Privacy Policy
WealthR stores only the financial information you choose to enter — investment values, property figures, debt balances — so we can calculate your net worth and power your forecasts. We don't know your bank details, sort codes or account numbers because we never ask for them.
We don't sell your data. We don't show you ads. We don't share your information with anyone except the small number of infrastructure providers needed to run the service. Your financial life is private — and we've built WealthR to keep it that way.
01Who we are
WealthR is a personal finance tracking application built and operated by Kanehouse, based in Edinburgh, Scotland. We are the data controller for all personal data processed through WealthR.
For the purposes of UK GDPR, Kanehouse is responsible for ensuring your personal data is handled lawfully, fairly and transparently.
02What data we collect
We collect the minimum data necessary to provide the service:
- Account data — your email address and a hashed password, or a Google OAuth token if you sign in with Google. We never see your raw password.
- Financial tracking data — the investment values, property figures, debt balances, asset values and monthly entries you choose to log. This data is stored against your account so it syncs across devices.
- Profile data — your name, date of birth (month and year only), target retirement age, monthly contribution and expected growth rate. These power your forecasts and are never shared.
- Tax calculator inputs — if you use the Tax tab, your gross salary, region, pension contribution percentages, student loan plan and any optional flags you set (e.g. children, marriage allowance) are saved to your profile so they pre-fill next time. This data is stored as part of your account, is never shared, and can be deleted by clearing your profile or closing your account.
- Usage data — basic technical logs (errors, performance) to keep the app running. We do not use analytics platforms that track individual behaviour across sessions.
- Marketing email address — if you choose to join our product update list or Pro waitlist, we store the email address you provide. This is separate from your account email and is only used for the purpose you consented to. You can withdraw consent at any time by contacting us.
- Adviser share tokens — if you generate a read-only share link, we store a randomly generated token linked to your account. Anyone with this token can view (but not edit) your dashboard. You can revoke this token at any time from Settings.
What we never collect: National Insurance number, bank account details, sort codes, payment card information, open banking credentials, or any connection to your financial institutions. WealthR does not connect to your bank — ever.
03Legal basis for processing (UK GDPR)
Under UK GDPR, we are required to identify a lawful basis for processing your personal data. We rely on the following:
| Legal basis | What it covers |
|---|---|
| Contract performance | Processing your account data, financial entries and profile to provide the WealthR service you signed up for. |
| Legitimate interests | Technical logs and error monitoring to maintain a secure, stable service. We have assessed that these interests do not override your rights. |
| Consent | Sending you marketing or feature update emails — only if you have opted in. You can withdraw consent at any time. |
| Legal obligation | Retaining certain records if required to do so by applicable UK law. |
04How we use your data
Your data is used exclusively to:
- Provide and sync your WealthR account across devices
- Generate your net worth calculations, forecasts, charts and insights within the app
- Send transactional emails (password reset, account confirmation) — no marketing without explicit consent
- Send product update or Pro launch emails — only where you have explicitly opted in via a consent checkbox
- Power the adviser share link feature — if you generate a share link, the recipient can view your dashboard in read-only mode using a randomly generated token. We never proactively share your data; this is always user-initiated
- Fetch live cryptocurrency prices from CoinGecko — your device makes a direct request to CoinGecko's public API using a coin identifier (e.g. "bitcoin"). No personal data is sent to CoinGecko
- Diagnose errors and improve the reliability of the service
We do not use your data for advertising, profiling, automated decision-making, or sale to third parties — under any circumstances.
05Who we share data with
We use a small number of trusted infrastructure providers. No one else has access to your data.
We do not use Google Analytics, Meta Pixel, or any advertising or behavioural tracking networks.
06Data retention
Your data is retained for as long as your account is active. You can permanently delete your account at any time from Settings → Delete account inside the app. This immediately and permanently deletes all your financial data, profile information and activity history. This action cannot be undone.
We may retain anonymised, aggregated data (e.g. total number of active users) that cannot be linked to any individual.
If we are legally required to retain certain records, we will do so only for the minimum period required and will not use them for any other purpose.
07Your rights under UK GDPR
You have the following rights in relation to your personal data. Most can be exercised directly within the app — for others, use the contact form below.
We will respond to all rights requests within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.
08Cookies
WealthR uses a single session cookie to keep you signed in. We do not use tracking cookies, advertising cookies, or any third-party cookies for analytics or profiling. No cookie consent banner is required because we use only strictly necessary cookies as defined under UK PECR.
09Security
We implement appropriate technical and organisational measures to protect your personal data:
- All data is transmitted over HTTPS / TLS
- Passwords are hashed using industry-standard bcrypt — never stored in plain text
- Your financial data is stored with Row Level Security (RLS) enforced at the database level — each user can only ever access their own data, even at the query level
- No financial institution credentials are ever requested or stored
While we take security seriously and implement industry-standard protections, no internet service can guarantee absolute security. If you believe your account has been compromised, please contact us immediately.
10Data breach notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach, as required by UK GDPR Article 33.
Where a breach is likely to result in a high risk to you personally, we will also notify you directly without undue delay, including what happened, what data was affected, and what steps we are taking.
11Children
WealthR is a financial tracking tool intended for adults aged 18 and over. We do not knowingly collect or process data from anyone under the age of 18. If you believe a minor has created an account, please contact us and we will delete it promptly.
12Changes to this policy
We may update this policy from time to time to reflect changes in the law, our practices, or the services we offer. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email.
Continued use of WealthR after changes have been published constitutes your acceptance of the updated policy.
13Contact & data requests
Questions about this policy, how we handle your data, or to exercise any of your rights? Use the form below. We will respond within 30 days.
Kanehouse · Edinburgh, Scotland, UK · See our roadmap →