Acclo IQ — Privacy Policy

Effective Date: 2026-04-22 Version: 1.0

Summary

Acclo IQ is a local-first personal finance app. Your financial data lives on your device — we cannot access it. The only data we process is what’s needed to run licensing, payments, and optional features like cloud sync and bank sync. We send one telemetry ping per day (which you can opt out of at any time) to know what to build next. We do not sell your data. We do not run ads. We do not track you across the web. This policy explains exactly what we collect, why, and how to control it.

This Privacy Policy describes how Engenso LLC (“Company,” “we,” “us,” or “our”) handles information in connection with the Acclo IQ desktop application, progressive web application, and related services (collectively, the “Service”). Your use of the Service is also governed by our Terms of Service and End User License Agreement.

1. Our Privacy Commitment

Acclo IQ is built on a local-first architecture. Your financial data — transactions, budgets, categories, bank account information, receipts, and all other personal financial records — is stored exclusively on your device in a local SQLite database.

We do not operate cloud servers that store your financial data. We cannot access, read, or retrieve your financial information. There is no cloud database, no backend server, and no server-side processing of your data.

Your financial data is your property. We claim no rights to it beyond those necessary to deliver the Service to you.

Free Tier Privacy Guarantee

The application periodically checks for available updates by contacting our hosting infrastructure (Cloudflare). This request transmits no user data — only the app version and platform. Your IP address is visible to Cloudflare as an inherent property of the network connection, subject to Cloudflare’s privacy policy and standard log retention. This operates under legitimate interest (GDPR Art. 6(1)(f)) to ensure you run a secure, up-to-date version. You can disable this in Settings > Privacy.

With both usage telemetry and automatic update checks disabled, the application makes zero network requests and operates entirely offline. No license server, no payment processor, no analytics service, and no cloud provider receives any information from your device.

The third-party services described in this policy (Keygen.sh, Polar.sh, Resend.com, PostHog) are only involved when you:

Purchase a Pro license (Polar.sh, Resend.com, Keygen.sh)
Activate a license on a device (Keygen.sh)
Leave usage telemetry enabled (PostHog) — on by default, opt out at any time
Leave automatic update checks enabled (Cloudflare) — on by default, opt out at any time
Enable cloud sync (Google Drive)
Enable bank sync (SimpleFIN)

If you do none of the above, the application makes zero network requests and processes zero external data.

This Privacy Policy describes the limited data we do process when you choose to use paid features or opt in to telemetry.

2. Information We Do Not Collect

We want to be explicit about what we do not collect, access, store, or transmit:

Your financial transactions, account balances, or banking data
Your bank login credentials or authentication tokens
Your budget configurations or budget amounts
Your spending categories, subcategory names, or rules
Your merchant names or category names
Your receipts or file attachments
Your tag names or tag assignments
Exact entity counts (all counts are bucketed before transmission)
Crash reports from the application (however, your operating system may collect and share crash diagnostics with us depending on your system’s privacy settings — these are governed by your operating system provider’s privacy policy)
Location data, contacts, or device sensor data
Keystroke data or screen recordings
Cookies within the Acclo IQ application (the app is entirely cookie-free)

All financial data processed by Acclo IQ remains on your device in a local database. We have no technical means to access this data.

Acclo IQ does not use artificial intelligence or machine learning models to process your personal or financial data. Transaction categorization uses deterministic regex pattern matching that runs entirely on your device.

3. Your Privacy Rights

3.1 All Users

Regardless of your location, you have the right to:

Access the personal information we hold about you
Correct inaccurate personal information
Delete personal information we hold about you (license records, payment records, support correspondence) from our systems and service providers
Opt out of telemetry at any time in Settings > Privacy
Export your financial data from the Software at any time using the built-in export functionality (your data is already on your device)

To exercise any of these rights, contact us at support@accloiq.com. We will respond within thirty (30) days.

