Legal

Privacy policy

Effective May 9, 2026 · Last updated May 9, 2026

Saielo helps you plan your finances years ahead. To do that, Saielo needs to handle some information about you. This page explains exactly what we collect, what we don't, where it goes, and how to delete it.

The short version

Saielo does not connect to your bank. Saielo does not sell your data. Your financial plan is encrypted on your device with a key only you control — Saielo's servers cannot read it. You can delete your account at any time, and we will hard-delete your data within 30 days.

Contents

Who we are
What we collect
What we do not collect
How encryption works
Where your data lives
Third parties
Your rights
How to delete your account
Children
Changes to this policy
Contact

1. Who we are

Saielo is a long-horizon financial planning app, currently in private beta. Saielo is operated as a sole-proprietor business based in Riyadh, Saudi Arabia. The contact for any privacy question is saiel@saielo.com.

2. What we collect

Saielo collects the minimum information needed to operate the app:

Account identifier. Either an email address (for magic-link sign-in) or an Apple ID identifier (for Sign in with Apple). We never see or store your Apple ID password.
Encrypted plan blob.Your financial plan — the answers you've given Saielo, the projections it has computed, the check-in history — is encrypted on your device and stored on our servers as an opaque blob. We cannot read it. Only your device, with your encryption key, can decrypt it.
Anonymous usage diagnostics. Crash reports and performance metrics, with no personal identifiers. Used only to fix bugs.
Subscription state, when applicable. Whether your subscription is active, trial, expired. We process this through Apple — we never see your payment method.

3. What we do not collect

Saielo deliberately does not collect:

Bank account credentials. Saielo does not integrate with Plaid, Yodlee, MX, or any aggregator. We do not screen-scrape banks. We do not request your routing or account numbers.
Bank balances or transactions.We never see what's in your accounts. The plan you build with Saielo is based on what you tell Saielo — Saielo does not verify against your bank.
Location data. Saielo does not track where you are.
Device contacts, photos, calendar, or microphone. Saielo does not request access to any of these.
Behavioral or advertising profiles. Saielo does not build or sell user profiles. There are no ads in Saielo.

4. How encryption works

Your plan is encrypted on your device using AES-GCM, an industry-standard symmetric encryption algorithm. The encryption key (the data encryption key, or DEK) is generated on your device at first launch and wrapped with a key derived from your account credentials. The wrapped DEK is stored alongside the encrypted plan on our servers — but the wrapping key never leaves your device.

What this means in practice: if someone breached our database, they would see a list of opaque blobs. They could not read any user's plan. They could not even tell what data structure the plan uses. Decryption requires both the wrapped DEK and your account credentials, and only happens on your device.

This design is deliberate. We chose end-to-end encryption on day one because financial data is sensitive enough to deserve it.

5. Where your data lives

Saielo's servers are operated by Supabase, with data stored in their EU region (Frankfurt, Germany). We chose EU hosting because of GDPR's strong data protection guarantees, which apply regardless of where you live.

Your encrypted plan, your account identifier, and your subscription state are stored in our Supabase database. Diagnostics are stored separately and contain no identifying information.

6. Third parties

Saielo uses these third-party services:

Supabase — database and authentication. Their privacy policy.
Anthropic— AI processing for your conversational input. Saielo sends your input as a prompt to Anthropic's Claude API. Anthropic's policy is to not train on API data. Their privacy policy.
Apple — App Store distribution, Sign in with Apple, in-app purchase processing. Their privacy policy.
Vercel — hosting for this website (saielo.com). Their privacy policy.

We do not use advertising networks, analytics platforms with cross-site tracking, or any service that profiles users.

7. Your rights

You have the right to:

Access the data Saielo holds about you
Correct inaccurate data
Export your data (we provide this within 30 days of a request)
Delete your account and all associated data
Withdraw consent for any data processing at any time

To exercise any of these rights, email saiel@saielo.com. We will respond within 30 days, and usually much faster.

8. How to delete your account

You can delete your account in two ways:

From inside the app: Settings → Delete account. Confirms with you, then triggers immediate deletion.
By email: Send a request from your account email to saiel@saielo.com. We will action it within 7 business days.

When you delete your account: your encrypted plan blob, your account identifier, and your subscription history are scheduled for hard-deletion. Hard deletion completes within 30 days, after which we retain nothing about you. We do not maintain backups of deleted accounts.

9. Children

Saielo is not intended for users under 16. We do not knowingly collect data from anyone under 16. If you believe a minor has signed up, contact us and we will delete the account.

10. Changes to this policy

If we change this policy in any material way, we will notify users by email at least 30 days before the change takes effect. The “Last updated” date at the top of this page reflects the most recent change.

11. Contact

Privacy questions, data requests, or anything else: saiel@saielo.com.