Back to home

Privacy Policy

Last updated: January 2025

Overview

Steady ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our personal finance application.

We comply with the New Zealand Privacy Act 2020 and are committed to handling your personal information responsibly and transparently.

Information We Collect

  • Account Information: Email address, name, and authentication details when you create an account.
  • Financial Data: Transaction data from your connected bank accounts via Akahu (a licensed NZ open banking provider).
  • Usage Data: How you interact with the app to improve your experience.

How We Use Your Information

  • To provide personalised financial insights and recommendations
  • To track your spending, goals, and budgets
  • To send you relevant alerts about your finances
  • To improve our service and develop new features

Data Security

We use industry-standard security measures to protect your data:

  • All data is encrypted in transit (TLS) and at rest
  • We never store your bank login credentials
  • Bank connections are handled securely via Akahu
  • Regular security audits and monitoring

Data Sharing

We do not sell your personal information. We only share data with:

  • Akahu Limited - for secure bank connections. Akahu is registered with the Financial Markets Authority (FMA) as a provider of prescribed intermediary services and operates under their own privacy policy.
  • Stripe - for payment processing (PCI-DSS compliant)
  • Clerk - for authentication services
  • Anthropic - for AI-powered insights (no personal financial data is shared with AI models; only anonymised transaction descriptions for categorisation)
  • Cloud infrastructure providers essential to running our app

Artificial Intelligence

Steady uses AI to provide personalised insights and automatic transaction categorisation.

  • AI processes transaction descriptions to suggest categories
  • Your actual account balances and personal details are not sent to AI services
  • AI responses are generated based on aggregated, anonymised patterns
  • You can correct AI categorisations, which helps improve accuracy for you

Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • All personal data is permanently deleted within 30 days
  • Bank connections are immediately revoked
  • Anonymised, aggregated data may be retained for service improvement

International Data Transfers

Some of our service providers operate outside New Zealand. When data is transferred internationally, we ensure appropriate safeguards are in place to protect your information in accordance with the Privacy Act 2020.

Cookies and Analytics

We use essential cookies for authentication and session management. We may use analytics to understand how our app is used and to improve the experience. We do not use advertising cookies or sell data to advertisers.

Your Rights

Under the NZ Privacy Act 2020, you have the right to:

  • Access your personal information
  • Request correction of inaccurate data
  • Delete your account and associated data
  • Export your data

Contact Us

If you have questions about this Privacy Policy or your data, contact us at hello@steady.nz