Skip to content

Privacy

Last updated: May 15, 2026

Alavira is a service offered to United States residents only. If you’re visiting from elsewhere, please don’t use the service.

What we collect

When you connect or upload a credit-card or bank statement, we extract the transaction data and store it under your account. We retain all parsed transactions until you delete your account, plus a 30-day soft-delete grace window during which you can cancel the deletion and recover your data.

How statements are processed

When you upload a statement, we extract the text, remove personal identifiers (account numbers, full names, addresses, SSN, email, phone), and send the remaining text to our AI provider (Anthropic) for parsing. Anthropic retains API request data for up to 30 days for abuse review per their terms; this retention is outside our control.

The original PDF is never written to durable storage on our servers. It lives in memory during processing and is discarded once the parser returns.

Account deletion

When you click Delete account in settings, we schedule your account for permanent deletion 30 days later. Within that window you can cancel the deletion from the pending-deletion page and your account snaps right back. After 30 days, your data is permanently removed and cannot be recovered.

Data sent to our AI provider in the past 30 days cannot be recalled and will expire from their systems within 30 days.

Audit log

We keep an append-only audit log of account actions (subscription changes, deletion requests, data exports). After hard deletion we retain a hashed, one-way reference to your prior account in this log so we can investigate any post-deletion incident (chargebacks, abuse reports). Your original account identifier is removed; the hash is not reversible.

Encryption

Sensitive per-user settings (your custom redaction terms) are encrypted at rest with AES-256-GCM. Statement text and parsed transactions are stored unencrypted within our database, accessible only via authenticated requests scoped to your account.

Data export

You can download a full copy of your data from the settings page at any time. The export contains JSON and CSV files for every table scoped to your account.

Analytics & session replay

We use a single first-party analytics provider, PostHog (US Cloud), on our public marketing pages: the home page, the legal pages, and this privacy page. PostHog stores an anonymous identifier in your browser so we can measure unique visits, see where in the signup flow visitors drop off, and understand which sections of the marketing site people interact with. The data PostHog receives does not contain your name, email, or any financial information.

On those marketing pages, PostHog also records an anonymized session replay: mouse movements, clicks, scroll position, and page navigations. Form inputs and password fields are masked by default. Session replay is strictly scoped to public marketing pages. Once you are signed in, it does not run on any authenticated surface (the dashboard, accounts, transactions, onboarding, account settings, or any other page where you are signed in). PostHog never loads on those pages and no recording of any kind takes place there.

California residents can opt out of PostHog analytics and session replay using the Do Not Sell or Share My Personal Information link in our website footer. We also honor the Global Privacy Control browser signal automatically; if your browser sends GPC, PostHog is never initialized on your visits. Both controls also apply to the cookies described in our Cookie Policy.

Sub-processors

We rely on a small number of third-party services to operate Alavira. Each is bound by their own terms and may process some of your data on our behalf:

  • Clerk: identity and session management. Receives your email, sign-in events, and any factors you set up (e.g. OTP, authenticator app).
  • Anthropic: AI provider. Receives the redacted statement text we extract during parsing, and the transaction summaries we send when generating your insights. Anthropic retains API request data for up to 30 days for abuse review per their terms.
  • Stripe: payments and subscription billing. Receives the email and payment information needed to process your subscription. Alavira does not see, store, or have access to your card number.
  • Vercel: application hosting. Receives the requests you make to Alavira (URLs, IP, user-agent) for the duration needed to serve them, and processes our database in their managed Postgres environment under their data-processing terms.
  • PostHog (US Cloud): analytics and session replay on public marketing pages only. Receives an anonymous identifier, page navigations, CTA clicks, and an anonymized recording of marketing-page interactions (mouse, clicks, scroll). Form inputs and password fields are masked. PostHog does not load on any signed-in surface; see Analytics & session replay above for the full scope.