AllotAllotSign in

Privacy Policy

Last updated: June 16, 2026

This Privacy Policy explains how AM Systems (“Allot,” “we,” “us”) collects, uses, shares, and protects your information when you use the Allot website and services (the “Service”). We are the controller of your personal information. Budgeting data is sensitive, and we treat it that way.

1. Information We Collect

  • Account information. Your name, email address, and password (stored only as a salted hash, never in plain text).
  • Budgeting data you provide. Accounts, balances, transactions, categories, goals, notes, and other financial details you enter.
  • Connected-account data. If you link a bank or card through our connection provider (Plaid), we receive account and transaction data you authorize. We never receive or store your bank login credentials.
  • Billing information. Subscription status and limited payment metadata. Card details are collected and processed directly by our payment processor (Stripe); we do not store full card numbers.
  • Authentication data. If you sign in with Google, we receive basic profile information you approve through that provider.
  • Technical and security data. IP address, device/browser information, and security events (such as login attempts) used to operate and protect the Service.
  • Cookies. A small number of essential cookies, including your session cookie. See “Cookies” below.

2. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To authenticate you and keep your account and data secure.
  • To process subscriptions and billing.
  • To provide customer support and respond to your requests.
  • To send essential service communications (for example, verification, password reset, security, and billing notices).
  • To detect, prevent, and address fraud, abuse, and technical issues.
  • To comply with legal obligations.

3. Legal Bases (EEA/UK Users)

Where the GDPR or UK GDPR applies, we process personal data on these bases: performance of a contract (to provide the Service you signed up for), legitimate interests (to secure and improve the Service), consent (for example, connecting an external account), and legal obligation (to meet our legal duties). You may withdraw consent at any time where processing is based on consent.

4. We Do Not Sell Your Information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We do not use your financial data to advertise to you.

5. How We Share Information

We share information only with service providers (“sub-processors”) that help us run the Service, and only as needed:

  • Cloudflare — hosting, storage, and content delivery.
  • Plaid — secure connections to your financial institutions (only if you connect an account).
  • Stripe — subscription payment processing.
  • Resend — delivery of transactional emails.
  • Google — sign-in, if you choose to use it.

We may also disclose information if required by law, to enforce our terms, or to protect the rights, safety, and security of our users and the Service. If we are involved in a merger or acquisition, we will provide notice before your information becomes subject to a different privacy policy.

6. Data Retention

We keep your information for as long as your account is active or as needed to provide the Service. When you delete your account or use the in-app reset, we delete or anonymize the associated data within a reasonable period, except where we must retain certain records to comply with legal, tax, or security obligations.

7. Security

We protect your information with encryption in transit (HTTPS/TLS), strong password hashing, strict per-account data isolation, optional two-factor authentication, rate-limiting, and other safeguards. No method of transmission or storage is perfectly secure, but we work to protect your data and to respond promptly to any incident.

8. Your Rights and Choices

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your information (“right to be forgotten”).
  • Export a copy of your data (portability).
  • Restrict or object to certain processing.
  • Withdraw consent where processing relies on consent.
  • Opt out of any sale or sharing of personal information (note: we do not sell or share it).
  • Not be discriminated against for exercising your privacy rights (CCPA/CPRA).

You can update your profile and delete or reset your data from within the app. To make any other request, email support@allot-app.com. We will verify your request and respond within the timeframe required by applicable law. You may also have the right to lodge a complaint with your local data-protection authority.

9. International Transfers

We and our sub-processors may process your information in the United States and other countries. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for international transfers.

10. Cookies

We use a small set of strictly necessary cookies to keep you signed in and to secure the Service. We do not use third-party advertising or cross-site tracking cookies. Because these cookies are essential to the Service, disabling them may prevent you from signing in.

11. Children’s Privacy

The Service is not directed to children, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide reasonable notice (for example, by email or an in-app notice) and update the “Last updated” date above.

13. Contact Us

For privacy questions or to exercise your rights, contact us at support@allot-app.com.