Backslash Money Hub Tracker — Privacy Policy
1. About This Policy
This Privacy Policy explains how Backslash Robotics collects, uses, shares, retains, and protects personal information when you use the Backslash Money Hub Tracker application (the “Application”).
The Application is a personal-finance dashboard. You install and run it on a computer you control, and it acts on your behalf to consolidate data from financial institutions and your email inbox. No personal information leaves your computer except to the third parties you explicitly authorize (your bank, via Plaid; your email provider, via Google; public market-data providers for security and crypto prices).
2. Who We Are and How to Reach Us
Backslash Robotics
8520 Cliffwood Way, Sacramento, CA 95826, USA
tlynch@backslashrobotics.com
For privacy questions, deletion requests, or to exercise the rights in §9 below, contact us at the email above.
3. Information We Collect
We collect only the information needed to operate the Application's features. We do not sell your personal information, we do not share it for cross-context behavioral advertising, and we do not operate analytics, tracking pixels, or third-party advertising SDKs in the Application.
3.1 Information you provide directly
- Vendor credentials and API keys you enter into the Application's
Settings (e.g. Plaid
client_idand secret; Google OAuth client credentials; LLM API keys). - Manual financial entries you create (accounts, transactions, subscriptions, holdings, categorization rules, notes).
- Credentials stored in the encrypted vault (site logins, one-time-password seeds, free-text secure notes).
- Master password used to derive the vault's encryption key. The master password is never stored on disk; only an Argon2id verifier is persisted, and that verifier cannot be reversed to recover the password.
3.2 Information collected from Plaid
When you connect a financial institution through Plaid Link, Plaid returns to the Application data that you have authorized Plaid to share, which may include:
- account names, types, masks (last 4), and balances;
- transaction history, including amounts, dates, merchants, and category metadata;
- investment holdings and investment transactions;
- liabilities data (APR, minimum payment, statement balance, due date) for credit cards and loans;
- account-holder identity data (names, addresses, emails, phone numbers).
The exact products and fields enabled depend on your selections in the Application and your authorization in Plaid Link. Plaid's own privacy practices are governed by Plaid's End User Privacy Policy and are accepted by you within the Plaid Link flow itself.
3.3 Information collected from Google (Gmail API)
If you connect a Gmail account, the Application reads message subjects and bodies that match the search rules you configure (typically payment / receipt emails). Parsed amounts, payers, dates, and confidence scores are stored in the local database; non-matching emails are not retained. The Application requests only the minimum Gmail OAuth scopes needed to read messages on the account you authorize.
3.4 Public market data
The Application fetches read-only price snapshots from public market-data providers (CoinGecko for cryptocurrency prices and yfinance / Yahoo Finance for equity and ETF prices). These requests transmit only ticker symbols — never personal information.
3.5 Information we do not collect
- We do not collect device identifiers, advertising IDs, or location data.
- We do not embed third-party analytics, telemetry, or crash-reporting SDKs.
- We do not collect information about other people on your device.
- The Application does not have a remote backend; we do not see your data.
4. How We Use Your Information
We use the information collected above only to operate the Application's features that you have enabled, including:
- displaying your accounts, balances, transactions, holdings, and net worth;
- detecting recurring subscriptions and projecting upcoming charges;
- categorizing transactions automatically based on your rules;
- parsing payment-receipt emails into transaction records;
- maintaining an encrypted store of your site logins and notes;
- estimating and recording the cost of Plaid API calls so you can reconcile against Plaid's invoice;
- maintaining audit logs of state changes and security-relevant events.
5. Legal Bases for Processing (GDPR / UK GDPR)
If you are located in the EU, EEA, or United Kingdom, we process your personal information on the following legal bases:
- Contract — to provide the Application's functionality you have requested.
- Consent — for any processing that depends on a Plaid Link authorization or a Google OAuth grant. You may withdraw consent at any time (see §9).
- Legitimate interest — to keep the Application secure, prevent abuse, and reconcile vendor billing.
- Legal obligation — where applicable to retain records for tax or regulatory purposes.
6. How Information Is Stored and Protected
- All personal information is stored on your local computer in an on-disk database. There is no remote backend that holds copies of your data.
- Plaid access tokens and Google OAuth refresh tokens are encrypted at rest with a Fernet (AES-128-CBC + HMAC-SHA256) key generated on first launch.
- Vault entries (site logins, OTP seeds, secure notes) are encrypted with AES-256-GCM, keyed by your master password processed through Argon2id (memory-hard key-derivation function).
