Privacy Policy
Effective date: July 18, 2026
This Privacy Policy describes how OneTally LC ("OneTally," "we," "us," or "our") collects, uses, and shares personal information when you visit https://onetally.app (the "Site") or use the OneTally Money service (the "Service").
If you do not agree with this policy, please do not use the Site or the Service.
1. Who we are
OneTally LC is a Maryland limited liability company.
We are the controller of the personal information described in this policy. You hold an account with us directly, the information in that account is yours, and we process it to provide the Service to you.
2. Information we collect
Information you provide to us:
- Account information: your name, email address, and password, together with the names you give your books and entities.
- Billing information: processed by our payment provider (Stripe). We do not store full card numbers.
- Communications with us: support requests, emails, and feedback.
Documents and financial information you upload or enter:
- Bank and card statements (PDF or CSV), receipts and invoices, and tax documents such as W-2s, 1099s, K-1s, 1098s, pay stubs, and prior-year tax returns.
- Household details you choose to provide, such as filing status, state of residence, and dependents. A dependent is recorded with basic details such as a label or initials, birth year, relationship, student status, whether you provide over half their support, and a yes/no for whether that dependent has a Social Security number, never the number itself.
- The categorizations, notes, rules, and corrections you make.
Information the Service generates on your behalf:
- Transactions extracted from your documents (date, description, merchant, amount, category).
- A plain-language summary of your financial setup, a log of meaningful changes the Service has learned about you, and a merchant-to-category memory built from the choices you confirm.
- An audit trail of every change made to a record: who changed it, what changed, and when.
Information collected automatically:
- Usage data: pages visited, features used, and interactions with the Site and Service.
- Device and log data: IP address, browser type, operating system, and error logs.
- Analytics: we use privacy-respecting analytics configured to operate without advertising cookies. We do not use third-party advertising trackers on the Site.
3. How we use information
We use personal information to:
- Provide, operate, maintain, and improve the Site and the Service;
- Read the documents you upload in order to extract transactions, categorize them, match receipts, and produce the reports and exports you ask for;
- Set up and manage accounts, process payments, and send transactional messages;
- Provide customer support;
- Monitor for security, prevent fraud and abuse, and enforce our terms;
- Comply with legal obligations.
AI processing and your financial context. To read a document or categorize a transaction, the Service sends it to Anthropic for processing. On every AI call we make on your behalf, the Service also sends a working context about you: the plain-language summary of your financial setup, recent entries from your memory log, and any rules you have stated. That context accompanies statement parsing, transaction categorization, receipt extraction, and report commentary. We do this because a general-purpose model starts from zero every time, and without your context its categorizations are weaker and you correct the same things forever.
You can view, edit, or empty that context at any time in your account settings. Anthropic does not use data submitted through its commercial API to train its models, so your documents, transactions, and context are not used to improve any AI model. Anthropic retains API inputs and outputs for a limited period (currently about 30 days, for abuse monitoring) and then deletes them, and its own privacy practices apply on top of ours. We do not sell personal information.
4. How we share information
We share personal information only with:
- Subprocessors and service providers that help us deliver the Service (hosting, databases and file storage, AI model providers, background job processing, payments, email delivery, analytics, error monitoring, and security). Each one is named below. We require contractual protections from each of them, limiting use of your information to providing services to us.
- Legal and safety recipients — where required by law, subpoena, or to protect rights, safety, or the integrity of the Service.
- A successor entity in connection with a merger, acquisition, or sale of assets, subject to this policy.
We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.
Who we share with, specifically. We share your data only with these providers, and only to run the Service:
- Supabase (database, authentication, and file storage). Your records and your uploaded files live here.
- Anthropic (the Claude API, for parsing, categorization, extraction, and commentary). Receives the documents and transactions being processed, together with your context block on every call. Does not use commercial API data to train its models.
- Inngest (background job orchestration). Sees event payloads such as user IDs, file paths, and run-state metadata, but not the contents of your transactions.
- Resend (transactional email). Sees your email address and the messages we send you.
- Vercel (hosting). Sees web request metadata.
