← Back to kiyhtily

Privacy Policy

Last Updated: May 28, 2026 · Effective Date: May 28, 2026

kiyhtily ("we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use the kiyhtily mobile application (the "App").

By using the App, you agree to the practices described in this Privacy Policy.

---

1. Information We Collect

Information You Provide

• Account information: email address, name, profile preferences
• Financial information: transactions, budgets, income, goals, and reconciliation data you enter or import
• Bank statement images and PDFs you upload for OCR processing
• Receipt images you scan for itemized expense tracking
• Payroll schedule information you enter
• Communications: messages sent through our support channels

Information Collected Automatically

• Device data: device type, operating system, app version
• Usage data: features used, screens viewed, errors encountered
• Location data: approximate location for nearby place suggestions and geofence reminders (only when you grant permission and use related features)
• Subscription data: managed through Apple App Store or Google Play via RevenueCat

Information We Do NOT Collect

• We do not collect your bank login credentials.
• We do not connect directly to your bank account.
• We do not sell your data.
• We do not use your financial data for advertising.

2. How We Use Your Information

We use your information to:

• Provide the App's core functionality (budgeting, OCR import, receipt scanning, reconciliation, insights, navigation)
• Process bank statement and receipt images via AI services (Claude API by Anthropic)
• Generate personalized financial insights and nudges
• Process subscriptions and entitlements via RevenueCat
• Send push notifications related to your budgets, goals, and reminders
• Improve App performance and fix bugs
• Provide customer support
• Comply with legal obligations

3. AI Processing

When you upload a bank statement or receipt image, the image is sent to Anthropic's Claude API for OCR and parsing. Anthropic processes the image and returns extracted transaction data.

• Images are transmitted over encrypted HTTPS.
• Anthropic does not use API customer data to train their models (per Anthropic's API data policy).
• Anthropic retains data briefly for abuse monitoring then deletes it.
• We do not store the original image or PDF in our database — only the extracted transaction data.

4. Data Storage

Your data is stored in Supabase, a secure cloud database provider:

• All data is encrypted in transit (HTTPS) and at rest.
• Row-level security ensures only you can access your own data.
• Authentication is handled via Supabase Auth.
• Servers are hosted in the United States.

5. Third-Party Services

We use the following third-party services. Each has its own privacy policy:

• Anthropic (Claude AI): OCR and AI processing — anthropic.com/privacy
• Supabase: database and authentication — supabase.com/privacy
• RevenueCat: subscription management — revenuecat.com/privacy
• Firebase Cloud Messaging: push notifications — firebase.google.com/support/privacy
• Google Maps Platform: location and place data — policies.google.com/privacy
• Apple App Store / Google Play: app distribution and in-app purchases

We do not share your financial data with these services beyond what is required for the App to function.

6. Your Rights and Choices

You have the right to:

• Access your data — visible at all times within the App
• Export your data — contact support@kiyhtily.com
• Delete your account and all associated data — contact support@kiyhtily.com or use in-app deletion
• Opt out of notifications — toggle in App or device settings
• Revoke location access — device settings
• Cancel subscription — through Apple App Store or Google Play

We will respond to data requests within 30 days.

7. Children's Privacy

kiyhtily is not intended for children under 13. We do not knowingly collect data from children under 13. If we learn that we have collected such data, we will delete it promptly. If you believe a child has provided us information, contact support@kiyhtily.com.

8. Security

We use industry-standard security practices including:

• Encryption in transit (TLS/HTTPS)
• Encryption at rest
• Row-level access controls
• Secure authentication tokens
• Regular security review of dependencies

No system is 100% secure. If you believe your account has been compromised, contact support@kiyhtily.com immediately.

9. Data Retention

• Active accounts: data retained while your account is active.
• Deleted accounts: data permanently deleted within 30 days of deletion request.
• Bank statement images: never stored — discarded after AI processing.
• Receipt images: never stored — discarded after AI processing.

10. International Users

The App is operated from the United States. If you use the App from outside the US, your data will be transferred to and processed in the US. By using the App, you consent to this transfer.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the App and reflected in the "Last Updated" date above. Continued use of the App after changes constitutes acceptance.

12. Contact Us

Questions about this Privacy Policy or your data?

Email: support@kiyhtily.com
Website: kiyhtily.com