1. Introduction
Copivia ("the Application," "we," "us," or "our") is a Windows desktop application that helps individuals track their personal finances. This Privacy Policy explains what information the Application collects, how it is used, where it is stored, and what choices you have.
Copivia is currently distributed to a small, invite-only beta group of friends and family. This policy is written to accurately describe the Application as it exists today, while noting features that are planned for future releases.
If you have questions about this policy, contact us using the information in Section 10.
2. Information We Collect
2.1 Information You Provide Directly
The Application does not currently require you to create a user account or provide a name, email address, or other identifying information to use its core features. Any financial data you enter manually (account balances, budgets, goals, notes, etc.) is entered voluntarily by you and stored as described in Section 4.
2.2 Information From Plaid
Copivia uses Plaid Inc. to connect to your bank, credit card, brokerage, and loan accounts. When you choose to connect an account:
- You authenticate directly with your financial institution or with Plaid, not with us. We do not see or store your bank login credentials.
- Plaid returns an access token to the Application, which the Application uses to request account, balance, transaction, investment, and liability data on your behalf.
- The Application stores the Plaid access token (encrypted, see Section 4) and the financial data returned by Plaid (accounts, transactions, balances, holdings, and liability details) locally on your computer.
- Plaid's own use of your data is governed by Plaid's End User Privacy Policy, which we encourage you to review.
We do not receive or store your bank username or password. We only receive the data Plaid is authorized to share based on the products the Application requests (currently Transactions, Investments, and Liabilities).
2.3 Information From Stripe (Future)
Copivia does not currently process any payments. In a future release, we plan to offer an optional paid subscription tier, processed through Stripe Inc.. When that feature launches:
- Payment card details will be entered directly into Stripe's hosted interface and will never be transmitted to or stored by us.
- We will receive limited billing metadata from Stripe (such as subscription status, plan type, and renewal dates) needed to manage your subscription.
- Stripe's handling of your payment data is governed by Stripe's Privacy Policy.
This section will be updated with specific details before any paid subscription feature is enabled.
2.4 Automatically Collected Information
The Application writes local diagnostic logs (see Section 4.4) to help you and us troubleshoot problems. These logs may include timestamps, error messages, and non-sensitive operational details (for example, "backend started" or "database migration applied"). Logs are not automatically transmitted to us; see Section 9 for how you can voluntarily share them if you request support.
3. What Plaid Provides Us
When you link an account, Plaid may provide the following categories of data, depending on the products enabled for that connection:
- Account information — account names, types, and masked account numbers.
- Balances — current and available balances.
- Transactions — transaction history, amounts, dates, merchant names, and categories.
- Investments — holdings and securities data (for brokerage accounts).
- Liabilities — credit card, student loan, and mortgage details such as APR and minimum payments (where supported by your institution).
We do not request or receive your full account or routing numbers, your online banking credentials, or your Social Security number through Plaid.
4. How and Where Your Data Is Stored
4.1 Local-First Storage
Copivia is a local-first application. All financial data — including data synced from Plaid and any information you enter manually — is stored in a SQLite database file on your own computer, in your Windows user profile's application data directory. This data does not leave your device unless you explicitly export it (for example, via the Application's CSV export feature).
4.2 No Cloud Synchronization Today
The Application does not currently offer cloud synchronization, cloud backup, or any server-side storage of your financial data. We do not operate a server that stores your account balances, transactions, or holdings. If your computer is lost, stolen, or its storage is damaged without a backup, your locally stored data may be unrecoverable.
4.3 Encrypted Credentials
Plaid access tokens (which allow the Application to request updated data on your behalf) are encrypted before being written to the local database. See our Information Security Policy for more detail on how this encryption is implemented.
4.4 Local Logs
Application and backend logs are written to your local Windows application data directory. These logs are used only for local troubleshooting and are not automatically uploaded anywhere.
4.5 Future Cloud Sync
We are considering an optional cloud synchronization feature for a future release, intended to let users access their data across multiple devices. This feature does not exist today. If and when it is introduced, it will be opt-in, and this Privacy Policy will be updated in advance to describe what data would be transmitted, where it would be stored, and what security controls would protect it. We will not enable cloud sync for existing users without clear notice and consent.
5. How We Use Information
Because the Application does not operate a backend server or collect data from you directly, our use of information is limited to:
- Displaying your financial data back to you within the Application.
- Performing calculations (net worth, budgets, debt payoff projections, etc.) locally on your device.
- Using diagnostic logs, if you voluntarily share them with us, to troubleshoot issues you report.
We do not sell your data. We do not use your financial data for advertising. We do not have the technical ability to view your financial data ourselves, since it is stored only on your device.
6. Disconnecting Accounts
You may disconnect any linked financial institution at any time from within the Application's settings or connections screen. Disconnecting an account:
- Revokes the associated Plaid access token via Plaid's API where possible.
- Removes the encrypted access token from your local database.
- Does not automatically delete previously synced transactions or balances associated with that connection; you may separately delete that data as described in Section 7.
7. Data Deletion
Because your data is stored locally, you are in direct control of it. You can delete data in the following ways:
- Disconnect an institution to stop future syncing and revoke Plaid's access (Section 6).
- Delete individual records (accounts, transactions, budgets, goals, etc.) from within the Application, where the Application supports it.
- Uninstall the Application, which removes the installed program files. Note that, depending on your Windows configuration, your local database and log files in the application data directory may persist after uninstalling; you can manually delete this folder for a full removal.
- Contact us (Section 10) if you would like guidance on fully removing your data or if you believe data was not deleted as expected.
For more detail, see our Data Retention & Deletion Policy.
8. Your Rights
Regardless of your location, we aim to offer the following to all users of Copivia:
- Access — because your data lives on your own device, you already have full access to it.
- Correction — you may edit or correct manually entered data at any time within the Application.
- Deletion — as described in Section 7.
- Portability — you may export your data (for example, via CSV export) at any time.
- Withdrawal of consent — you may disconnect any linked Plaid institution at any time.
If we introduce cloud sync, user accounts, or other server-side processing in the future, we will update this section to describe additional rights and how to exercise them (for example, formal data subject access requests where applicable law requires it).
9. Sharing Diagnostic Information With Us
If you contact us for support, we may ask you to voluntarily share local log files or a description of the issue you're experiencing. We will only use information you share with us to diagnose and resolve the issue you reported. We will not request your Plaid credentials, your bank password, or your full financial data as part of a support request.
10. Beta Program Notice
Copivia is currently in a limited beta, distributed only to a small group of friends and family invited directly by the developer. Beta software may contain bugs, and features (including this policy) may change as the Application matures toward a broader or commercial release. We will make reasonable efforts to notify beta users of material changes to this policy.
11. Changes to This Policy
We may update this Privacy Policy as the Application evolves, particularly as features like cloud sync, user accounts, paid subscriptions, or mobile applications are introduced. We will update the "Last updated" date at the top of this document when changes are made. Continued use of the Application after an update constitutes acceptance of the revised policy.
12. Contact Information
For privacy questions, data deletion requests, or general concerns, contact:
Anniston Kruger Founder • Owner • Lead Developer, Copivia
Email: krugeranniston@gmail.com
For security-related concerns specifically, you may also contact:
Seth Norton Co-Developer • Infrastructure & Information Security, Copivia
Email: Snort84@wgu.edu
This Privacy Policy applies to the current beta version of Copivia as of the date above. It does not claim compliance with any specific regulatory framework (such as GDPR or CCPA) unless a future version of this document explicitly states otherwise.