Introduction
Zavro ("we", "us", "our") builds a premium personal finance platform that helps people organize their income, expenses, savings, debt and net worth. This Privacy Policy describes what information we collect, how we use it, who we share it with, and the rights you have over your data. By using Zavro, you agree to the practices described in this policy.
Information we collect
We only collect what we need to provide and improve the service:
Account information
- Email address used to sign in and receive product notifications.
- Name and optional profile details you add in Settings.
- Authentication metadata such as sign-in timestamps and provider (e.g. Google).
Financial information
- Transactions, income and expense entries you create or import.
- Budgets, categories, savings goals, debts and net-worth records.
- When you connect a bank in the future through our planned Plaid integration, we receive tokenized access to read balances and transactions — we never see or store your bank password.
AI conversation history
- Messages you send to the AI coach, along with the responses we generate, so you can revisit prior conversations.
Files you upload
- Optional receipts, statements or exports you attach to transactions or reports.
Technical information
- Device, browser, IP address, and coarse location for security.
- Aggregate usage data to understand which features are used.
How we use your information
We use the information above to:
- Personalize your dashboard, charts and recommendations.
- Power AI financial coaching and daily briefings.
- Categorize transactions and generate budgets and reports.
- Send transactional emails (receipts, alerts, password resets).
- Provide customer support when you contact us.
- Detect fraud and abuse, and keep the service secure.
- Improve the product through aggregated, non-identifying analytics.
We do not sell your data. We do not use your financial data to train third-party AI models.
How we protect your information
Security is foundational to Zavro. We protect your data using industry-standard controls:
- 256-bit encryption in transit (TLS) and at rest.
- Row-level authorization so accounts can only read their own records.
- Isolated production environments with least-privilege access.
- Regular dependency scanning and security reviews.
- Payment data handled exclusively by Stripe — we never store card numbers.
Your rights and choices
You always own your data. You can:
- Access the information we hold about you.
- Update profile and account details in Settings.
- Download your transactions and reports as CSV.
- Delete individual records at any time from within the app.
- Delete your account and all associated data.
To request account deletion or a full data export, email privacy@zavro.com from the email address on your account.
Third-party services
We rely on a small set of trusted vendors so we can focus on building a great product:
- Stripe — payment processing for subscriptions. Card details are entered on Stripe's secure elements and never touch our servers.
- Plaid — planned future integration for optional bank connections. Tokenized access only.
- Google Analytics — if enabled, aggregated, IP-anonymized traffic analytics. You can opt out through your browser or a privacy extension.
- Cloud infrastructure providers — for hosting, database and email delivery, bound by data-processing agreements.
Children's privacy
Zavro is not intended for children under 16 and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact privacy@zavro.com and we will delete it promptly.
Updates to this policy
We may update this policy from time to time. Material changes will be announced in-app or by email at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the latest revision.
Contact us
Questions about privacy? Email privacy@zavro.com or reach the team via our contact page.