Privacy Policy

Your privacy is our priority. Learn how we protect your financial data.

Your Privacy, Your Control

At Diariva, we believe your financial data belongs to you. Always. We've built our platform with privacy-first principles, ensuring that you have complete control over your information.

This Privacy Policy explains how we collect, use, and protect your personal information when you use our services. We're committed to transparency and giving you the tools you need to manage your data.

Last updated: June 2026

End-to-End Encryption

All your data is encrypted and secure

GDPR Compliant

Full right to erasure and data control

Bank-Level Security

Military-grade security standards

Delete Anytime

Remove all your data with one click

Information We Collect

Account Information

  • Email address and password (encrypted)
  • Name and profile information
  • Currency preferences

Financial Data

  • Expense and income records (encrypted)
  • Category and tag information
  • Shared expense data (with your consent)

Receipt & bank statement imports

  • Receipt photos you upload for AI import
  • Bank statement PDFs or images you upload for transaction import
  • Sensitive banking identifiers (e.g. IBAN, account numbers, postal addresses) are redacted before storage and before AI processing where technically possible

How We Use Your Information

Service Provision

  • Process and store your financial data securely
  • Calculate balances and settlements
  • Provide AI-powered insights (with your consent)

Communication

  • Send important service updates
  • Provide customer support
  • Share product updates (opt-in)

AI document import

When you use receipt scan or bank statement import, we process the document to extract amounts, dates, merchants, and categories so you can review and confirm entries before they are saved.

  • Nothing is booked automatically — you review and select what to import
  • AI import uses a shared credit allowance on your plan
  • We do not use your uploaded documents to train third-party AI models

Sub-processors & international transfers

We use trusted infrastructure and reputable third-party providers to deliver the service. Where data leaves the EU/EEA, we rely on appropriate safeguards (such as Standard Contractual Clauses) as required by GDPR.

AI document processing

Receipt and bank statement images may be processed by reputable AI providers for text extraction. We send redacted/sanitized document images where possible, not your full unredacted bank PDF.

File storage

Uploaded receipt images and bank statements are stored in secure private storage. Access uses short-lived signed URLs — not permanent public links.

Hosting & database

Application hosting and encrypted database services within the EU/EEA where available.

Data retention

We keep data only as long as needed to provide the service or meet legal obligations.

  • Account and financial records: until you delete your account or remove individual entries
  • Uploaded receipts and bank statements: stored while linked to your expenses; private file access links expire within minutes
  • Temporary AI import cache (to avoid re-processing the same file): up to 12 months, then purged
  • Abandoned import drafts: purged after 30 days; confirmed drafts after 90 days
  • Security and audit logs: limited retention for fraud prevention and support

Data Security

Encryption

All your data is encrypted using industry-standard AES-256 encryption. Your financial information is encrypted both in transit and at rest, ensuring maximum protection.

Access Control

We implement strict access controls and regularly audit who has access to your data. Our team members only access your data when necessary for providing support, and all access is logged and monitored.

Infrastructure Security

Our servers are hosted on secure, SOC 2 compliant infrastructure with regular security updates and monitoring. We use multiple layers of security to protect your data.

Your Rights

Right to Access

You can access all your data at any time through your account settings or by contacting us. We'll provide you with a complete copy of your data in a machine-readable format.

Right to Deletion

You can delete your account and all associated data at any time. This includes all financial records, shared expense data, and personal information. Deletion is permanent and cannot be undone.

Right to Portability

You can export your data in standard formats (CSV, JSON) to use with other services. We make it easy to take your data with you if you decide to switch platforms.

Right to Control AI Training

You can choose whether to participate in AI model training. If you opt out, your data will not be used for improving our AI features, even in anonymized form.

Questions About Privacy?

If you have any questions about this Privacy Policy or how we handle your data, please don't hesitate to contact us. We're committed to transparency and will respond to all privacy-related inquiries within 24 hours.

Contact UsEmail Privacy Team