- The Application enforces multi-factor authentication (TOTP, RFC 6238) at every vault unlock and before every connection to a new financial institution.
- The Application's API binds only to the local loopback
interface (
127.0.0.1) and requires a per-installation bearer token on every authenticated request. - All outbound calls to Plaid, Google, CoinGecko, and yfinance are performed over TLS 1.2 or better.
No system can be made perfectly secure. We cannot guarantee absolute security of your information, but we commit to applying and improving the controls described above.
7. Sharing of Information
We share information only with the third parties whose services you have explicitly enabled in the Application:
- Plaid Inc. — to authenticate with your financial institutions and retrieve the financial data you authorize.
- Google LLC — to read messages from a Gmail inbox you authorize.
- CoinGecko / yfinance — to retrieve public market prices for the ticker symbols of holdings you have entered.
We do not sell, rent, lease, or share personal information with data brokers, advertisers, or any third party for marketing purposes.
We may disclose information when required to do so by valid legal process (subpoena, court order, regulatory demand) and where permitted, will provide reasonable advance notice to the affected individual.
8. Retention
We retain personal information only as long as needed for the purpose for which it was collected. Highlights:
- Financial transactions: up to 7 years (aligned with U.S. tax recordkeeping guidance);
- Plaid Identity records: until the Plaid Item is disconnected;
- Plaid access tokens / Google OAuth tokens: until the connection is removed;
- Email-derived receipts: 3 years after received date;
- Application logs: 30 days.
You can shorten retention at any time by deleting individual records or by performing the whole-installation purge described in our Data Retention and Disposal Policy.
9. Your Rights
We honor the rights described below regardless of your location. Where multiple regimes (CCPA / CPRA, GDPR, UK GDPR, other state- level U.S. laws) apply, we apply the standard most favorable to you.
- Access. You may inspect any personal information stored by the Application directly via the UI or by querying the local database.
- Correction. You may correct any record using the Application's edit screens.
- Deletion. You may delete any record, disconnect any Plaid Item or Gmail account, or perform a whole-installation purge of the database, encryption keys, and bearer token.
- Portability. You may export your data using the Application's Backup/Export controls; the export is a standard SQLite database.
- Restriction / Objection. You may disable any feature in Settings; you may also revoke Plaid or Google authorizations directly with those vendors via their respective consoles.
- Withdrawal of consent. You may revoke Plaid or Google consents at any time without affecting the lawfulness of processing prior to the revocation.
- Non-discrimination (CCPA / CPRA). Exercising any right above will not result in degraded service or additional fees.
To exercise these rights for any data outside what your local installation lets you control directly, contact us at tlynch@backslashrobotics.com. We will respond within 30 days, or sooner where required by law.
10. Children
The Application is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided personal information through the Application, please contact us so we can delete it.
11. International Transfers
Because data stays on your local computer, we do not initiate international transfers ourselves. Outbound calls to Plaid, Google, and the public market-data providers may be served by infrastructure located outside your country; those transfers are governed by the respective vendor's privacy policy and data- transfer mechanisms.
12. California Notice at Collection
For California residents, the categories of personal information collected (per Cal. Civ. Code §1798.140), the purpose of collection, and our retention practices are summarized below:
| Category | Examples | Purpose | Retention |
|---|---|---|---|
| Identifiers | Name, email, phone, address (via Plaid Identity) | Account labeling | Until Item disconnect |
| Financial information | Account, transaction, balance, holding, liabilities data | Provide app features | Up to 7 years |
| Internet / network info | None collected by us; OAuth tokens stored locally | Maintain connections | Until disconnect |
| Commercial info | Subscription/recurring data derived from transactions | Provide app features | Up to 7 years |
We do not sell or share this information for cross-context behavioral advertising. There is no “Do Not Sell or Share My Personal Information” toggle because we do not engage in either practice.
13. Changes to This Policy
We may update this Privacy Policy. Material changes will be reflected in the Last Updated date above.
14. Contact
For privacy questions, complaints, or to exercise any right above:
Backslash Robotics
Attn: Taylor Lynch, Privacy Officer
tlynch@backslashrobotics.com
8520 Cliffwood Way, Sacramento, CA 95826, USA
You also have the right to lodge a complaint with a supervisory authority — the California Privacy Protection Agency (cppa.ca.gov) for California residents, or your local data-protection authority for EU/EEA/UK residents.