How we look after your money data.

Whatever you put into the app: your accounts, the transactions you log, your budgets, categories, tags, notes. Plus the basics any sign-in needs — your email address, an encrypted password (or just an email if you use the magic-link flow), and a workspace name.

We don't collect anything you didn't type. No bank-account scraping, no contact list, no location, no third-party analytics fingerprint.

Your data is stored in Supabase (Postgres on AWS, managed by Supabase). The hosting region is in Asia-Pacific so the round-trip from Indonesia stays short.

The app itself runs on Vercel. Vercel terminates HTTPS for okaneku.com and forwards requests to our server functions; it does not store your money data.

• In transit: every request to and from okaneku.com uses HTTPS (TLS 1.2 or newer). The same applies between our server and Supabase.
• At rest: the Supabase database is stored on disks encrypted with AES-256. Database backups are encrypted the same way.
• Auth tokens:your session is kept in an HTTP-only, Secure, SameSite cookie — JavaScript on the page can't read it, and it can't be sent from a different site.
• Cross-workspace isolation:Postgres Row Level Security policies on every table ensure no workspace can read another workspace's rows, even if a software bug tried to fetch them.

What we don't do: we don't encrypt individual columns (amounts, notes, etc.) with a key only you hold. That's a deliberate decision, not a missing item on a checklist. Per-column user-key encryption would break the things that make Okaneku actually useful — search across notes, dashboard totals, budget aggregation, the AI assistant reading your transactions to answer questions, FX conversion, even simple sort-by-amount. It would also turn a forgotten password into permanent data loss.

The protections above (HTTPS + AES-256 disk + HTTP-only cookies + RLS) match what most personal-finance apps and banks use. If you need stronger guarantees — "not even the maintainer can read this" — Okaneku isn't the right tool, and we'd gently point you toward an offline ledger or an end-to-end encrypted note app instead.

Only you, and anyone you've explicitly invited to your workspace. We enforce this at the database level with Postgres Row Level Security (RLS): every query is scoped to your workspace, so even a software bug can't accidentally surface another household's transactions.

The maintainer (the founder behind Okaneku) has technical access to the database for debugging and backups, the way any small-team app does. We don't routinely look at your records, and we don't share them with anyone.

When you ask a question in the chat, or use the AI quick-add ("lunch warung soto 45rb BCA"), the text you type is sent to Anthropic (the company behind Claude) so the model can read it and reply. To answer money questions, the assistant may also fetch a small summary of your data — your account balances, recent transactions, or spending in a category — but only for the question you just asked, and only within your own workspace.

Receipt photos:when you tap the camera button on the AI tab to scan a struk, the photo is sent once to Anthropic so Claude can read the merchant, total, and date off the paper. We don't save the image — it's held in memory just long enough to forward upstream, then dropped when the response comes back. The extracted fields land in the transaction form for you to confirm. Nothing about the photo is kept after that.

Anthropic's own privacy terms apply to data while they process it; we don't train any model on your transactions or receipts, and Anthropic's policy is the same.

• Open Exchange Rates— daily currency-conversion rates (e.g. GBP → IDR). We fetch rates only; no user data is sent.
• jsDelivr / Google Fonts — public CDNs serving fonts and a couple of small libraries directly to your browser. Standard browser fingerprinting (IP, user agent) is what they get; no Okaneku data crosses to them.

We use cookies for two things:

• Your auth session(so you don't have to sign in on every visit).
• Your theme preference (light / dark / system).

We also use your browser's local storage for one tiny thing: which Add-transaction tab you used last (Quick Add / Drag & Drop / AI), so we can default to it next time. None of these are tracking cookies, and there's no third-party analytics script on the page.

• Export everything — Settings → Data → Export to CSV. Filter by date range, type, or take the whole lot.
• Delete a record — every account, transaction, budget, category, and tag is deletable from its own page.
• Delete your workspace — currently requires emailing the operator. Self-serve account deletion is on the roadmap.

We update this page when reality changes — when we add a new third party, switch a region, change how the AI flow works. The "last updated" date at the top tells you when. We don't send a notification email for changes; this page is the source of truth.

If you have questions about your data, found something that contradicts this page, or want a copy of everything we have on you — open the app's in-chat assistant and tell it. The team gets the message with your workspace context attached. Or email the operator if you have a direct address.