- Upstash (rate limiting). Sees your IP address and one-way hashes of your email address and account identifier, used to count recent sign-in, sign-up, magic-link and upload attempts so the Service can block automated abuse. From uploads it also sees the timing and whether the file was a statement or a receipt, but never the file itself or its contents. These entries expire within minutes to an hour.
- Sentry (error monitoring). Configured to scrub transaction descriptions, merchants, amounts, file names, AI reasoning, and your context fields before anything is sent. Sees user IDs, error stacks, and request paths.
- PostHog (product analytics). Session recording is off and automatic DOM capture is disabled, so it never sees the contents of your records. Sees user IDs, page paths, and named events with counts.
- Stripe (payments). Processes your payment details. We do not store full card numbers.
5. Social Security numbers and sensitive tax data
We never store full Social Security numbers. When a document you upload contains one, the Service detects it and masks it before saving, keeping at most the last four digits. Finding a Social Security number is never required and never blocks an upload.
Be aware that in order to read a document, the Service transmits it to Anthropic as you uploaded it, which means a tax form may still contain a Social Security number at the moment it is sent. Masking happens when we save data on our side. Anthropic does not train on that data and deletes it after its retention window (currently about 30 days, for abuse monitoring). If you would prefer that a document containing a Social Security number not be processed this way, do not upload that document.
6. Cookies
We use cookies to keep you signed in and for product analytics. We do not use third-party advertising cookies, and we do not use analytics that record your screen or capture the contents of your records.
7. Data retention
We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. We keep your data for as long as your account exists. That does not depend on what you pay us: if a subscription ends, your account moves to our free plan and everything in it stays exactly where it is, still yours to read and to export. When you schedule account deletion, we wait 30 days so that you can still cancel, and then permanently delete your account and everything in it: transactions, statements, receipts, categories, rules, audit trail, and the stored files themselves. After that hard delete, recovery is not possible.
8. Security
We use administrative, technical, and physical safeguards appropriate to the nature of the information, including encryption in transit, encrypted credential storage, access controls, and logging. Uploaded files are stored encrypted at rest in private storage with no public download links, and both your records and your files are protected by row-level security tied to your account, so one user's data is not reachable by another. When the Service needs to open one of your files, it does so server-side using a short-lived, single-purpose link. We never ask for and never store your bank login credentials: you provide statements by uploading them. An overview is available at https://onetally.app/security. No system is perfectly secure, and we cannot guarantee absolute security.
9. Your rights and choices
Depending on where you live, you may have rights to:
- Access the personal information we hold about you;
- Correct inaccurate information;
- Delete your information;
- Receive a portable copy of your information;
- Object to or restrict certain processing;
- Opt out of the sale or sharing of personal information (we do not sell or share as those terms are defined under applicable US state laws);
- Not be discriminated against for exercising these rights.
To exercise any of these rights, email hello@onetally.app. We will verify your request and respond within the timeframe required by applicable law. You may also authorize an agent to act on your behalf. If we deny your request, you may appeal by replying to our decision.
You do not have to wait for us for the most common requests. From your account settings you can download a JSON archive of everything we hold for you, including time-limited download links to every file you uploaded, correct your records directly, and schedule account deletion yourself. Every recurring email we send carries a one-click unsubscribe, and you can switch the weekly digest off in your notification settings.
Residents of the EEA, UK, or Switzerland may also lodge a complaint with their local supervisory authority.
10. International transfers
The Service is offered only to individuals and businesses in the United States and is not currently available elsewhere. Our primary data store and our AI processing are located in the United States.
We are based in the United States, and information is processed in the United States.
11. Children
The Site and the Service are intended for adults managing their own or their business finances and are not directed to anyone under 18. We do not knowingly collect personal information from children under 18. If you believe a child has provided us personal information, contact us at hello@onetally.app and we will delete it.
12. Changes to this policy
We may update this policy from time to time. We will post the updated version on this page with a revised "Last updated" date, and for material changes we will provide additional notice (such as email to account holders). Continued use of the Service after changes take effect constitutes acceptance.
13. Contact us
OneTally LC
Email: hello@onetally.app
Support: https://onetally.app
1190 Winterson Rd, Suite 200 PMB 1013, Linthicum Heights, MD 21090, United States