Last updated June 12, 2026 · early access
The deals, plan settings, contracts and spiffs you enter or import; your email address and login; standard server logs. That’s it. We never ask for your employer’s systems, your bank, or your SSN.
In a Supabase (Postgres) database with row-level security: every query is filtered to your user ID at the database layer, so no other user can ever read your data. To be fully honest: like almost every web app, our small team can technically access the database for support and debugging — we don’t browse it, and operator-blind encryption of identifying fields is on the roadmap. The app is hosted on Vercel.
Compute your numbers and show them to you. We don’t sell data, share it with advertisers, or train models on it. Statement files you upload for reconciliation are processed in your browser and never stored.
We use privacy-respecting page analytics (counts of visits and feature usage) to understand what’s working. No ad trackers.
Export everything as JSON or delete your account and all data any time from Settings → Your data & privacy. Your deals, plan and profile are wiped immediately and unrecoverably; removal of the bare login record (your email) can take a little longer.
This is an early-access product run by a small team. Data is encrypted in transit and at rest by our infrastructure providers, but application-layer encryption of free-text fields is still on the roadmap. If anything here changes materially, we’ll say so before it does.
If your data is ever involved in a security incident, we’ll email you within 72 hours with what happened, what was affected, and what we’re doing about it.
Email support@earnwisehq.com — a human reads it.