Privacy Policy — Tillr
Legal

Privacy Policy

Last updated: April 16, 2026  ·  Effective: April 16, 2026

Tillr ("we", "us", "our") is an AI-powered personal finance platform. This Privacy Policy explains what data we collect when you use Tillr, how we use it, and how we protect it. By using Tillr, you agree to this policy.

Questions? Reach us at privacy@tillr.polsia.app.

01Data We Collect

We collect the minimum data necessary to deliver your personalized financial briefings.

Account & Profile Information

  • Email address and name (used to create and identify your account)
  • Financial profile you provide: monthly income, expense categories, and savings goals

Bank & Financial Data (via Plaid)

  • Account balances and account type (checking, savings, investment, etc.)
  • Transaction history: merchant names, amounts, dates, and categories
  • Institution name and masked account number (last 4 digits)

Read-only access only. Tillr uses Plaid's read-only API. We never initiate transfers, move money, or write anything back to your bank. We cannot initiate payments on your behalf.

Usage Data

  • Pages visited, browser type, and anonymized IP address (for analytics and abuse prevention)
  • UTM parameters (to understand which marketing channels brought you here)

02How We Use Your Data

  • AI-generated daily briefings — Your account balances, transactions, and income/expense profile are injected into our AI system to generate your personalized daily financial summary.
  • Spending analysis — We categorize your transactions to surface patterns, trends, and anomalies in your spending.
  • Net worth & cash flow tracking — We aggregate your account balances to compute your real-time net worth and forecast your cash flow.
  • Smart savings suggestions — We analyze surplus cash flow to recommend safe-to-save amounts based on your bill schedule.
  • Transactional emails — We send account-related emails (welcome, onboarding nudges, subscription receipts). You can opt out of non-essential communications at any time.
  • Product improvement — Aggregated, anonymized usage patterns help us improve Tillr's features. We never use individual financial data for this purpose.

03Plaid Integration

Tillr uses Plaid to securely connect to your financial institutions. When you link a bank account, you interact directly with Plaid's interface (Plaid Link). Tillr never sees or stores your bank login credentials.

Plaid is governed by its own privacy policy. We encourage you to review it at plaid.com/legal.

  • Plaid acts as a data processor on our behalf, under appropriate data processing agreements
  • Your bank credentials are entered directly into Plaid's encrypted interface — Tillr never receives them
  • You can disconnect your bank accounts from Tillr at any time via Settings

04Data Sharing & Third Parties

We do not sell, rent, or share your financial data with third parties for advertising or any commercial purpose.

We share data only in these limited circumstances:

  • Service providers — We use trusted vendors to operate Tillr: database hosting (Neon/PostgreSQL), email delivery (SendGrid), AI inference (OpenAI), and payment processing (Stripe). These vendors process data only to provide services to Tillr and are bound by data processing agreements.
  • Legal obligations — We may disclose data if required by law, court order, or to protect the rights, property, or safety of Tillr, our users, or the public.
  • Business transfers — If Tillr is acquired or merged, your data may transfer to the acquiring entity. We will notify you before your data is subject to a materially different privacy policy.

05Data Storage & Security

  • Your data is stored in a PostgreSQL database hosted on Neon, with encryption at rest and in transit (TLS 1.2+)
  • Passwords are hashed using PBKDF2 with 100,000 iterations — we never store plaintext passwords
  • Authentication uses signed JWT tokens with a 7-day expiry
  • Access to production systems is restricted to authorized personnel only
  • We do not store your full bank account numbers — only institution name and last 4 digits

While we implement industry-standard security practices, no system is 100% immune to breaches. If a security incident affects your data, we will notify you promptly.

06Data Retention

We retain your data for as long as your account is active, plus a reasonable period thereafter for legal and business purposes (typically 90 days post-cancellation). Transaction history synced via Plaid is retained to power historical reports and trend analysis.

If you delete your account, we delete your personal data within 30 days, except where retention is required by law.

07Your Rights

You have the following rights regarding your data:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Ask us to correct inaccurate or incomplete data
  • Deletion — Request deletion of your account and associated data
  • Bank disconnection — Disconnect your linked bank accounts at any time via Settings → Accounts
  • Opt-out of emails — Unsubscribe from marketing emails using the link in any email we send
  • Portability — Request an export of your financial data in a machine-readable format

To exercise any of these rights, email privacy@tillr.polsia.app. We will respond within 30 days.

08Cookies & Analytics

Tillr uses minimal client-side storage:

  • localStorage — Stores your JWT auth token to keep you logged in across sessions
  • Page analytics — We log anonymized page views (path, referrer, UTM source) with hashed IPs to understand traffic patterns. No cross-site tracking.
  • Meta Pixel — We use Facebook/Meta Pixel for advertising attribution. This sends anonymized event data (page views, conversions) to Meta. You can opt out via Meta's ad preferences.

09Children's Privacy

Tillr is not intended for users under 18 years of age. We do not knowingly collect data from children. If you believe we have inadvertently collected data from a minor, contact us and we will delete it promptly.

10Changes to This Policy

We may update this Privacy Policy as our product evolves. For material changes, we will notify you via email or an in-app notice at least 14 days before the change takes effect. Continued use of Tillr after that date constitutes acceptance of the updated policy.

11Contact Us

For privacy questions, data requests, or concerns, contact us at: