§ trust

trust is the product. here's how we earn it.

six promises, written into our terms. how your data flows, where it lives, when it's deleted. plus a hard list of things we will never do.

§ 01 · the six-point contract

not marketing claims.

every one of these is in our terms of service. if we violate any of them, we update this page first — never after.

01

free v1 audit · forever

your first audit is free. always. if we charge later, it's for the live optimization layer — never for telling you what we already know. this is in our terms, not just our marketing copy.

02

grandfathered pricing

if we raise prices later, your price stays. always. waitlist members get the launch rate locked for the lifetime of the account. binding clause in §4 of /terms.

03

affiliate disclosure · in place

every card we recommend shows whether we get paid if you apply. disclosure sits at the recommendation, never buried in a footer. when it conflicts with the right answer, the right answer wins.

04

sourced rules · linked

every reward rule we score against has a public source — issuer T&C, rate-table PDF, press release. tap any rule in your audit to see the original document, the date, and the wording.

05

a human answers

reply to any email and a human responds — not a bot, not a queue. we're small. that's deliberate. response window: 24h for support, 48h for press.

06

cancel = upgrade

cancellation takes the same number of clicks as upgrading. no retention queue, no survey wall, no "are you sure" dark patterns. one tap. data deleted in 30 days.

§ 02 · how your data flows

four steps. none of them surprising.

  1. gmail oauth (read-only). we ask for one scope: read messages from issuer domains. you can revoke it from your google account in one click.
  2. parse on our servers. we extract transactions from statement emails. we never read personal mail. nothing is sent to third-party AI for parsing.
  3. encrypt and store. india-region AWS. AES-256 at rest. TLS in transit. credentials are never stored.
  4. delete on cancellation. 30 days after you cancel, all parsed data is hard-deleted. no soft-delete, no archive.
§ 03 · things we will never do

explicit, not implied.

anti-promises are stronger than promises. if any of these change, we publish a notice and email every user.

  • sell your transaction data
  • share your data with third parties for advertising
  • send daily nudges or streak reminders
  • gamify your money with badges or points
  • recommend a card we don't actually trust
  • make cancellation harder than signup
join waitlist