Legal

Privacy Policy

Last updated: March 3, 2026

What Kachink Is

Kachink is a personal finance tracker that runs as a remote MCP (Model Context Protocol) server. You interact with it through Claude or any MCP-compatible client to log transactions, view spending summaries, and manage recurring charges.

Data We Collect

When you sign in with Google, we store:

  • Google account info — your name, email address, and Google user ID, used solely to identify your account.
  • Transactions — amounts, currencies, categories, descriptions, and dates you provide when logging income or expenses.
  • Recurring transactions — details of any recurring charges you set up.
  • Preferences — your base currency setting.

Where Data Is Stored

All data is stored in Cloudflare D1, a serverless SQL database. Your data resides in Cloudflare's infrastructure and is not replicated to any other service or third party.

Third-Party Services

  • Google OAuth — used for authentication only. We do not access your Google data beyond the basic profile (name, email).
  • Frankfurter API — an open-source exchange rate API (frankfurter.app). When you log a transaction in a foreign currency, we fetch the exchange rate for that date. No personal data is sent to this API — only the currency pair and date.
  • Google Analytics — used on the marketing site (kachink.app) to understand page views. Google Analytics does not run inside the MCP server or dashboard.

How We Use Your Data

Your data is used exclusively to provide the Kachink service:

  • Storing and retrieving your transactions
  • Computing monthly summaries and category breakdowns
  • Converting currencies at the exchange rate on the transaction date
  • Auto-logging recurring transactions on their scheduled day

We do not sell, share, or monetize your data in any way. We do not train AI models on your data.

Data Retention

Your data is retained as long as your account exists. You can delete your account and all associated data at any time (see below).

Your Rights

Kachink provides built-in tools for exercising your data rights:

  • Export your data — Use the "export my data" command to get a full JSON export of all your transactions, recurring transactions, and preferences.
  • Delete your account — Use the "delete my account" command to permanently erase your account and all associated data. This action is irreversible.

Security

Authentication is handled via OAuth 2.0 with Google. MCP access tokens are encrypted and expire after 24 hours, with refresh tokens valid for 30 days. All communication happens over HTTPS.

Children

Kachink is not intended for use by anyone under the age of 13.

Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date at the top. Continued use of Kachink after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy, reach out at [email protected].