TwoMoney
TwoMoneyGet Started Free
PRIVACY POLICY
Last updated March 27, 2026

This Privacy Policy describes how TwoMoney ("Company," "we," "us," or "our") collects, uses, and shares information about you when you use our website and web application at https://twomoney.app (the "Service").

TwoMoney is a couples personal finance tracking app. We are committed to protecting your privacy. We do not sell your personal data. We do not serve ads. We collect only what is necessary to provide the Service.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

TABLE OF CONTENTS

1. INFORMATION WE COLLECT
Account Information
When you register for TwoMoney, we collect the following through our authentication provider, Clerk:
  • Full name
  • Email address
  • Profile picture (if using Google OAuth)
  • Authentication credentials (managed securely by Clerk — we do not store your password)
Financial Data You Enter
TwoMoney does not connect to your bank accounts. All financial data is entered manually by you. This includes:
  • Transactions (amount, category, date, description, type)
  • Budgets (category, limit, period)
  • Savings goals (name, target amount, contributions)
  • Subscriptions (name, amount, billing cycle)
  • Investment holdings (asset name, quantity, value)
We do not collect or store bank account numbers, routing numbers, passwords, or any credentials for financial institutions.
Partner and Workspace Data
TwoMoney is a shared app. When you create or join a workspace with a partner, data you enter may be visible to other workspace members according to the privacy settings you configure. Workspace members' names and profile information may be visible to other members of the same workspace.
Usage and Technical Data
We and our service providers may automatically collect certain technical data when you use the Service, including:
  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and features used
  • Date and time of access
  • Referring URL
This data is used solely for operating, maintaining, and improving the Service. It is not used for advertising.
Payment Information
If you subscribe to TwoMoney Pro ($9.99/month), payment is processed by our payment processor. We do not store your full credit card number or payment card details on our servers. We may receive limited billing information such as the last four digits of your card and billing address for record-keeping purposes.

2. HOW WE USE YOUR INFORMATION
We use the information we collect to:
  • Create and manage your account
  • Provide, operate, and improve the Service
  • Enable shared workspace features with your partner
  • Generate AI-powered spending insights (see Section 6)
  • Process payments and manage subscriptions
  • Send transactional emails (account activity, invitations, receipts) via Resend
  • Respond to support requests and feedback
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
We do not use your financial data for advertising, benchmarking against other users, or any purpose other than providing the Service to you.

If you are located in the European Economic Area (EEA) or United Kingdom, our legal bases for processing your personal data are:
  • Contract performance — Processing necessary to provide the Service you have signed up for (account creation, data storage, workspace features, billing).
  • Legitimate interests — Processing necessary for our legitimate interests in operating, securing, and improving the Service, where these interests are not overridden by your rights.
  • Legal obligation — Processing required to comply with applicable law.
  • Consent — Where we rely on your consent (e.g., optional communications), you may withdraw it at any time by contacting us at hello@twomoney.app.

4. HOW WE SHARE YOUR INFORMATION
We do not sell your personal data. We do not share your data with advertisers. We share your data only in the following limited circumstances:
Third-Party Service Providers
We use the following sub-processors to operate the Service:
  • Clerk (clerk.com) — Authentication, session management, and Google OAuth. Processes name, email, and authentication data.
  • Supabase (supabase.com) — Database hosting for your financial data and app data. Hosted in the United States.
  • Railway (railway.app) — Application server infrastructure. Hosted in the United States.
  • Vercel (vercel.com) — Frontend hosting and edge delivery.
  • Resend (resend.com) — Transactional email delivery (invitations, account emails). Processes your email address.
  • AI provider — Aggregated, anonymized spending data may be sent to an AI provider to generate insights. We do not send personally identifiable information (such as your name or email) to AI providers. See Section 6.
Each provider is contractually bound to process your data only as directed by us and in accordance with applicable data protection law.
Workspace Members
Financial data you enter into a shared workspace may be visible to other members of that workspace (e.g., your partner). Transactions marked as private are visible only to you. You control your privacy settings within the Service.
Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency). We will notify you of such requests to the extent permitted by law.
Business Transfers
If TwoMoney is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

5. COOKIES AND TRACKING
TwoMoney uses a minimal cookie policy. We use only essential session cookies — no advertising cookies, no third-party tracking cookies, no analytics cookies that profile your behavior across the web.
Cookies We Use
  • Session cookies (via Clerk) — Required to keep you signed in. These are set by Clerk and are essential for the Service to function. They expire when your session ends or after a set period.
Cookies We Do Not Use
  • Advertising or retargeting cookies
  • Third-party analytics cookies (e.g., Google Analytics)
  • Social media tracking pixels
  • Fingerprinting or cross-site tracking technologies
Because we only use strictly necessary cookies, no cookie consent banner is required under most jurisdictions. However, if you disable cookies in your browser, you will not be able to log in to the Service.

6. AI FEATURES
TwoMoney Pro includes AI-powered spending insights. When generating insights, we send aggregated financial data (such as spending totals by category and time period) to an AI provider. We do not send personally identifiable information such as your name, email address, or any data that identifies you as an individual to AI providers.

TwoMoney is not a financial advisor. AI-generated insights are for informational purposes only and do not constitute financial, investment, tax, or legal advice. You should consult a qualified professional before making financial decisions.

