Privacy Policy
Last updated: May 19, 2026
Trove ("we", "us") is a household finance tool. This policy explains what data we collect when you use Trove at householdtrove.com, how we use it, and the choices you have. We've tried to write it in plain English.
The short version: your financial transactions never touch our servers — they live in your browser and, if you choose to sync, in your own Google Drive. The only things we store are what's needed to run your account (email, subscription status) and basic technical logs.
1. Who we are
Trove is operated as a sole-proprietor service based in Canada. For any privacy queries you can reach us at support@householdtrove.com.
2. What we collect
Account data
- Your email address — used to send magic-link sign-in emails and account communications.
- Your subscription status — whether you're on a trial, active, past-due, or canceled. Stored alongside a customer ID from our payment processor so we can link your account to your billing record.
- Account metadata — when your trial started, when your account was created.
Payment data
Card details, billing addresses, and payment history are handled entirely by our payment processor. We never see or store your card number. We only see a customer ID and your current subscription state.
Technical logs
Our hosting provider keeps short-lived logs of requests to our service — IP address, user agent, request URL, response status, and timestamp. These are retained for up to 7 days and are used to debug errors and prevent abuse.
What we do NOT collect
- Your financial transactions. When you import a CSV or PDF statement, the data is parsed in your browser and saved locally. If you connect cloud sync, a single JSON file is written to your own cloud-storage account — we cannot see or read it. We don't have a database of your spending.
- Your bank credentials. Trove does not connect to banks. There is no Plaid, no Open Banking, no scraping.
- Card numbers. See above — these are handled by our payment processor.
3. How we use your data
The data we hold is used solely to:
- Authenticate you (sign-in via magic link)
- Process payments and manage your subscription
- Send transactional emails (sign-in links, payment receipts, trial ending notices)
- Debug technical errors and prevent abuse
We do not sell your data, share it for advertising, or use it to build behavioural profiles.
4. Service providers
To run Trove we rely on a small set of trusted third-party services. We don't list specific vendors here because we may switch providers from time to time, but each falls into one of the following categories — and each is bound by its own privacy policy and applicable data-protection laws.
- Authentication and database hosting — stores your account record (email, subscription status).
- Payment processing — handles billing, the customer portal, and any payment-related communication. Card details are never seen or stored by Trove.
- Application hosting and content delivery — serves the app and keeps short-term technical logs to debug errors and prevent abuse.
- Optional cloud storage — if you choose to enable cloud sync, you authorise the app to write a single JSON file to your own cloud-storage account. We don't access the file ourselves.
- Transactional email delivery — sends sign-in links, receipts, and important account notices.
If you'd like to know which specific vendors we currently use, email us and we'll tell you.
5. Cookies and local storage
Trove does not use tracking cookies. We use your browser's localStorage to keep your settings, categories, and (if you haven't enabled cloud sync) your transactions. A small authentication token is stored locally so you don't have to sign in on every visit.
6. Data retention
- Account data: kept while your account is active. If you delete your account, we remove your record from our database within 30 days.
- Billing records: retained by our payment processor as required by applicable law (typically 7 years for tax purposes).
- Technical logs: 7 days, then automatically purged.
- Your transactions: stored entirely in your browser and (if enabled) your own cloud-storage account. Deleting them is up to you.
7. Your rights
Under Canadian privacy law (PIPEDA) and equivalent laws elsewhere, you have the right to:
- Access — request a copy of the personal data we hold about you
- Correct — update any inaccurate or incomplete data
- Delete — request that we delete your account and the data we hold about it
- Withdraw consent — for any optional processing
To exercise any of these rights, email support@householdtrove.com. We'll respond within 30 days.
8. Security
Trove is served exclusively over HTTPS. Authentication tokens are stored only in your browser. Our database uses row-level security so account records can only be read by their owner. We don't pretend security is ever absolute — but the surface area is small because the sensitive parts of your data never leave your device.
9. International users
Some of our service providers operate in the United States and elsewhere. By using Trove, you consent to your data being processed outside Canada.
10. Changes to this policy
If we make material changes, we'll update the "Last updated" date and, where appropriate, notify you by email. Continued use after changes constitutes acceptance.
11. Contact
Questions about this policy or your data: support@householdtrove.com.