Back to Home

Privacy Policy

Last updated: 4 March 2026

1. Introduction

Steerplan Ltd (“we”, “us”, “our”) operates the Steerplan mobile application. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data We Collect

Account data: Name, email address, and profile picture provided through your Google, Apple, or X authentication via Clerk.

Financial data: Bank transaction data (amounts, dates, descriptions, merchant names) accessed through Yapily Open Banking or uploaded via CSV files.

App usage data: Income sources, budgets, savings pots, reminders, and spending categories you create within the App.

AI conversation data: Messages you send to the AI assistant and the responses generated.

Subscription data: Subscription status and billing information managed by RevenueCat and Apple. We do not directly access your payment card details.

3. How We Use Your Data

We use your data to:

  • Provide and improve the Steerplan service
  • Categorise and analyse your transactions
  • Generate AI-powered financial insights
  • Manage your subscription and account
  • Communicate service updates and changes

4. Bank Data via Yapily

When you connect a bank account, Yapily (an FCA-authorised provider) accesses your transaction data on your behalf. We receive transaction details but never your banking login credentials. You can revoke bank access at any time through the App's settings or directly with your bank.

5. AI Data Processing

Your financial data and messages are processed by Anthropic's Claude AI to provide insights and categorisation. Data sent to the AI is used solely for generating your responses and is not used to train AI models. We send only the data necessary to fulfil your request.

6. Third-Party Services

We use the following third-party services:

  • Clerk — Authentication and account management
  • Yapily — Open Banking data access
  • Anthropic (Claude) — AI processing
  • RevenueCat — Subscription management
  • Apple App Store — Payment processing

Each provider operates under their own privacy policy and data processing agreements.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law. AI conversation history is retained for the duration of your account.

8. Your Rights (GDPR)

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing of your data
  • Port your data to another service
  • Object to processing of your data

To exercise any of these rights, contact us at privacy@steerplan.com.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit and at rest, secure API communications, and access controls.

10. Children's Privacy

Steerplan is not intended for users under 18 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App.

12. Contact

For privacy-related enquiries, contact us at privacy@steerplan.com.

Steerplan Ltd
England and Wales