AI insights are only available to Pro subscribers. Free plan users do not have their data sent to AI providers for insights.

7. DATA RETENTION
We retain your data for as long as your account is active or as needed to provide you the Service. Specifically:
  • Account data — Retained for the duration of your account. Deleted within 30 days of account deletion.
  • Financial data — Retained for the duration of your account. Deleted within 30 days of account deletion.
  • Billing records — Retained for up to 7 years as required by applicable tax and accounting laws, even after account deletion.
  • Server logs — Retained for up to 90 days for security and debugging purposes.
To request deletion of your account and data, email hello@twomoney.app. We will process deletion requests within 30 days.

8. DATA SECURITY
We implement reasonable technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:
  • Encryption in transit (HTTPS/TLS for all connections)
  • Encryption at rest for database storage via Supabase
  • Authentication managed by Clerk, a SOC 2 Type II certified provider
  • Access controls limiting employee access to production data
However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at hello@twomoney.app.

9. YOUR PRIVACY RIGHTS
Depending on your location, you may have the following rights regarding your personal data:
  • Access — Request a copy of the personal data we hold about you.
  • Correction — Request correction of inaccurate or incomplete personal data.
  • Deletion — Request deletion of your personal data ("right to be forgotten").
  • Portability — Request a copy of your data in a structured, machine-readable format.
  • Restriction — Request that we restrict processing of your data in certain circumstances.
  • Objection — Object to processing of your data based on legitimate interests.
  • Opt-out of sale — We do not sell your data. There is nothing to opt out of.
To exercise any of these rights, email hello@twomoney.app with the subject line "Privacy Request." We will respond within 30 days. We may need to verify your identity before processing your request.

10. CALIFORNIA RESIDENTS — CCPA / CPRA
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights.
Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information:
  • Identifiers — Name, email address, IP address
  • Financial information — Manually entered transaction, budget, goal, subscription, and investment data
  • Internet activity — Pages visited, features used, log data
  • Inferences — AI-generated spending insights derived from your financial data
Your California Rights
  • Right to Know — You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete — You may request deletion of your personal information, subject to certain exceptions.
  • Right to Correct — You may request correction of inaccurate personal information.
  • Right to Opt-Out of Sale or Sharing — We do not sell or share your personal information for cross-context behavioral advertising. This right is not applicable.
  • Right to Limit Use of Sensitive Personal Information — We do not use sensitive personal information for purposes beyond providing the Service.
  • Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights.
To submit a verifiable consumer request, email hello@twomoney.app. You may also submit requests on behalf of a minor child. We will respond within 45 days, with a possible 45-day extension where reasonably necessary.

If you have complaints that are not satisfactorily resolved, you may contact the California Privacy Protection Agency at cppa.ca.gov or the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834, or by telephone at (800) 952-5210.

11. EEA AND UK RESIDENTS — GDPR
If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) and UK GDPR, including the rights described in Section 9.

You also have the right to lodge a complaint with your local data protection authority. A list of EU supervisory authorities is available at edpb.europa.eu. The UK supervisory authority is the Information Commissioner's Office (ICO) at ico.org.uk.

Where we rely on legitimate interests as a legal basis, you have the right to object. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where processing is necessary for legal claims.

12. INTERNATIONAL DATA TRANSFERS
TwoMoney is based in the United States. All data is stored and processed in the United States (via Supabase and Railway). If you access the Service from outside the United States, your data will be transferred to and processed in the United States, which may have different data protection laws than your country.

For transfers of personal data from the EEA or UK to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and the UK International Data Transfer Agreement (IDTA), as applicable, as the lawful transfer mechanism. Where our sub-processors (Clerk, Supabase, Vercel, etc.) are located outside the EEA, we ensure they maintain appropriate safeguards for such transfers.

13. CAN-SPAM COMPLIANCE
We comply with the CAN-SPAM Act. Transactional emails we send (such as account confirmations, partner invitations, and billing receipts) are sent via Resend and are necessary to provide the Service. We do not send unsolicited commercial email.

All email communications from TwoMoney:
  • Identify TwoMoney as the sender
  • Include our valid contact email address
  • Do not use deceptive subject lines
  • Include an unsubscribe mechanism for any non-transactional communications
To opt out of any non-transactional emails, email hello@twomoney.app with "Unsubscribe" in the subject line. Note that you cannot opt out of transactional emails (e.g., account security alerts, billing receipts) as these are necessary to provide the Service.

14. CHILDREN'S PRIVACY
TwoMoney is not directed to children under the age of 18. We do not knowingly collect personal information from anyone under 18. If you are under 18, you may not use the Service. If we become aware that we have collected personal data from a person under 18, we will delete that information promptly. If you believe we may have information from or about a child under 18, please contact us at hello@twomoney.app.

15. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will notify you of material changes by emailing you at the address associated with your account or by posting a prominent notice on the Service prior to the change becoming effective. The "Last updated" date at the top of this page reflects the most recent revision.

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree to the updated policy, you must discontinue use of the Service.

16. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

TwoMoney
Email: hello@twomoney.app
Website: https://twomoney.app

We will respond to all inquiries within 30 days.