Skip to main content
Steward

Privacy Policy

Effective Date: April 3, 2026
Last Updated: April 3, 2026

1. Introduction

Steward (“we,” “our,” or “the app”) is a personal finance application that helps self-employed individuals manage budgets, track expenses, and identify tax deductions. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

2.1 Account Information

  • Email address
  • Full name
  • Authentication credentials (passwords are hashed and never stored in plain text)

2.2 Financial Data (via Plaid)

When you connect a bank account through Plaid, we receive:

  • Account names, types, and balances
  • Transaction history (up to 24 months): date, amount, merchant name, category
  • Recurring transaction patterns (subscriptions, bill payments)
  • Institution name and identifiers

We do not receive or store your bank login credentials. Plaid handles the secure connection to your financial institution directly.

2.3 App Usage Data

  • Budget categories and spending preferences
  • Tax deduction selections and categorization choices
  • Pay cycle configuration
  • App settings and preferences

2.4 Device Information

  • Device type and operating system version (for app compatibility)
  • Push notification tokens (if notifications are enabled)

3. How We Use Your Data

We use your data exclusively to provide Steward's core functionality:

  • Budgeting: Categorize transactions, calculate spending vs. budget, determine “Safe to Spend” amounts
  • Tax Tracking: Identify and categorize potential tax-deductible expenses for Schedule C filers
  • Financial Insights: Provide AI-powered spending analysis, trend detection, and financial advice
  • Account Display: Show your connected account balances and transaction history
  • Notifications: Send budget alerts, bill reminders, and financial insights (when enabled)

4. AI Processing

Steward uses Claude AI (by Anthropic) to:

  • Categorize transactions automatically
  • Identify potential tax deductions
  • Provide personalized financial advice

Transaction data sent to Claude for processing includes merchant names, amounts, and categories. This data is sent via secure API calls and is not used by Anthropic to train AI models. No bank credentials or account numbers are sent to Claude.

5. Third-Party Services

ServicePurposeData Shared
PlaidBank account connection and transaction syncAccount and transaction data
SupabaseBackend infrastructure, database, authenticationAll app data (encrypted, hosted on AWS)
Anthropic (Claude)AI categorization and financial adviceTransaction descriptions, amounts, categories
ExpoPush notificationsDevice push tokens

6. Data Sharing

We do not:

  • Sell your personal or financial data to third parties
  • Share your data with advertisers
  • Use your data for marketing purposes
  • Provide your data to data brokers

Your data is shared only with the third-party services listed above, solely for the purpose of providing Steward's functionality.

7. Data Security

We protect your data through:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Row-Level Security ensuring users can only access their own data
  • Server-side storage of all sensitive tokens (Plaid access tokens never touch client devices)
  • Optional two-factor authentication for your Steward account

8. Your Rights

You have the right to:

  • Access: View all data we have about you within the app
  • Export: Export your financial data in CSV or PDF format
  • Delete: Request deletion of your account and all associated data
  • Disconnect: Remove any linked bank account at any time, which revokes Plaid's access
  • Opt Out: Disable push notifications and AI-powered features

Exercising Your Rights

  • In-app: Use Profile > Export Data or Profile > Linked Accounts to manage your data
  • Account deletion: Contact us at [email protected] to request full account deletion
  • Plaid connections: You can also manage Plaid connections directly at my.plaid.com

9. Data Retention

  • Your data is retained while your account is active
  • Upon account deletion, all data is permanently purged within 30 days
  • Plaid access tokens are revoked immediately upon account disconnection or deletion

10. Children's Privacy

Steward is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Continued use of Steward after changes constitutes acceptance of the updated policy.

12. Contact

For privacy questions or requests, contact:

Andrew Shpiruk
Email: [email protected]