Privacy Policy
Last updated: July 2, 2026
Trove ("we", "us") is a household finance tool. This policy explains what data we collect when you use Trove at householdtrove.com, how we use it, and the choices you have. We've tried to write it in plain English.
The short version: your financial transactions never touch our servers — they live in your browser and, if you choose to sync, in your own Google Drive. The only things we store are what's needed to run your account (email, subscription status) and basic technical logs.
1. Who we are
Trove is operated as a sole-proprietor service based in Canada. For any privacy queries you can reach us at support@householdtrove.com.
2. What we collect
Account data
- Your email address — used to send magic-link sign-in emails and account communications.
- Your subscription status — whether you're on a trial, active, past-due, or canceled. Stored alongside a customer ID from our payment processor so we can link your account to your billing record.
- Account metadata — when your trial started, when your account was created.
Payment data
Card details, billing addresses, and payment history are handled entirely by our payment processor. We never see or store your card number. We only see a customer ID and your current subscription state.
Technical logs
Our hosting provider keeps short-lived logs of requests to our service — IP address, user agent, request URL, response status, and timestamp. These are retained for up to 7 days and are used to debug errors and prevent abuse.
What we do NOT collect
- Your financial transactions. When you import a CSV or PDF statement, the data is parsed in your browser and saved locally. If you connect cloud sync, a single JSON file is written to your own cloud-storage account — we cannot see or read it. We don't have a database of your spending.
- Your bank credentials. Trove does not connect to banks. There is no Plaid, no Open Banking, no scraping.
- Card numbers. See above — these are handled by our payment processor.
3. How we use your data
The data we hold is used solely to:
- Authenticate you (sign-in via magic link)
- Process payments and manage your subscription
- Send transactional emails (sign-in links, payment receipts, trial ending notices)
- Debug technical errors and prevent abuse
We do not sell your data, share it for advertising, or use it to build behavioural profiles.
4. Service providers
To run Trove we rely on a small set of trusted third-party services. We don't list specific vendors here because we may switch providers from time to time, but each falls into one of the following categories — and each is bound by its own privacy policy and applicable data-protection laws.
- Authentication and database hosting — stores your account record (email, subscription status).
- Payment processing — handles billing, the customer portal, and any payment-related communication. Card details are never seen or stored by Trove.
- Application hosting and content delivery — serves the app and keeps short-term technical logs to debug errors and prevent abuse.
- Optional cloud storage — if you choose to enable cloud sync, you authorise Trove to read and write a single JSON file inside your own cloud-storage account (currently Google Drive). The file is created with default permissions, meaning it is visible only to you unless you explicitly share it from Drive. The OAuth permission we request (
drive.file) is the narrowest scope Google offers — it grants Trove access only to files the app itself created in your Drive. We cannot see, list, or read any other file in your Drive, and we never receive a copy of the JSON file on our servers.
- Transactional email delivery — sends sign-in links, receipts, and important account notices.
If you'd like to know which specific vendors we currently use, email us and we'll tell you.
5. AI-assisted PDF parsing (optional)
When Trove's built-in parsers can't read your PDF statement, we offer an optional AI-parsing fallback. This feature never runs automatically — you must click "Use AI parsing" to trigger it, per statement.
When you opt in for a given PDF:
- The PDF is sent from your browser to our server over an encrypted (HTTPS) connection, and forwarded to a third-party AI provider (currently Anthropic PBC, operator of the Claude API) for the sole purpose of extracting a list of transactions.
- The AI provider returns the extracted transaction list to us, and we forward it back to your browser. Trove does not store the PDF or its extracted contents on our servers. The transactions land in your browser (and, if you've enabled cloud sync, your own cloud-storage account) just like a manual import.
- Under our commercial agreement with the AI provider, the content of your PDF is not used to train their models and is not retained beyond the time required to process your request. See Anthropic's privacy policy for their handling of API-submitted content.
- Because the PDF is sent to a third party for processing, please avoid uploading statements that contain data you don't want briefly transmitted outside your own devices (for example, unrelated documents inadvertently combined into the same PDF).
If you'd rather not use AI parsing, use Trove's manual bank/credit-card parser or import a CSV instead. The AI fallback is opt-in per statement, never on by default, and can be skipped at any time.
6. Cookies and local storage
Trove does not use tracking cookies. We use your browser's localStorage to keep your settings, categories, and (if you haven't enabled cloud sync) your transactions. A small authentication token is stored locally so you don't have to sign in on every visit.
7. Data retention
- Account data: kept while your account is active. If you delete your account, we remove your record from our database within 30 days.
- Billing records: retained by our payment processor as required by applicable law (typically 7 years for tax purposes).
- Technical logs: 7 days, then automatically purged.
- Your transactions: stored entirely in your browser and (if enabled) your own cloud-storage account. Deleting them is up to you.
8. Your rights
Under Canadian privacy law (PIPEDA) and equivalent laws elsewhere, you have the right to:
- Access — request a copy of the personal data we hold about you
- Correct — update any inaccurate or incomplete data
- Delete — request that we delete your account and the data we hold about it
- Withdraw consent — for any optional processing
To exercise any of these rights, email support@householdtrove.com. We'll respond within 30 days.
9. Security
Trove is served exclusively over HTTPS. Authentication tokens are stored only in your browser. Our database uses row-level security so account records can only be read by their owner. We don't pretend security is ever absolute — but the surface area is small because the sensitive parts of your data never leave your device.
10. International users
Some of our service providers operate in the United States and elsewhere. By using Trove, you consent to your data being processed outside Canada.
11. Changes to this policy
If we make material changes, we'll update the "Last updated" date and, where appropriate, notify you by email. Continued use after changes constitutes acceptance.
12. Contact
Questions about this policy or your data: support@householdtrove.com.