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Right of access (Art. 15) — request a copy of your personal data
Right to rectification (Art. 16) — correct inaccurate data
Right to erasure (Art. 17) — request deletion of your data
Right to restrict processing (Art. 18)
Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
Right to object (Art. 21) — object to processing based on legitimate interest. For telemetry, you can exercise this right instantly by disabling the telemetry toggle in Settings > Privacy. Telemetry stops immediately — no request or waiting period required. You may also object to legitimate-interest processing for customer support purposes by contacting support@accloiq.com; if you do, we will cease processing your support data unless we can demonstrate compelling legitimate grounds.
Right not to be subject to automated decision-making (Art. 22) — we do not make automated decisions that produce legal or similarly significant effects (see Section 9)

You have the right to lodge a complaint with your local data protection supervisory authority. For users in the United Kingdom, this is the Information Commissioner’s Office (ICO) at ico.org.uk. For EEA users, a list of supervisory authorities is available at edpb.europa.eu.

The data controller for GDPR purposes is Engenso LLC. Contact us at support@accloiq.com for data protection inquiries.

3.3 United States State Privacy Rights

If you are a resident of a U.S. state with a comprehensive privacy law (including California, Virginia, Colorado, Connecticut, Texas, Montana, Oregon, Delaware, Iowa, Indiana, and Tennessee), you have the following rights under applicable law:

Right to know / access what personal information is collected, used, and disclosed
Right to delete your personal information
Right to correct inaccurate personal information
Right to data portability — receive your data in a portable format
Right to opt-out of the sale or sharing of your personal information, targeted advertising, and profiling
Right to non-discrimination for exercising your privacy rights

We do not sell or share your personal information as defined by any U.S. state privacy law. We do not engage in targeted advertising or profiling.

California-Specific Disclosures (CCPA/CPRA)

Categories of personal information collected in the last 12 months:

Category	Examples	Collected?	Sold or Shared?
Identifiers	Email address, IP address	Yes (license/payment/support)	No
Financial information	Transaction data, bank details	No (stored locally on your device)	No
Commercial information	Purchase history	Yes (via payment processor)	No
Internet activity	Browsing history, search history	No	No
Geolocation data	Precise location	No	No
Sensitive personal information	Financial account credentials	No (SimpleFIN credentials stored locally on your device, encrypted)	No
Professional/employment info	Job title, employer	No	No
Biometric information	Fingerprints, face data	No	No
Inferences	Characteristics, preferences	No	No

Sources: Directly from you (purchase, support inquiry) and from service providers (payment confirmation from Polar.sh).

Business purposes: License activation, payment processing, customer support, usage analytics.

Third parties: Service providers listed in Section 7.2 (for operational purposes only — not for their own marketing).

Sensitive personal information: We do not collect sensitive personal information as defined by the CPRA. SimpleFIN bank sync credentials are stored exclusively on your device using encrypted storage and are never transmitted to our servers. We do not use or disclose sensitive personal information for purposes that would require offering a “Limit the Use of My Sensitive Personal Information” opt-out.

Financial incentives: We do not offer financial incentives (price differences or service differences) in exchange for your personal information.

Shine the Light (California Civil Code Section 1798.83): We do not share personal information with third parties for their direct marketing purposes.

To exercise your rights, contact us at support@accloiq.com or submit a request via accloiq.com/privacy-request. We will verify your identity before processing your request. You may also designate an authorized agent to submit requests on your behalf.

3.4 Canada (PIPEDA/CPPA)

If you are located in Canada, your personal information is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA) or applicable provincial privacy legislation. You have the right to access, correct, and withdraw consent for processing of your personal information. Telemetry collection is based on implied consent (opt-out); you may withdraw consent at any time in Settings > Privacy. To exercise your rights, contact us at support@accloiq.com.

3.5 Brazil (LGPD)

If you are located in Brazil, your personal data is protected under the Lei Geral de Proteção de Dados (LGPD). You have rights including confirmation of processing, access, correction, anonymization, deletion, data portability, information about sharing, and the right to revoke consent. Telemetry processing is based on the legitimate interest legal basis (LGPD Art. 10); you may object at any time in Settings > Privacy. To exercise your rights, contact us at support@accloiq.com.

3.6 Australia (Privacy Act 1988)

If you are located in Australia, your personal information is protected under the Privacy Act 1988 and the Australian Privacy Principles (APPs). You have the right to access and correct your personal information. The limited personal information we process (license activation, payment) may be disclosed to overseas service providers located in the United States, as described in Section 13. To exercise your rights or make a complaint, contact us at support@accloiq.com.

3.7 Other Jurisdictions

We respect privacy rights under all applicable laws. If you are located in a jurisdiction with specific privacy rights not listed above, contact us at support@accloiq.com to exercise your rights.

