Your data is only stored in iCloud!

DashFlow's Privacy Policy is as simple as that. We do not store
any of your personal data, ever, even with automatic bank sync.


The Details

Want to check out the full policy in all its glory? Dig in below!

How We Make Money

Let's get this one out there right away so you know where we stand: Our incentives are aligned with our users because we don't sell their information to advertisers, or mine their data to show them "offers" that are just ads in disguise. We don't even store any of their data, even if they've decided to connect their financial accounts to be automatically synced. The only way we make money is if a user decides to upgrade to our premium service through the App Store.

How We Store Data

For users that manually enter their financial transactions, their data is stored only in their iCloud account, where they keep their Contacts, Calendars, Photos, etc. This way, the data can be securely synced between their devices, and backed up for safe-keeping.

A user (owner) may choose to invite a family member (participant) to collaborate in DashFlow by sending them an invitation via iCloud. The data is still synced by iCloud and remains in the owner’s iCloud Storage. The participant can view and edit all data. The owner may revoke access for the participant at any time, which disables syncing of future data to the participant’s devices, but it does not automatically delete the previously shared data.

If a user decides to connect to their financial accounts for automatic bank sync, we use a service called Plaid.com to securely handle the read-only syncing. No login credentials are stored. The user’s credentials are securely transferred to Plaid.com via an encrypted SSL connection. Plaid.com authenticates these details with the financial institution and returns an anonymous access token to us which grants us read-only access to the account. This access token can only be used by DashFlow and only when connecting to Plaid.com. A user may revoke and delete this access token at any time. By using DashFlow and the bank sync feature, the user grants Plaid.com the right, power, and authority to act on the user's behalf to access and transmit the user's personal and financial information from the relevant financial institution according to the terms of Plaid's privacy policy. You can read their full privacy policy at https://plaid.com/legal.

DashFlow uses a server, managed by Syncano.io, to securely connect with Plaid.com and transfer data to the user’s iOS device, where it is stored in Core Data and synced between devices by iCloud. When new transactions are available, they are retrieved from Plaid and passed through the server to the iOS device over an encrypted SSL connection. These transaction and account balance details remain on the server for a few seconds and are deleted as soon as the iOS device receives them. The data is connected to the anonymous Plaid.com access token, which is not connected to any personally identifiable information. The user’s financial data is never logged in any form.

The Full Policy

This privacy policy has been compiled to better serve those who are concerned with how their 'Personally identifiable information' (PII) is being used online. PII, as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

What personal information do we collect?


When do we collect personal information?


How do we use personal information?

We don't.

Third Party Disclosure

No, we do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. Non-personally identifiable website visitor information may be provided to other parties for marketing, advertising, or other uses (e.g. Anonymous website traffic analytics, etc). We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

California Online Privacy Protection Act

According to CalOPPA we agree to the following: Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website. Our Privacy Policy link includes the word 'Privacy', and can be easily be found on the page specified above.

Users will be notified of any privacy policy changes:

On this Privacy Policy Page

Does our app or site allow third party behavioral tracking?

We only use basic anonymous analytics to help make better decisions and improve our app.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

Terms of Use

Please also see our full terms of use.

Contacting Us

If there are any questions regarding this privacy policy you may contact us via our support form.

Last Edited on Feb 16, 2017.