1. Introduction
One Number ("we," "our," or "us") is a personal finance app that helps you understand how much you have left to spend. We built One Number around a simple belief: your financial data belongs to you.
This Privacy Policy explains what data we collect, how we use it, and your rights — across all tiers of the app (Free, Plus, and Auto).
Questions? Contact us at support@onenumber.co.
2. The Short Version
The short version
- Your data lives on our encrypted servers so it syncs across your devices. You control it and can export or delete it at any time.
- We never sell your data. Not to advertisers. Not to data brokers. Not to anyone.
- We never move your money. One Number is read-only. We can only read transaction data — we cannot initiate transfers, payments, or any financial action.
3. What We Collect
3.1 Free Tier
When you use One Number Free, we collect and store on our encrypted servers:
- Account info: your name, email address, and password (stored as a PBKDF2 hash, never in plaintext).
- Financial data you enter: transactions, recurring items, savings buckets, and debts. Stored so you can access your data on any device you sign in from.
- App usage analytics (pseudonymous): which features you use — for example, adding a bucket, tracking a debt, scanning a receipt, or using voice entry — plus screen views, session length, and crash reports. These events are linked to a random user ID and your plan tier (Free, Plus, or Auto), never to your name, email address, or financial values (transaction amounts, names, and categories are never sent). You can turn analytics off any time in Settings → Privacy & analytics.
3.2 Plus Tier
Plus adds cloud sync so your data is available across your devices. To enable this, we collect and store on our servers:
- Account information: Name (optional), email address
- Financial data you enter: Income, expense categories, spending entries
- FinanceKit data (iOS only, with your permission): Transaction data pulled from Apple's secure financial data framework
- Uploaded files: CSV files you choose to upload for import
Receipt & Screenshot Scanning (OCR). When you tap "Scan," the image is sent over HTTPS to our server and forwarded to Google Cloud Vision for text extraction. Neither we nor Google retain the image. The extracted text is returned to your device, parsed locally into a transaction, and discarded. We do not store the image or the raw extracted text on our servers.
3.3 Auto Tier
Auto adds real-time bank sync via Teller. In addition to everything in Plus, we access:
- Bank connection credentials: Managed and encrypted by Teller directly. We do not store your bank username or password.
- Transaction data: Read-only transaction history from your connected accounts. We cannot initiate payments, transfers, or any financial action.
- Account metadata: Account names, types, and balances as returned by your bank.
Bank connections are facilitated by:
Their privacy policy governs how they handle your credentials and the data they transmit to us.
4. How We Use Your Data
We use your data to:
- Provide and improve the One Number app
- Sync your data across your devices (Plus and Auto)
- Generate your "one number" — your remaining spending for the month
- Send transactional emails (e.g., account confirmation, support responses)
- Analyze anonymous usage patterns to improve the product
We do not use your data to:
- Sell to or share with advertisers or data brokers
- Train AI or machine learning models on your personal financial information
- Make automated decisions that have legal or significant effects on you
5. Data Storage & Security
- Your account and transaction data is stored on encrypted servers. All data in transit is protected with HTTPS/TLS.
- Passwords are stored using PBKDF2 hashing — they are never stored or transmitted in plaintext. Two-factor secrets and refresh tokens are encrypted at rest with keys held separately from the database.
- Bank login credentials (Auto tier) are never seen or stored by us — they are handled entirely by Teller. We only receive read-only transaction data through their API.
- Operational logs and analytics events do not contain your name, email, or financial values. They contain only error types, timestamps, and a random user identifier needed to operate the service.
- Where your data lives: Our infrastructure runs on Cloudflare's global edge network. When you use One Number from outside the United States, your data may be transferred to Cloudflare regions including the US. Cloudflare relies on Standard Contractual Clauses (SCCs) approved by the European Commission for GDPR-compliant cross-border transfers.