4. Information We Collect

We collect the minimum data necessary to operate our licensing and payment systems. Below is a complete inventory of data we process, organized by category.

4.1 License Activation and Validation

When you activate a Pro license — and periodically thereafter to verify your subscription status — the following data is transmitted to our licensing provider (Keygen.sh):

License key
Machine fingerprint (a hashed hardware identifier unique to your device)
Application version
IP address (recorded in Keygen.sh server logs, not stored by us)

The application checks your license status approximately once every twenty-four (24) hours when an internet connection is available. If the device is offline, the application trusts the most recent validation result for up to thirty (30) days before reverting to the Free tier. No data is transmitted while offline. Your financial data is never sent during license validation.

Purpose: Software license validation and enforcement of device activation limits. Legal basis (GDPR): Contract performance (Art. 6(1)(b)) — necessary to fulfill the license agreement. Retention: Duration of your license plus thirty (30) days after expiration or cancellation.

4.2 Payment Processing

When you purchase a subscription, payment is processed by Polar.sh. The payment processor collects:

Name
Email address
Billing address
Payment method details (card number, expiration, etc.)

Acclo IQ never receives, stores, or has access to your full payment card details. We receive the following from the payment processor:

Email address
Name and billing address
Subscription status and plan type
Transaction confirmation and invoice history
Refund history (if applicable)
Last four digits of payment method (for display in account management)

Purpose: Purchase processing, subscription management, tax compliance, and customer support for billing inquiries. Legal basis (GDPR): Contract performance (Art. 6(1)(b)). Retention: This data is held by Polar.sh, not by Acclo IQ. Polar retains it per their own policies (typically seven (7) years for tax and legal compliance).

4.3 Usage Telemetry

Acclo IQ sends one telemetry ping per day so we know what to build next. Telemetry is enabled by default and can be disabled at any time in Settings > Privacy. During onboarding, a visible checkbox lets you opt out before any data is sent.

Device identifier. When telemetry is enabled, a random identifier is generated once and stored in the encrypted vault on your device. This identifier is used solely to deduplicate usage events for active user counting (daily and monthly active users). It is not derived from hardware, IP address, browser fingerprint, or any personal information. It is deleted immediately when you disable telemetry in Settings > Privacy. If you re-enable telemetry, a new identifier is generated — the previous one cannot be recovered or linked.

No cookies, no fingerprints. Telemetry does not use cookies, device fingerprints, hardware identifiers, or any browser-based tracking technology.

Separation from licensing and local sync state. The telemetry device identifier is a separate random UUID with no relation to the hardware-derived device fingerprint used for license activation (Section 4.1) or the local device identifier used for on-device sync bookkeeping and conflict resolution. These are separate technical contexts with no shared identifiers. We will not attempt to correlate, cross-reference, or link telemetry data with licensing activation records or any other data source for the purpose of identifying individual users. The licensing system knows your license key and device; the telemetry system knows only the device identifier and the attributes listed below.

The application sends a single telemetry ping per day to PostHog containing the following attributes:

Device and platform (8 attributes):

Environment (development or production)
Platform (desktop or PWA)
Operating system (macOS, Windows, Linux)
OS version (major version only, e.g., “15”)
Application version
License tier (free or pro)
Locale (first two characters only, e.g., “en”, “de”)
Theme (dark or light)

Usage volume (6 attributes — bucketed, never exact):

All entity counts are grouped into volume ranges on your device before transmission. Exact counts never leave your device. This prevents statistical identification.

Account volume (0, 1–2, 3–5, 6–10, 11–20, 21+)
Transaction volume (0, 1–1,000, 1,001–5,000, 5,001–10,000, 10,001–50,000, 50,001+)
Merchant volume (0, 1–500, 501–750, 751–1,000, 1,001–2,000, 2,001+)
Category volume (0, 1–15, 16–20, 21–30, 31–50, 51+)
Subcategory volume (0, 1–70, 71–100, 101–150, 151–250, 251+)
Rule volume (0, 1–10, 11–50, 51–100, 101+)

Feature adoption (10 attributes — boolean flags and string enums):

