request deletion of your OpenBudget account and associated data by contacting privacy@openbudget.fyi. Some limited information may be retained where required for legal, security, fraud prevention, backup, or compliance purposes.
OpenBudget is not intended for children under 13 years old and does not knowingly collect personal information from children under 13. If you believe a child has provided personal information to OpenBudget, contact us so the information can be deleted.
OpenBudget is a personal finance analysis tool. OpenBudget does not provide financial, investment, tax, accounting, or legal advice. Any insights, recommendations, spending estimates, or decision outputs are informational only. You are responsible for reviewing your own financial information and making your own financial decisions.
OpenBudget may update this Privacy Policy from time to time. When changes are made, the “Last updated” date will be revised. Material changes may be communicated through the app, website, or email where appropriate.
If you have questions about this Privacy Policy or how OpenBudget handles data, contact privacy@openbudget.fyi. You can also visit https://openbudget.fyi.