Skip to content
Try Demo

Privacy Architecture — How Your Data Stays Private

Overview

Section titled “Overview”

Acclo IQ is built from the ground up as a local-first application. Your local database is the source of truth — we operate no backend servers, and we never see or store your financial records. Optional cloud sync (see below) writes end-to-end encrypted backups to a cloud storage account you already own, with a key that never leaves your device.

What We Collect

Section titled “What We Collect”

Acclo IQ sends one privacy-respecting telemetry ping per day to help us understand how many people use the app. This includes:

  • Platform and OS (e.g., “macOS”, “Windows”)
  • App version and tier (Free or Pro)
  • Bucketed usage counts (e.g., “10-50 transactions”, not exact numbers)
  • Feature adoption flags (e.g., “uses budgets: yes/no”)
  • Theme and locale

Telemetry does not include:

  • Your name, email, or any personal information
  • Transaction descriptions, amounts, merchant names, or any financial data
  • IP addresses (PostHog is configured to discard them)
  • Cookies, device fingerprints, or hardware identifiers (a random device ID is stored in the encrypted vault on your device for active user counting — deleted instantly when you disable telemetry)

The telemetry identifier is separate from the local device identifier Acclo IQ may maintain for on-device sync bookkeeping and conflict resolution. That local identifier stays on your device unless you later enable Cloud Sync, in which case it may appear only inside encrypted sync metadata stored in your own cloud account.

Opting Out

Section titled “Opting Out”

Telemetry is opt-out — enabled by default during onboarding. To disable it:

  1. Go to Settings > License (scroll to the Privacy section)
  2. Uncheck the telemetry toggle

When disabled, no telemetry data is sent. The app works identically either way.

See the telemetry transparency page for the full list of attributes collected.

Your Data Rights

Section titled “Your Data Rights”

Because Acclo IQ is local-first, most data rights are self-service — your data is already on your device:

  • Access & Portability — Export all your data via CSV export or the backup feature at any time
  • Erasure — Settings > Danger Zone > “Reset Everything” performs a complete wipe (all tables, IndexedDB, localStorage)
  • Rectification — Edit any transaction, category, or account directly in the app
  • Telemetry opt-out — Settings > License > Privacy toggle. Takes effect immediately, zero data sent afterward
  • Data subject requests — For any data held by third-party services (Keygen, Polar, PostHog), submit a request via the Privacy Request page

For the full legal details, see the Privacy Policy (Sections 3 and 9).

Cloud Sync Privacy

Section titled “Cloud Sync Privacy”

If you enable Cloud Sync (Pro), your data is end-to-end encrypted with AES-256-GCM before leaving your device. The encryption key is derived from your sync password using PBKDF2. The Company cannot read your synced data — only devices with your sync password can decrypt it.

Cloud data is stored in a hidden, app-specific folder on your cloud provider (e.g., Google Drive’s appDataFolder).

Acclo IQ may create a local per-device technical identifier before you enable sync. It is used for local data integrity, record authorship, and conflict resolution. By itself it is not sent to the Company.

License Validation

Section titled “License Validation”

License checks send only your license key and an anonymous device fingerprint. No personal or financial data is transmitted. See the Licensing guide for details.