Whether bank sync (SimpleFIN) is configured (true/false)
Cloud sync provider (none or Google Drive)
Budget depth (none, category, subcategory, or merchant — indicates the deepest budget granularity tier in use, never budget amounts)
Whether split transactions, receipts, tags, check register, or transaction exclusions are in use (true/false each)
Recurring detection depth (none, suggested, or manual — indicates whether the user confirmed system-detected entries or created their own)
Import method (none, CSV only, sync only, or both — indicates how data is ingested, never file names or content)

Retention (1 attribute — tiered):

Install age tier (0–7d, 8–30d, 1–3mo, 3–6mo, 6–12mo, 1–2yr, 2–3yr, 3yr+) — computed locally from the date the app was first launched and mapped to a human-readable tier before transmission. The exact number of days never leaves your device. This allows us to understand retention patterns (e.g., “what percentage of installations are still active after 30 days”) without identifying individual users.

Privacy safeguards:

Device identifier under your control — a random ID stored in the encrypted vault on your device, used solely for active user counting, deleted immediately when you disable telemetry
No cross-contamination — license device fingerprint is never shared with telemetry. We will not attempt to correlate, cross- reference, or link telemetry data with licensing activation records or any other data source for the purpose of identifying individual users.
PostHog person profile creation is disabled ($process_person_profile: false)
Server-side GeoIP enrichment is disabled ($geoip_disable: true)
IP address is explicitly nulled (ip: null) on every event
No cookies are used
No session recordings, heatmaps, autocapture, or click tracking
No personal information is collected or stored
Email open/click tracking on Resend is disabled

For the complete technical specification of all telemetry attributes, see What We Collect.

Purpose: Understanding general product usage (platform mix, version adoption, feature usage, tier distribution) to prioritize development. Active user counting (DAU/MAU) for product health metrics. Legal basis (GDPR): Consent (Art. 6(1)(a)) — obtained via the onboarding checkbox and changeable at any time in Settings > Privacy. The persistent telemetry device identifier constitutes pseudonymous data under GDPR. Consent is freely given, specific, informed, and revocable. When you disable telemetry, the identifier is deleted immediately and processing stops. ePrivacy Directive: A persistent identifier is stored in the encrypted vault on your device for telemetry deduplication. Consent is obtained via the onboarding checkbox and Settings toggle, satisfying Art. 5(3). Disabling telemetry deletes the identifier. Retention: Twenty-four (24) months, then automatically deleted.

4.4 Email Communications

When you purchase a Pro license, your license key is delivered via email through Resend.com. Your email address is provided to Resend solely for this one-time delivery. Email open tracking and click tracking are disabled in our Resend configuration.

Purpose: License key delivery. Legal basis (GDPR): Contract performance (Art. 6(1)(b)). Retention: Transient — email is sent and not stored by us.

4.5 Customer Support

If you contact us for support, we receive the information you voluntarily provide, such as your email address, name, and description of the issue.

Purpose: Responding to your inquiry and improving the Service. Legal basis (GDPR): Legitimate interest (Art. 6(1)(f)). Retention: Duration of the support relationship plus one (1) year.

5. How We Use Your Information

We use the limited data we collect solely for the following purposes:

Purpose	Data Used	Legal Basis (GDPR)
License activation and validation	License key, machine fingerprint, IP address	Contract (Art. 6(1)(b))
Payment processing	Email, name, billing information (via Polar.sh)	Contract (Art. 6(1)(b))
Subscription management	Email, subscription status, invoice history	Contract (Art. 6(1)(b))
License key delivery	Email (via Resend.com, one-time)	Contract (Art. 6(1)(b))
Customer support	Email, name, issue description	Legitimate interest (Art. 6(1)(f))
General usage analytics	Telemetry (usage ranges, persistent device ID — no PII)	Consent (Art. 6(1)(a))

We do not use your data for advertising, profiling, behavioral tracking, automated decision-making, or any purpose other than those listed above.

6. Optional Features You Control

The following features are entirely optional and user-initiated. If you do not enable them, no data is transmitted to the associated services.

