🚀 Loots is currently in beta — your early feedback shapes the product.
FeaturesPricingBlogPartner ProgramLog inGet started free →
Back to home

Privacy Policy

Last updated: March 11, 2026

Quick Summary

  • We collect only the data needed to run Loots and improve product quality.
  • We never sell your personal or financial data.
  • You can export or delete your data from your account settings.

Contents

Introduction

At Loots, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal and financial information. By using Loots, you consent to the practices described in this policy.

Information We Collect

Account Information: When you create an account, we collect your name, email address, and password (encrypted).

Financial Data:

  • Free users: CSV files you upload containing your bank transactions.
  • Paid users: Transaction data synced via Akahu, including transaction amounts, dates, descriptions, and merchant names.

Usage Data: We collect information about how you interact with our service, including feature usage and log data.

How We Use Your Information

We use your information solely to:

  • Provide and improve our financial analysis services
  • Detect subscriptions and identify spending patterns
  • Send you notifications about price increases or potential savings
  • Communicate with you about your account and service updates
  • Process payments and manage your subscription

Data Security

Encryption: All data is encrypted in transit (TLS 1.3) and at rest. We use industry-standard encryption to protect your information.

Bank Connections: Paid plans use Akahu, an NZ-regulated open banking provider. We never store your bank login credentials. Akahu provides read-only access, meaning we can only view transactions — we cannot move money or make payments.

Access Controls: Your data is only accessible to you and authorised Loots staff who need it to provide support.

Data Sharing

We do not sell your data. We only share your information in the following limited circumstances:

  • Service Providers: With Akahu (for bank connections) and cloud hosting providers who help us operate our service.
  • Legal Requirements: If required by law or to protect our rights, property, or safety.

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data
  • Withdraw consent for data processing (which may limit service functionality)

Data Retention

We retain your data for as long as your account is active. When you delete your account, your data is deleted immediately. Bank connection tokens are revoked at the time of deletion. We may retain certain records where required by law or for regulatory purposes.

Cookies and Tracking

We use essential cookies to keep you logged in and maintain your session. We do not use tracking cookies for advertising purposes.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the application. Continued use of Loots after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at