Privacy Policy
Last updated: July 2026
Cacao is a private, single-owner personal-finance dashboard. It is used only by its owner to view their own financial accounts. It is not offered as a product or service to other people, and it does not have external users or customers.
What data is involved
- Financial account data belonging to the owner: account balances, transactions, investment holdings, liabilities (loans and credit), and statements.
- This data is retrieved read-only through Plaid, a third-party financial data provider the owner authorizes to connect their own accounts.
How it is used
- Solely to display the owner's own financial information back to the owner, and to generate read-only insights (for example, recurring-charge detection, idle-cash suggestions, and credit-card perk tracking).
- Cacao performs no money movement — it cannot initiate transfers, payments, or trades. The integration is strictly read-only.
How it is stored and protected
- Access tokens and credentials are encrypted at rest using industry-standard encryption (AES-256-GCM).
- Tokens and secrets are never written to logs.
- Access to the application is restricted to the owner through authentication and network access controls.
Sharing
Cacao does not sell, rent, or share any financial data with third parties. Data is not used for advertising and is not disclosed to anyone other than the owner. The only third party involved is Plaid, acting at the owner's direction to supply the owner's own account data; Plaid's handling of that data is governed by the Plaid End User Privacy Policy.
Retention and deletion
The owner can disconnect any connected institution at any time, which removes its access token and associated stored data. Because the owner controls the application directly, data can be deleted at the owner's discretion.
Contact
Questions about this policy: mark@trickey.us.