6.1 Cloud Sync

Acclo IQ offers optional multi-device synchronization that writes encrypted backups of your data to a cloud storage account you already own (e.g., Google Drive). If you choose to enable this feature:

All sync data is end-to-end encrypted before upload. Acclo IQ encrypts your data on-device using AES-256-GCM with a password you set. The encryption key is derived locally using PBKDF2 with 600,000 iterations. No plaintext financial data ever leaves your device. Only you (or someone with your sync password) can decrypt the data.
Files are stored in a hidden, app-specific folder inside your own cloud storage account. This folder is sandboxed — only Acclo IQ can access its contents.
A local device identifier may exist before you enable sync. The app maintains a local per-device technical identifier used for on-device data integrity, record authorship, and conflict resolution. By itself, this identifier stays on your device and is not sent to the Company. If you later enable Cloud Sync, it may appear inside the encrypted sync metadata written to your own cloud storage so your devices can reconcile changes.
Acclo IQ requests the minimum scope necessary. For Google Drive, this is the drive.appdata scope, which grants access exclusively to the hidden app folder. Acclo IQ cannot read, modify, or access any other files in your cloud storage.
We operate no server that sees or stores your sync data. The only server component involved is our Cloudflare Worker, which proxies the OAuth token exchange so the OAuth client secret never touches your device. Your Google email address and profile name pass through the Worker transiently during the OAuth flow; the Worker does not store, log, or inspect this information, and it never sees your sync file contents.
Your cloud storage account is governed by your separate agreement with your cloud provider. Your use of that provider’s storage is subject to their Terms of Service and Privacy Policy. We are not a party to that relationship and make no representations about your cloud provider’s data practices. You should consult your provider’s own policies to understand how they handle files in your account.
You control access. You can disconnect cloud sync at any time in Settings > Cloud Backup. You can also revoke Acclo IQ’s access in your cloud provider’s account settings (e.g., Google Account > Security > Third-party apps). Encrypted files remain in your cloud account but are unreadable without your sync password; you can delete them from your provider at any time.

What we upload on your behalf: Encrypted (unreadable) binary files containing your financial data. We never upload plaintext, and we never receive or inspect the contents of these files after they are written to your cloud account.

6.2 SimpleFIN Bank Sync

Acclo IQ offers optional bank synchronization via SimpleFIN. SimpleFIN is a separate, independent service that requires its own paid subscription (see SimpleFIN’s website for current pricing). If you choose to use this feature:

You initiate each sync manually.
Bank credentials are provided by you directly to SimpleFIN — Acclo IQ never sees, stores, or transmits your bank login information.
Transaction data flows from SimpleFIN directly to your local device. SimpleFIN retrieves transactions within a rolling sixty (60) day window; transactions older than sixty (60) days may not be available for synchronization.
Acclo IQ’s servers never see, process, or store any bank synchronization data.
SimpleFIN access credentials are stored on your device using encrypted storage (AES-256-GCM via Web Crypto API, with keys stored in the OS keychain on desktop or encrypted localStorage in browser).

For details on how SimpleFIN handles your data, see: SimpleFIN Privacy Policy and SimpleFIN Security Policy.

We do not sell, rent, or share your personal information with third parties for their marketing or advertising purposes. We have not sold or shared personal information in the preceding twelve (12) months.

Because we do not sell or share personal information as defined by the CCPA/CPRA, a “Do Not Sell or Share My Personal Information” link is not required on our website. We include this disclosure for transparency.

7.2 Service Providers (Subprocessors)

We share data with the following third-party service providers (subprocessors) solely to operate the Service. Each provider is bound by contractual obligations restricting use of data to the contracted purpose.

Service	Purpose	Data Shared	Location	Privacy Policy
Keygen.sh	License activation and validation	License key, machine fingerprint, IP (in their server logs)	United States	keygen.sh/privacy
Polar.sh	Payment processing and subscription management	Name, email, billing address, payment method, subscription status	United States	polar.sh/legal/privacy
Resend.com	License key email delivery	Customer email, license key (one-time send, no open tracking)	United States	resend.com/legal/privacy-policy
Cloudflare	Webhook handler, CORS proxy, OAuth token exchange (Workers); installer and auto-updater manifest distribution (R2 object storage + CDN at `dl.accloiq.com`); Web Analytics on the marketing website (accloiq.com)	Polar webhook payloads, license API proxying, OAuth tokens (in transit only, not stored); for downloads: requesting IP, timestamp, and requested file path captured in Cloudflare’s short-lived edge access logs (no account tie-in — downloads are anonymous); Web Analytics collects anonymous page view data with no cookies, no personal data, and no cross-site tracking	Global (edge)	cloudflare.com/privacypolicy
PostHog	Usage telemetry	Pseudonymous attributes (persistent device ID, usage ranges — no PII, no person profiles)	United States	posthog.com/privacy
SimpleFIN	Bank sync (user-initiated)	Credentials (to SimpleFIN, not to us), transactions (to user’s device only)	United States	simplefin.org/privacy
Google Analytics	Website analytics (accloiq.com only, consent-gated)	Anonymous page views, referrer, browser/OS info; IP anonymized (`anonymize_ip: true`). Not used in the application.	United States	policies.google.com/privacy

We will update this table when subprocessors change. Material changes to subprocessors will be communicated via the same channels described in Section 15 (Changes to This Privacy Policy).

