Back to Phoenix

Privacy Policy

Last updated: April 22, 2026

Your privacy matters. This policy explains what we collect, why, and your rights. Plain English only — no fine print tricks.

What we collect

We only collect what we need to run Phoenix:

  • Account info — your name and email, so you can sign in.
  • Financial details you share — income, expenses, debts, goals, and anything you type into Phoenix.
  • Conversations — what you ask Phoenix and what it replies, so we can keep context across sessions.
  • Usage data — pages you visit, clicks, errors, approximate location by IP. Used to keep the app working well.
  • Payment details — handled entirely by Stripe. We never see or store your full card number.

How we use it

  • To run Phoenix — give you insights, simulations, and personalized guidance.
  • To send important account notifications (payment receipts, weekly check-ins, security alerts).
  • To improve the product — find bugs, fix them, build better features.
  • To comply with legal obligations when required.

We never sell your data. We never use your private conversations to train public AI models.

Who we share with

Only the service providers we need to run Phoenix:

  • Stripe — to process payments.
  • AI providers (Anthropic, OpenAI, Google, Abacus.AI) — to generate Phoenix's responses. Your prompts go through them but are not used to train their public models under their enterprise agreements.
  • Hosting & email providers — to run the site and send you notifications.
  • Law enforcement — only if required by a valid legal order.

How long we keep it

Account and financial data stays for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except for records we're legally required to keep (like tax records).

Your rights

You can at any time:

  • Ask what data we have about you.
  • Correct or update it.
  • Export a copy.
  • Delete your account and data.
  • Opt out of non-critical emails (we'll keep billing and security alerts).

To use any of these rights, email us at [email protected]. We respond within 7 days.

Security

Data is encrypted in transit (HTTPS everywhere) and at rest. Passwords are hashed with bcrypt. We use modern access controls and monitor for unusual activity. No system is 100% secure — but we take this seriously and will notify you promptly if a breach affects your data.

Cookies

We use essential cookies to keep you logged in and the app working. No ad-tracking cookies. If we add analytics in the future, we'll disclose it here first.

Children

Phoenix is not for anyone under 18. If we learn a minor has signed up, we'll delete the account.

Changes to this policy

If we make material changes, we'll email you or notify you in-app before they take effect.

Contact

Privacy questions: [email protected].