Impoko Privacy Policy
Last updated: July 13, 2026
What we collect
- Account data: your name, email address, and password (stored as a salted hash — we can never read it).
- Financial entries you create: expenses, income, budgets, bills, goals, and debts. These exist only because you typed them in.
- Optional profile data: country, timezone, paydays, a profile picture, and the financial-identity answers you choose to give.
What we do with it
- Show you your own dashboards, charts, and history.
- Generate forecasts, insights, and coaching on our own servers — your data is not sent to third-party AI services.
- Send you the notifications you enabled (budget alerts, bill reminders, reports).
What we never do
- No selling or sharing your data with advertisers. There are no ads.
- No tracking across other apps or websites.
- No exposing your numbers to other users. Community features are opt-in and share only anonymous percentages — never amounts, never your identity — and are off by default.
Can anyone at Impoko see my transactions?
No — there is no screen or feature anywhere in Impoko that shows your entries to anyone but you. The admin tools exist to manage accounts, not to read them: an administrator can see your name, email, and whether your account is active, and a total count of how many entries exist across all users. They cannot open your expenses, your amounts, your merchants, or your notes. Those screens do not exist.
Being straight with you about the limit of that promise: Impoko is not “zero-knowledge” encrypted. Your entries are stored in our database in a form the application can read — that is what makes forecasts, budget alerts, and coaching possible at all. Someone holding the database credentials could therefore read them. Access to those credentials is limited to the running application. We don't look at your data, and we've built no way to do it from inside the product — but we'd rather tell you that plainly than imply a guarantee we can't make.
Security
- Encrypted in transit: HTTPS between you and Impoko, and an enforced TLS connection between the application and its database.
- Encrypted at rest: the managed database encrypts its storage (AES-256). This protects against physical theft of the storage itself.
- Passwords: hashed with bcrypt. We cannot read your password, and we cannot recover it — we can only help you reset it.
- Sessions: short-lived access tokens with rotating refresh tokens. Changing or resetting your password signs out every device.
- Your data is processed on our own servers. Forecasts and coaching are computed by our own code — your entries are never sent to a third-party AI service.
Your controls
- Export: download everything you've entered as CSV, Excel, or PDF from the Expenses page, anytime.
- Delete: removing an entry deletes it permanently. To delete your whole account and all its data, contact us at the address below.
- Sharing level: Profile → Privacy controls exactly what (if anything) the community features can see.
Contact
Questions or deletion requests: budgetwisemail@gmail.com