A Data Processing Agreement (DPA) is available upon request for users who require one under GDPR Article 28. Contact us at support@accloiq.com to request a copy.

7.3 Legal Disclosure

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of the Company or others. We will notify you of such disclosure unless prohibited by law.

8. Cookies and Tracking Technologies

8.1 In the Application

The Acclo IQ application (both desktop and PWA) does not use cookies, tracking pixels, session recordings, heatmaps, or third-party analytics scripts. The application sends only the telemetry ping described in Section 4.3, which uses no cookies and no device fingerprints. The browser-based PWA uses local browser storage (such as IndexedDB) strictly to store your financial database locally so the application can function. This storage is never used for tracking or analytics.

8.2 On Our Website

The Acclo IQ marketing website (accloiq.com) uses analytics to understand how visitors interact with the site and to improve the experience. The website uses two categories of analytics:

Consent-free analytics (runs automatically):

Cloudflare Web Analytics — anonymous, aggregated page view metrics. This service sets no cookies, collects no personal data, stores no information on your device, and performs no cross-site tracking. It runs on legitimate interest (GDPR Art. 6(1)(f)) because no data is stored on or read from your device (ePrivacy Directive Art. 5(3) does not apply). Cloudflare Web Analytics is automatically suppressed when your browser sends a Do Not Track (DNT) or Global Privacy Control (GPC) signal.

Consent-gated analytics (requires opt-in):

The following services set cookies and require your explicit consent before they execute. All are blocked by default via a cookie consent banner (powered by Klaro). No consent-gated scripts run until you click “Accept All” or enable individual services in the privacy settings modal.

Google Analytics (GA4) — anonymous page view analytics with IP anonymization enabled. Sets _ga and _gid cookies.
PostHog — privacy-friendly product analytics with autocapture disabled, session recording disabled, person profiles disabled, and IP collection disabled. Sets ph_ cookies.

Additional consent-gated services may be added in the future (such as advertising measurement pixels). Any new service will be listed here and will require separate opt-in consent before activation.

Essential cookies that cannot be disabled:

consent — stores your cookie consent preferences (Klaro, localStorage)
theme — stores your light/dark theme preference (localStorage)
Cloudflare — infrastructure cookies for bot protection and security (__cf_*, cf_clearance)

You can change your cookie preferences at any time by clicking the “Privacy Settings” link in the website footer, which reopens the consent manager.

The website does not access, process, or transmit any financial data. It is a static informational site entirely separate from the Acclo IQ application.

8.3 Do Not Track / Global Privacy Control

We honor Do Not Track (DNT) and Global Privacy Control (GPC) browser signals:

In the application, telemetry is suppressed entirely when a DNT or GPC signal is detected. Telemetry can also be independently disabled via the Privacy toggle in Settings > Privacy.
On the website, consent-free analytics (Cloudflare Web Analytics) are suppressed when a DNT or GPC signal is detected. Consent-gated analytics (Google Analytics, PostHog) are already blocked by default and only run with explicit opt-in, regardless of DNT/GPC signals.

We treat GPC signals as a valid opt-out of any sale or sharing of personal information, as required by the CCPA/CPRA, Colorado CPA, Connecticut CTDPA, and Texas TDPSA. Because we do not sell or share personal information, honoring GPC does not change our behavior, but we recognize the signal as a matter of principle.

9. Automated Decision-Making and Profiling

We do not make decisions that produce legal or similarly significant effects on you based solely on automated processing. We do not build profiles about you. We do not use algorithms to determine pricing, eligibility, or access to features based on your personal characteristics.

Transaction categorization in Acclo IQ uses deterministic pattern matching (regex rules) that runs entirely on your device. This is not automated decision-making as defined by GDPR Article 22.