6. Data Sharing
We share your data only as necessary to operate the service:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Teller | Bank connection (Auto tier) | Account credentials (they store, not us); transaction data we receive |
| Google Cloud Vision | Server-side text extraction (Plus tier) | Receipt/screenshot image; image not retained |
| Apple FinanceKit | Transaction sync (Plus/Auto, iOS) | Read-only transaction data |
| Cloudflare | Hosting, database (D1), and edge compute | Encrypted account and transaction data |
| PostHog | Pseudonymous usage analytics | Random user ID, plan tier, screen views, feature events. No name, email, or financial values. |
| RevenueCat | In-app purchase processing and subscription state | Pseudonymous user ID, purchase events, plan tier |
| Apple App Store / Google Play | Payment processing for subscriptions | Whatever the platform requires to charge your account; governed by Apple's / Google's privacy policies |
We do not sell, rent, or trade your personal information to any third party.
7. Your Rights & Choices
You have the right to:
- Access your data: Export all your data at any time from within the app.
- Delete your data: Delete your account and all associated data from within the app or by emailing support@onenumber.co. We will process deletion requests within 30 days.
- Disconnect bank accounts: Revoke Teller access at any time from within the app.
- Revoke FinanceKit access: Revoke Apple FinanceKit permissions at any time from iOS Settings.
- Opt out of analytics: Turn analytics off any time in Settings → Privacy & analytics. When off, no usage events leave your device.
California residents (CCPA / CPRA)
You have the right to know what personal information we collect, request deletion, opt out of any “sale” or “sharing” of your data (we do neither), and not be discriminated against for exercising these rights.
- Categories we collect:
- Identifiers — your name, email, and a random user ID we generate.
- Commercial information — your subscription tier (Free, Plus, Auto) and purchase events.
- Financial information — only what enters the app: transactions you type in, recurring items, buckets, and debts. For Auto users, transaction data we receive from your linked bank via Teller. We never see your bank login, we cannot move money, and we do not collect bank account or card numbers.
- App usage activity (the CCPA statutory category is “internet or other similar network activity”) — which One Number screens you open and which features you use. This is limited to within our own app; we do not track your activity elsewhere on the internet.
- Sources: directly from you, from Apple FinanceKit if you connect it (Plus, iOS), from Teller if you link a bank (Auto), and from your interactions with the app.
- Business purposes: providing the service, syncing across your devices, processing payments, and improving the product.
- Sale of personal information: we do not sell your data and have not in the prior 12 months.
EEA, UK, and Swiss residents (GDPR / UK GDPR)
You have the right to access, rectify, port, or delete your personal data; to restrict or object to our processing; to withdraw consent at any time where processing is based on consent; and to lodge a complaint with your supervisory authority (in the UK, the Information Commissioner's Office; in the EU, your national DPA).
Our lawful bases for processing your data:
- Contract (Art. 6(1)(b)): providing the One Number service, syncing your data across your devices, and processing your subscription.
- Consent (Art. 6(1)(a)): pseudonymous usage analytics (you can withdraw at any time in Settings → Privacy & analytics), and optional features like FinanceKit and Teller bank sync.
- Legitimate interest (Art. 6(1)(f)): preventing fraud, securing the service, and operating reliable infrastructure. We do not process for direct marketing.
We do not engage in automated decision-making or profiling that produces legal or significant effects.
8. Data Retention
- We retain your account and transaction data for as long as your account is active. When you delete your account, we remove your data within 30 days, except where retention is required by law.
9. Children's Privacy
One Number is not directed at anyone under 18. We do not knowingly collect personal information from anyone under 18. If you believe we have collected information from someone under 18, please contact us at support@onenumber.co.
10. Changes to This Policy
We may update this policy as the product evolves. When we do, we'll update the "Last updated" date at the top and notify you via the app or email if the changes are material. Your continued use of One Number after changes take effect constitutes acceptance of the updated policy.
11. Contact
Operator and jurisdiction. One Number is operated from the United States. By using the app you consent to processing in the United States and any region where our infrastructure provider operates (see §5 for international transfer mechanisms).
This policy covers the One Number iOS and Android applications and the onenumber.co website.