Privacy Policy

Coconut Tree — Last updated April 2026

    The short version: Your data is yours. We encrypt it, we don't sell it, we don't look at it, and you can delete it anytime. We use third-party services (Plaid for banking, Supabase for sync, Anthropic for AI) but only to make the app work — never for advertising or profiling.

What data we collect

Coconut Tree stores information you explicitly enter or connect:

Account information: Google account email and name (via Google Sign-In through Supabase Auth). We don't store your Google password.
Financial data: Budget entries, income, expenses, debts, savings goals, transaction tags, envelope limits. If you use Lifeline (recovery mode): debt amounts, payment history, court dates, assistance program status, and treat fund usage.
Bank data (optional): If you connect your bank via Plaid, we access account balances and transaction history. We never see your bank login credentials — Plaid handles that directly. Your bank access tokens are stored encrypted on our server, never in your browser.
Health data (optional): Cycle tracking data (period dates, symptoms, moods, energy, flow), supplement logs, and morning check-in data.
Personal data: Tasks, goals, calendar events, diary entries, sticky notes, habits, astrology birth data, and any other content you create in the app.

How your data is stored

On your device: All app data is stored in your browser's localStorage. Sensitive financial and health data is encrypted using AES-256-GCM with a key derived from your authenticated session. If someone opens your browser's developer tools, they see encrypted gibberish, not your court dates.
Cloud sync (Supabase): Your data syncs to Supabase so it works across devices. Supabase enforces Row Level Security — your data is only accessible to your authenticated account. No other user or admin can query it.
Bank tokens (server-side): Plaid access tokens are stored in an AES-256-GCM encrypted file on our server. They never touch your browser. Access is validated via JWT authentication and rate-limited to prevent abuse.
PIN protection: Budget and cycle tracker data requires a 4-digit PIN to access. The PIN is stored as a salted SHA-256 hash — we cannot recover it. A server-side backup prevents tampering.

Third-party services

We use these services to make the app work. None of them receive your data for advertising purposes:

Supabase (database & authentication) — Stores your synced app data. Subject to Supabase's Privacy Policy.
Plaid (bank connections) — Connects to your bank to import transactions and balances. We only request transaction data, not your full account details. Subject to Plaid's End User Privacy Policy.
Anthropic (AI assistant) — When you use Now AI, your conversation and relevant app context is sent to Anthropic's Claude API to generate responses. Anthropic does not use your data for training. Subject to Anthropic's Privacy Policy.
Google (authentication & calendar) — Sign-in via Google OAuth. Optional Google Calendar sync. Subject to Google's Privacy Policy.

What we never do

    We never sell your data to anyone, for any reason.
We never use your data for advertising or profiling.
We never share your financial or health data with third parties except as described above.
We never look at your individual data. We don't have admin tools to browse user accounts.
We never store your bank credentials. Plaid handles authentication directly.

Your rights

You have full control over your data:

Export: You can export all your data as a JSON file anytime from the Budget widget settings.
Delete: You can permanently delete all your data from the Budget widget settings. This removes everything from your device. To delete cloud-synced data, use the same option — it clears both.
Disconnect bank: You can remove your bank connection anytime from Budget settings. This deletes the stored access token from our server.
PIN control: You can reset or change your PIN at any time.

Security measures

AES-256-GCM encryption for sensitive data at rest (both client and server)
PIN lock with brute-force protection (5 attempts, then 30-second lockout)
5-minute inactivity timeout auto-locks sensitive widgets
JWT authentication on all server API calls
Rate limiting on financial API endpoints (10 requests/minute per user)
Clipboard auto-clears 60 seconds after copying sensitive content
Server-side tamper detection for PIN integrity
All financial data purged from browser on sign-out
Row Level Security on database (users can only access their own data)

Lifeline (recovery mode) data

We understand that Lifeline users are in vulnerable financial situations. Extra care is taken:

Court dates, debt amounts, and legal templates are encrypted at rest.
Crisis Kit content (eviction defense, debt collection rights, bankruptcy information) is educational — it is not legal advice. Always consult with a qualified attorney for your specific situation.
Recovery data is never shared with creditors, landlords, or any third party.
If you graduate from Lifeline to normal budget mode, your data carries over but the recovery-specific data (stages, crisis kit usage) is retained privately.

Age Requirement

Coconut Tree is intended for users 18 and older. The app handles financial data, bank account connections, and health information that require adult consent. We do not knowingly collect data from anyone under 18. If you are under 18, please do not use this app.

Changes to this policy

If we make significant changes, we'll notify you in the app. Continued use after changes constitutes acceptance.

Contact

Questions about your privacy? Reach us at [email protected].