OWEABLE

Legal

Privacy Policy

Effective date: May 1, 2026

Oweable ("we", "our", or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect when you use Oweable, how we use it, and the choices you have. By using Oweable you agree to the practices described below.

1. Information we collect

Account information. When you create an account we collect your name and email address through your Google account via OAuth. We do not store your Google password.

Financial obligation data. Oweable stores the bills, debts, subscriptions, mileage logs, citations, and tax deductions you enter manually. This data lives in your account and is used only to provide the service.

Bank connection data (optional). If you choose to connect a bank account, we use Plaid to retrieve read-only transaction and balance information. We never store your banking credentials. Plaid's privacy policy governs data collected through their service.

Usage data. We collect logs of how you interact with the product (pages visited, features used, error events) to improve reliability and performance. This data is not linked to your financial obligation data.

Device and technical data. IP address, browser type, and operating system are collected automatically by our hosting infrastructure for security and abuse prevention.

2. How we use your information

  • Provide, maintain, and improve the Oweable service.
  • Send account-related emails (payment confirmations, security alerts, trial expiration notices).
  • Detect and prevent fraud, abuse, and security incidents.
  • Analyze aggregate usage patterns to prioritize product improvements.
  • Comply with legal obligations.

We do not sell your personal data. We do not use your financial obligation data to train machine learning models or serve advertising.

3. Data sharing and third parties

Supabase. We use Supabase to host our database and handle authentication. Your data is stored in Supabase's managed PostgreSQL infrastructure with encryption at rest and in transit.

Plaid (optional). If you connect a bank account, your credentials are handled directly by Plaid and are never transmitted to Oweable servers.

Vercel. Our application is hosted on Vercel. Vercel may process request logs as part of serving the application.

Legal requirements. We may disclose your information if required to do so by law or in response to valid legal process.

We do not share your data with any third party for advertising, marketing, or data-broker purposes.

4. Data retention

We retain your account and financial obligation data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where retention is required by law. Anonymized, aggregate analytics data may be retained indefinitely.

5. Security

All data is encrypted in transit using TLS 1.2+. Data at rest is encrypted by our database provider. We implement row-level security so that your data is never accessible to other users. We support multi-factor authentication (MFA) for additional account protection.

6. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access. Request a copy of the data we hold about you.
  • Correction. Ask us to correct inaccurate information.
  • Deletion. Request deletion of your account and personal data.
  • Portability. Request an export of your data in a machine-readable format.
  • Objection. Object to certain processing activities.

To exercise any of these rights, email us at privacy@oweable.com.

7. Cookies

Oweable uses a small number of essential cookies required for authentication and session management. We do not use tracking cookies or advertising cookies. You can disable cookies in your browser settings, but doing so will prevent you from staying signed in.

8. Children's privacy

Oweable is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If we become aware that we have collected data from a child under 13, we will delete that information promptly.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice at least 14 days before the changes take effect. Continued use of Oweable after that period constitutes acceptance of the updated policy.

10. Contact

Questions about this Privacy Policy? Email us at privacy@oweable.com.