Don is an AI personal finance app that lets you ask questions about your money in plain English. Connect your bank accounts and ask things like 'How much did I spend on food last month?' or 'Am I on track with my savings goal?' Don answers with full context from your real financial data.

How much does Don cost?

Don is $9.99 per month or $89.99 per year. There is a 30-day free trial — no credit card required to start.

Is Don safe to connect to my bank?

Yes. Don connects to your bank via Plaid, the same technology used by thousands of financial apps. All connections are read-only — Don can see your transactions but cannot move money. Your data is encrypted in transit and at rest.

How is Don different from other budgeting apps?

Most budgeting apps show you data in dashboards. Don lets you have a conversation with your finances — ask a question, get a real answer from your actual accounts. Don also features Smart Tag (fix a merchant name once, remembered forever), gamified savings goals with XP and streaks, and a premium dark UI.

Which banks does Don support?

Don connects to over 11,000 banks and financial institutions in the US via Plaid. If your bank is in the US, it is almost certainly supported.

Privacy Policy

Last updated: March 4, 2026

1. Introduction

Don is operated by vector.dev LLC ("Company," "we," "us," or "our"), a California limited liability company. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our personal finance application available at don.financial and through our mobile applications on the Apple App Store (collectively, the "Service").

2. Information We Collect

Account Information

When you create an account, we collect your email address or phone number for authentication via one-time passcode (OTP) sent by email or SMS.

Financial Data

When you connect your bank accounts through Plaid, we receive access to your account balances, transaction history, and account metadata. This data is used to power your personal finance dashboard, spending insights, and transaction categorization.

AI Interaction Data

When you use Don's AI features (the conversational assistant), your transaction data and chat messages are processed by Anthropic's AI models via their API. We send only the data necessary to fulfill your request. Anthropic does not use data submitted via their API to train their AI models.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, and device information such as browser type, operating system, and device model. On mobile apps, this may include app version, OS version, and crash reports collected by Apple or Google. We do not use session replay or screen recording technology.

Cookies & Local Storage

The web application uses a session cookie to keep you signed in. We do not use third-party tracking cookies, advertising cookies, or analytics pixels. The mobile application uses secure on-device storage (Keychain on iOS) to store your authentication token.

3. How We Use Your Information

We use your information to:

Provide and maintain the Service, including your financial dashboard and transaction tracking
Power AI-driven transaction categorization and the Don conversational assistant
Process payments and manage your subscription
Send transactional emails and SMS (OTP authentication, subscription receipts)
Improve and optimize the Service
Detect and prevent fraud, abuse, and unauthorized access

Don may use AI to categorize transactions, generate spending insights, or respond to your questions, but these functions supplement your own financial decisions. We do not make automated decisions that affect your legal rights or financial standing.

4. Third-Party Services

We use the following third-party services to operate Don:

Plaid — Securely connects your bank accounts and retrieves financial data. Plaid's use of your data is governed by Plaid's Privacy Policy.
Stripe — Processes subscription payments on the web. We never store your credit card details directly. Stripe's use of your data is governed by Stripe's Privacy Policy.
Apple (App Store) — Processes in-app subscription payments on iOS. Apple may collect device information, usage data, and crash reports. Apple's use of your data is governed by Apple's Privacy Policy.
Anthropic — Powers AI transaction categorization and the Don assistant. Transaction data and chat messages are sent to Anthropic for processing via their API. Anthropic does not use API data to train their models. Anthropic's use of data is governed by Anthropic's Privacy Policy.
Resend — Sends transactional emails (magic link authentication, subscription receipts).
Neon — Hosts our PostgreSQL database where your account and financial data is stored.
Vercel — Hosts our web application and serverless API. Vercel may process request metadata (IP address, headers) as part of serving the application. Vercel's use of data is governed by Vercel's Privacy Policy.

5. Data Sales

We do not sell your personal or financial data. We do not share your financial data with third parties for their marketing purposes. Your data is only shared with the third-party services listed above as necessary to operate the Service.

We may create aggregated, de-identified data from your usage for product improvement and analytics. This data cannot be used to identify you and is not considered personal information.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, your financial data (transactions, bank connections, categories, budgets, and goals) is permanently deleted immediately. We retain your email address and subscription record to prevent trial abuse and to allow you to re-register in the future. Some data may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention, billing records). Non-financial data such as usage analytics and server logs are retained for up to 12 months after account deletion, after which they are permanently deleted.

7. Data Security

We implement industry-standard and above security measures to protect your data, including:

Encrypted connections (TLS/SSL) for all data in transit
AES-256-GCM field-level encryption for sensitive credentials (e.g., bank connection tokens)
SHA-256 hashed session tokens and bcrypt-hashed one-time passcodes
Certificate pinning on iOS to prevent man-in-the-middle attacks
CSRF protection, Content Security Policy headers, and rate limiting on authentication endpoints
Secure on-device storage (Keychain on iOS)

However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Data Breach Notification

In the event of a data breach that compromises your personal or financial data, we will notify affected users via email within 72 hours of becoming aware of the breach. We will also notify any applicable regulatory authorities as required by law.

9. Your Rights — United States (CCPA/CPRA)

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) to:

Know what personal information we collect, use, and disclose
Request deletion of your personal information
Request correction of inaccurate personal information
Opt out of the sale or sharing of your personal information (we do not sell or share your data for cross-context behavioral advertising)
Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at hello@don.financial. We will respond to verifiable requests within 45 days.

We recognize and honor Global Privacy Control (GPC) opt-out preference signals sent by your browser.

9b. Your Rights — Other US States

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), or another US state with an active consumer privacy law, you may have rights including:

Access the personal data we hold about you
Correct inaccurate personal data
Delete your personal data
Opt out of targeted advertising (we do not engage in targeted advertising or sell your data)
Appeal a denied privacy request by contacting us at hello@don.financial

To exercise these rights, contact us at hello@don.financial. We will respond within the timeframe required by your state's law.

10. Your Rights — European Economic Area & United Kingdom (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your data based on the following legal grounds:

Contract performance: To provide the Service you signed up for (account management, financial dashboard, AI features)
Legitimate interest: To improve the Service, prevent fraud, and ensure security
Consent: Where required by law (e.g., for marketing communications, which we do not currently send)

Your GDPR Rights

Access: Request a copy of the personal data we hold about you
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Portability: Request your data in a structured, machine-readable format (we offer CSV export)
Restriction: Request that we limit how we process your data
Objection: Object to processing based on legitimate interest

International Data Transfers

Your data is stored and processed in the United States. If you are located outside the United States, your data is transferred to the US where our servers and third-party service providers are located. We rely on Standard Contractual Clauses (SCCs) and other approved transfer mechanisms to ensure your data is protected in accordance with applicable data protection laws.

To exercise your GDPR rights, contact us at hello@don.financial. You also have the right to lodge a complaint with your local data protection authority.

11. Children's Privacy

The Service is not intended for children under 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us at hello@don.financial and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you via email at least 30 days before the changes take effect. We will also post the updated policy on this page and update the "Last updated" date. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise any of your privacy rights, contact us at:

vector.dev LLC
Email: hello@don.financial