Privacy Policy

Last updated: 9 May 2026

Steward is a self-hosted personal finance tool. Each instance runs on infrastructure controlled by the user (the operator). The Steward mobile app (iOS & Android) connects to one operator-controlled server at a time. This policy describes what the app collects and how it’s used.

Data we store on your device

Data we send off-device

Permissions the app requests

Third parties

The mobile app itself does not include analytics, advertising, or third-party SDKs that phone home. The only network destinations are:

The server you connect to may itself talk to bank aggregators (Plaid, Teller, Lunchflow, Pluggy, Enable Banking, Salt Edge), Yahoo Finance for prices, and optional services like Resend for email and Anthropic for inbox parsing — all gated by credentials the operator configures. See the operator’s SECURITY.md for the complete list.

Data retention

Cached data on your device persists until you sign out or uninstall. Push subscriptions on your server persist until you remove the device from Settings → Push notifications → Registered devices.

Children

Steward is not directed at children under 13 and we do not knowingly collect information from them.

Changes to this policy

We will update this page when material changes occur. The “Last updated” date at the top reflects the most recent revision.

Contact

Questions? Use the contact form on our support page.