10. Data Retention

We retain data only as long as necessary for the purposes described in this policy:

Data Type	Retention Period
License activation records	Duration of license + 30 days
Payment records	Held by Polar.sh, not by Acclo IQ. Polar retains per their own policy (typically 7 years for tax compliance)
Anonymous telemetry events	24 months, then automatically deleted
Machine fingerprints (Keygen.sh)	Until device deactivation or 12 months after last license validation, whichever comes first
Support correspondence	Duration of relationship + 1 year
Cloudflare Workers request logs	Ephemeral (typically < 72 hours)
Cloudflare CDN edge access logs for `dl.accloiq.com` (IP, timestamp, requested file)	Ephemeral (typically < 72 hours per Cloudflare’s default edge-log retention). Not correlated to user accounts — downloads are anonymous.
Cloudflare Web Analytics (website only)	Per Cloudflare retention policy (aggregated, no PII)
Financial data on your device	Indefinitely — user-controlled, user-deletable
Cloud sync encrypted files	Until you delete them from your cloud storage

When data is no longer needed, we delete it or de-identify it so that it can no longer be associated with you.

11. Data Security

We implement appropriate technical and organizational measures to protect the limited data we process:

License activation uses HTTPS/TLS encryption in transit.
Payment processing is handled by PCI-DSS compliant processors (Polar.sh). We never receive full card numbers.
SimpleFIN credentials are stored using encrypted storage (AES-256-GCM via Web Crypto API, with keys in the OS keychain on desktop or encrypted localStorage in browser).
Cloud sync uses end-to-end encryption (AES-256-GCM) with a user-provided password. Encryption keys are derived on-device using PBKDF2 (600,000 iterations). Cloud providers only ever receive encrypted binary data — they cannot read your financial information. Encryption is mandatory and cannot be disabled.
Telemetry uses HTTPS/TLS in transit and contains no personal information. IP addresses are nulled before transmission.
Your financial data is protected by your own device security (disk encryption, password, biometrics) — we have no access to it.

Because your financial data is stored locally on your device, the security of that data depends on your device security practices. We recommend enabling full-disk encryption and maintaining regular backups.

12. Security Incident Notification

In the event of a security incident that affects your personal information, we will:

Notify affected users by email within seventy-two (72) hours of becoming aware of the incident, to the extent we have your email address on file
Post a notice on our website describing the nature of the incident, the data affected, and the steps we are taking
Notify the relevant supervisory authority within seventy-two (72) hours as required by GDPR Article 33 (for incidents affecting EEA/UK users)
Notify the California Attorney General if the incident affects more than five hundred (500) California residents, as required by California Civil Code Section 1798.82

We will also comply with breach notification requirements in all other applicable jurisdictions.

Because your financial data is stored locally on your device and encrypted before any cloud sync, a breach of our service providers would not expose your financial information.

13. International Data Transfers

If you are located outside the United States, please be aware that the limited data we process (license activation, payment processing, telemetry) may be transferred to and processed in the United States, where our service providers are located.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, these transfers are protected by the following mechanisms:

Subprocessor	Transfer Mechanism
Keygen.sh	Standard Contractual Clauses (SCCs)
Polar.sh	EU-U.S. Data Privacy Framework (DPF)
Resend.com	Standard Contractual Clauses (SCCs)
Cloudflare	EU-U.S. Data Privacy Framework (DPF); data processed at global edge, including EEA locations
PostHog	EU-U.S. Data Privacy Framework (DPF)
SimpleFIN	Standard Contractual Clauses (SCCs)

The locations of all subprocessors are disclosed in the table in Section 7.2.

14. Children’s Privacy

The Service is not directed at persons under the age of eighteen (18). By using the Service, you represent that you are at least eighteen (18) years old.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated with at least thirty (30) days advance notice through:

A notice on our website
An email to customers whose email addresses we have on file
A notice within the Software interface

The effective date at the top of this policy indicates when it was last updated. Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated policy.

Prior versions of this Privacy Policy are archived at accloiq.com/legal-changelog.

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Engenso LLC
2421 Burlington Ave N, Saint Petersburg, FL 33713, United States
Email: support@accloiq.com
Website: accloiq.com
Privacy rights requests: accloiq.com/privacy-request

For GDPR inquiries, you may contact our data protection point of contact at support@accloiq.com.

This Privacy Policy was last updated on 2026-04-22.