Skip to content
OneTruth

OneTruth

Privacy

Your money, your data, never anyone else's. This page summarizes what we collect, what we don't, and how to control everything.

Last updated: May 7, 2026

The promise

OneTruth is built around a simple promise: the data you give us is yours, used only to power your experience, and never sold or shared with anyone — ever, no exceptions, no asterisks.

  • No advertising trackers, anywhere, ever. No Facebook Pixel, no AdMob, no Branch, no AppsFlyer, no Adjust, no TikTok pixel, no Google Ads conversion tracking. We do not link advertising-tracker SDKs into our app or website.
  • No server-side Conversions APIs. No Meta CAPI, no TikTok Events API, no Google Enhanced Conversions. We do not ship server-to-server event streams to ad platforms.
  • No third-party Google Analytics. No GA4, no Universal Analytics, no Firebase Analytics. (Firebase Analytics was previously linked as a back-end for our own first-party product analytics; it was stripped from the iOS binary in May 2026 to remove any ambiguity about our intent.)
  • No device fingerprinting. Your phone's IDFA is never read. App Tracking Transparency is not linked.
  • No cross-app advertising identifiers. No SKAdNetwork postbacks to third-party ad networks beyond Apple's own first-party Apple Search Ads attribution framework.

What we collect

  • Account information: the bank accounts you choose to link via Plaid (balances + transaction history). Plaid stores your bank credentials; we never see them.
  • App content: the bills, notes, documents, goals, and workspaces you create.
  • Identity: your sign-in identifier from Apple, Google, or email, plus your email address.
  • Diagnostics: anonymous crash reports (planned via Sentry, post-launch) and pseudonymized usage events (via PostHog; stable user ID only, no PII payload). Both are scrubbed of any identifying content before transmission.

How it's stored

  • Encrypted at rest using AES-256.
  • All connections use TLS 1.2+ in transit (TLS 1.3 by default on web).
  • Per-row Row-Level Security ensures one user can only ever read their own data.
  • Backups are encrypted and stored in a different region than the primary.

How AI works

When the AI assistant can answer your question on-device, it does. On iPhone 15 Pro and newer, Apple Intelligence runs locally; on other devices, our on-device models do the same work. For requests that need cloud help, only the question text and the relevant context are sent — never your raw transactions, never your account credentials.

Your rights

  • Export. Settings → Privacy → Export my data generates a single ZIP of everything we have on you, in human-readable JSON.
  • Delete. Settings → Privacy → Delete my account triggers a 24-hour email-confirmation window; on confirmation we cascade-delete every row owned by your account immediately, with backup copies expiring per our backup tier's retention window.
  • Correct. All your data is editable inside the app.

Subprocessors

We share data only with the subprocessors required to run the service. Each is bound by data processing agreements; none of them are permitted to use your data for their own purposes. Every subprocessor handling consumer financial data is SOC 2 Type II certified.

  • Plaid, Inc. — bank-data integration (balances, transaction history).
  • Supabase, Inc. — Postgres database, authentication, Edge Functions, encrypted file storage.
  • Apple, Inc. — App Store delivery, Sign in with Apple, Apple Push Notification service (APNs).
  • RevenueCat, Inc. — iOS subscription receipt validation (subscription metadata only — no PII payload).
  • Cloudflare, Inc. — DNS, CDN, email routing for our @onetruth.app domain.
  • Vercel, Inc. — web app + marketing site hosting.
  • Sentry, Inc. — error and crash reporting (PII scrubbed before transmission; SDK wiring queued for post-launch).
  • Resend, Inc. — transactional email (sign-in confirmations, security alerts, account-deletion confirmations).
  • PostHog, Inc. — first-party product analytics (pseudonymized; stable user ID only; no PII payload; no advertising-platform destinations).
  • Google LLC (Firebase Cloud Messaging). — used in the future for cross-platform push delivery only (NOT Firebase Analytics, NOT Google Analytics, NOT Google Ads). The Firebase Analytics SDK was stripped from the iOS binary in May 2026.
  • GitHub, Inc. — source code hosting (private repository).
  • 1Password (AgileBits). — internal credential storage for the company; no consumer data.

Children's privacy

OneTruth is not intended for use by anyone under 13. We do not knowingly collect data from children. If you believe a child has created an account, contact us and we'll delete it within 24 hours.

Changes to this policy

We'll email every active user 30 days before any change that weakens your privacy. Cosmetic changes (rewording, fixing typos) are made silently.

Contact

Questions, requests, or concerns: support@onetruth.app. A real human reads every message.