Most privacy policies are written to protect the company. This one is written to tell you what actually happens to your data — and what doesn't.
Effective: May 2026 · Vithropic, Inc.
"We never sell. Not your data.
Not our values. Not the company you trust."
Vithropic founding commitment — permanent, public, non-negotiable
This privacy policy describes how Vithropic, Inc. ("Vithropic," "we," "us") collects, uses, stores, and protects information when you use vithropic.com, app.vithropic.com, and any related services. It applies to all users — trial, paying, and former.
This policy does not apply to third-party services we link to. Those services have their own privacy policies.
We collect only what we need to provide the service. Nothing more.
| Category | What specifically | How collected |
|---|---|---|
| Account information | First name, last name, email address, account creation date, subscription status | You provide at sign-up |
| Financial transactions | Transaction amounts, dates, merchant categories, account balances, account type (e.g., checking, 401k), statement period dates | Extracted from documents you upload; stored after processing |
| Health and activity data | Sleep duration, activity levels, heart rate averages, step counts, stress signals — from the health platform on your phone or wearable device | You connect through your device's health platform with explicit permission |
| Usage data | Pages visited, features used, session timing. No keystroke logging, no screen recording. | Automatically collected while using the service |
| Communications | Messages you send us via contact form or email | You provide when you contact us |
Several categories of data that appear in uploaded documents are explicitly excluded from storage:
When you upload a financial document, the following happens in sequence:
The document itself never persists. If you delete your account, the transaction data derived from it is also deleted.
| Purpose | What data |
|---|---|
| Providing the service | All account and financial data — to generate your dashboard, briefings, and intelligence |
| Personalization | Transaction patterns, health data, usage behavior — to calibrate intelligence to your specific situation |
| Aggregate benchmarks | Anonymized behavioral data — to show how similar profiles compare (minimum cohort of 50 required before any benchmark is published) |
| Communications | Email address — to deliver briefings, product updates, and trial expiry notifications |
| Security and fraud prevention | Usage data, account information — to detect anomalies and protect accounts |
| Product improvement | Aggregated, anonymized usage data only — never individual records |
We do not use your data for advertising. We do not build advertising profiles. We do not sell, rent, lease, or trade your personal information to any third party, for any purpose, ever.
We keep your data as long as your account exists. When you delete your account:
Anonymized aggregate contributions to cohort benchmarks cannot be individually extracted after the fact — the data was anonymized before contribution and is no longer distinguishable as yours within the statistical population. All personally identifying information is deleted completely. This is disclosed because you deserve to know it.
We retain records of financial transactions with us (subscription payments) for the period required by applicable tax law, even after account deletion.
We use a small number of third-party services to operate. Each receives only the data they need for their specific function:
| Service type | What data they receive | Why |
|---|---|---|
| Authentication provider | Email address, session tokens | Secure sign-in and account management |
| Payment processor | Name, email, payment card details, billing address | Processing subscription payments — we never see or store raw card data |
| Email delivery | Email address, briefing content | Delivering your weekly briefings and account notifications |
| AI processing layer | Document text during processing only — not retained after processing completes | Extracting transactions and balances from uploaded documents |
| Cloud infrastructure | All data, encrypted | Hosting, storage, compute |
| Security monitoring | System logs, anonymized usage patterns | Detecting and responding to security threats |
We do not share your data with data brokers, marketing platforms, analytics resellers, or any party whose business model involves selling or monetizing data.
We may disclose personal information if required by law, court order, or lawful government request. We will notify you of such requests unless prohibited by law from doing so.
Vithropic is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact us immediately at the address below and we will delete it.
For users aged 13 to 17, we recommend parental review of this policy before use.
When we make material changes to this policy, we will notify you by email at least 30 days before the changes take effect. Minor clarifications that do not affect your rights or our practices may be made without advance notice.
The effective date at the top of this page reflects when the current version took effect. Previous versions are available on request.
Vithropic uses an AI extraction layer to process uploaded documents. Because AI processing is a category of data handling that many privacy policies ignore entirely, we give it its own section.
Every document upload is a fresh, isolated operation. The AI extraction layer receives the document text and a scoped instruction. It has no memory of previous uploads, no access to your account history, and no context about who you are. Each call is completely independent.
The AI is given a specific, narrow instruction: extract transaction amounts, dates, merchant categories, and balances. It is not given free-form access to your document. It is not asked to analyze, summarize, or retain anything beyond those specific fields. Personal identifiers are explicitly excluded from the extraction scope.
The AI processing infrastructure we use operates under enterprise-grade data handling terms. Your document content is not used to train, fine-tune, or improve any AI model — by us or by any service provider. This is a contractual commitment in our agreements with AI service providers, not merely a preference.
The raw text content of your uploaded PDF, plus a scoped instruction to extract specific financial data fields only. No account history. No prior context. No personally identifying information beyond what appears in the document text itself — which it is instructed to disregard.
A structured list of transactions (amount, date, category) and account balance data. Nothing else. If the document contains information the AI was not instructed to extract, that information is not returned and is not retained. The AI's output is the only data that flows into Vithropic's storage layer.
The document text that was sent to the AI extraction layer is not retained by the AI infrastructure after the processing call completes. It is not stored in logs, not cached, and not accessible after the call. The only persistent record of the document is the structured transaction and balance data stored in your encrypted Vithropic account.
Your weekly intelligence briefings are generated using stored transaction and balance data — not by re-processing original documents. The AI briefing layer receives anonymized financial patterns and instructions. It does not receive raw document text, account numbers, or personal identifiers. Briefing generation is also stateless — each briefing is generated independently.
These rights can be exercised from your account settings at any time without contacting us. You should not have to ask permission to control your own data.
Request a complete, machine-readable export of all data Vithropic holds about you — transactions, health data, briefing history, account information. Delivered to your registered email within 24 hours.
Delete your account and all associated personal data. Confirmation sent when deletion is complete. No retention periods. No recovery. The data is gone within 30 days, with most categories deleted immediately.
View a complete inventory of every data category Vithropic holds about you — what it is, how it is used, and when it was last updated. No hidden categories. No surprises. Available from account settings.
If any personal information we hold about you is inaccurate, you can update it from account settings or by contacting us. We will make corrections within 48 hours.
Stop uploading documents at any time. Previously stored data remains in your account until you delete it. Disconnecting health data from account settings stops health data collection immediately. You control the cadence entirely.
Unsubscribe from non-essential communications at any time using the unsubscribe link in any email. Transactional communications (account security, trial expiry) cannot be opted out of while your account is active.
If you are located in California (CCPA/CPRA) or the European Union / United Kingdom (GDPR), you have additional rights including the right to know the categories of third parties with whom we share data, the right to non-discrimination for exercising privacy rights, and the right to lodge a complaint with your local supervisory authority. Contact us at the address below to exercise these rights.
Vithropic uses a minimal set of cookies required to operate the service securely:
We do not use advertising cookies, third-party tracking cookies, or cross-site tracking of any kind. We do not use Google Analytics, Facebook Pixel, or any behavioral advertising technology. We do not fingerprint your browser.
You can disable cookies in your browser settings. Session and security cookies are required for the authenticated portal to function — disabling them will prevent sign-in.
Privacy requests — including data access, correction, and deletion requests — are handled personally and responded to within 48 hours. Data deletion is completed within 30 days of the request.
Vithropic, Inc. · Contact form