Privacy Policy

Daiku ('we', 'our', or 'us') is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard data when you use the Daiku personal finance platform available at daiku.app.

By using Daiku, you agree to the collection and use of information in accordance with this policy.

Account information. When you register, we collect your email address, name, and a hashed password. If you sign in via Google OAuth, we receive your name, email, and profile picture from Google.

Financial data. Daiku stores the financial records you enter: expenses, income, recurring transactions, portfolio holdings, and category budgets.

Usage data. We may collect anonymised information about how you interact with the application to improve the product. We do not sell this data.

Technical data. Standard server logs may include your IP address and browser type, used solely for security monitoring.

We use your information to: provide, operate, and improve the Daiku service; authenticate your identity; send transactional emails; generate your financial summaries and reports; and respond to support requests.

We do not use your financial data for advertising, profiling, or sale to third parties.

Your data is stored in a secured database with strict access controls. Access tokens are short-lived (60 minutes) and refresh tokens expire after 7 days.

All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text.

We use: Railway (backend hosting), Vercel (frontend hosting), Google OAuth (optional sign-in), and Resend (transactional email). Each provider operates under their own privacy policy.

We retain your data while your account is active. If you delete your account, your data is permanently removed within 30 days, except where retention is required by law.

You have the right to: access your data; request correction of inaccurate data; request account deletion; and export your data in a portable format.

Daiku does not use tracking or advertising cookies. We use browser localStorage to store authentication tokens and user preferences. This data stays on your device.

Daiku is not directed at children under 16. If you believe a minor has provided us with personal data, please contact us and we'll delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice.

If you have questions about this Privacy Policy: hello@daiku.app.