Privacy Policy
We believe your financial information is deeply personal. This policy explains exactly what we collect, why we collect it, and how we keep it safe.
Last updated: February 2026
Our Commitment to You
At Guldza, privacy isn't just a policy—it's a promise. We built our platform with privacy by design, including field-level AES-256-GCM encryption that individually seals every name, bank, merchant, and description. Even our own team cannot see your individual financial details. We never sell your personal information, and we collect only what's necessary to provide you with the best experience.
What We Collect
We collect only the information needed to provide our services: your name and email for your account, the financial data you choose to enter (transactions, budgets, goals), and basic usage data to improve the app. We do not access your bank accounts directly—all data entry is manual or via screenshots you provide.
How We Use Your Data
Your data powers your personal finance insights. We use it to calculate your budgets, track your spending patterns, and provide artificial intelligence analysis. We use only anonymous aggregate counters—demographic trends and spending culture patterns—to improve our service. Your individual information is never accessed, shared, or sold to third parties.
How We Protect Your Data
Your financial data is protected by field-level AES-256-GCM encryption—every name, bank, merchant, and description is individually sealed with its own unique initialization vector. Even Guldza's own team cannot see individual financial details; our admin tools show only anonymous aggregate trends. Your email is stored only in the authentication system, completely separated from financial data. We use TLS 1.3 for data in transit and additional per-user encryption for API keys. Our infrastructure is hosted on enterprise-grade cloud services with 24/7 monitoring.
Data Retention
Uploaded PDF and image files are processed entirely in memory and are never stored on our servers—once your transactions are extracted, the original file is discarded immediately. Extracted transaction data is encrypted at rest and retained until you choose to delete it. Receipt screenshots are stored encrypted in secure storage for reconciliation purposes. Import job metadata is retained for duplicate detection; deleting your account permanently purges all associated data.
Cookies & Tracking
We use only essential cookies required to keep you logged in and remember your preferences. We do not use advertising cookies, third-party trackers, or sell your browsing data. Your activity on Guldza stays between you and Guldza.
Third-Party Services
We use trusted third-party services for specific functions: secure cloud infrastructure for data storage, Stripe for payment processing, and Google Gemini for artificial intelligence features. Each service has its own privacy policy and is bound by strict data protection agreements. We never share more data than necessary.
Your Rights & Controls
You have full control over your data. At any time, you can: access and download all your data, correct any inaccurate information, delete your account and all associated data, or request information about how your data is used. Visit your Account Settings to exercise these rights.
Questions?
We're here to help. If you have questions about this Privacy Policy or how we handle your data, visit our Help Center to submit a support ticket. We typically respond within 24 hours.