User-scoped product data
Account, transaction, budget, goal, memory, and conversation data is designed to be tied to the relevant user account and product permissions.
Last updated May 30, 2026
Security and Data Handling
This page explains how Clarity thinks about security, account connections, Rex assistant data, vendor handling, disconnection, deletion, and support. It is written for users and reviewers, so it avoids exposing private implementation details.
Clarity is an early-stage personal AI financial co-pilot. No online service can remove every security risk, but Clarity is designed around user authorization, limited access, and clear support paths.
Data flow
Financial data starts with user authorization.
Clarity is designed to access financial data only after a user chooses to connect or import account information. Account-connection providers such as Plaid may help users authorize access. Clarity does not ask for or store bank login credentials through the public site.
Connected or imported data may be used to power spending views, budgets, categories, account context, goals, and Rex responses. Rex does not independently connect to banks, move money, pay bills, open accounts, apply for credit, file taxes, or execute transactions.
Access controls
Clarity separates user data and limits operational access.
Operational access
Administrative access should be limited to people and systems that need it for support, security, reliability, maintenance, or legal obligations.
Public form safety
Public waitlist and contact forms are for high-level requests only. Do not send account numbers, credentials, one-time codes, screenshots, CSV files, or sensitive documents.
Transport and storage
Clarity uses managed services and secure transport patterns.
Clarity is designed to use HTTPS/TLS for public web and app communication, managed hosting and database infrastructure, authentication controls, and provider-level safeguards. Exact controls may vary by environment, feature, vendor, and rollout stage.
We avoid absolute or certification-style security claims unless they are verified and intentionally published.
Vendors
Service providers help operate Clarity.
Clarity may use vendors for account connections, hosting, databases, AI model responses, speech-to-text, text-to-speech, support/contact forms, email delivery, security, monitoring, and analytics if enabled. Providers may process information according to their own terms, privacy policies, security practices, and legal obligations.
Voice features are user-initiated. Clarity does not describe Rex as always listening. Voice flows may involve audio capture, transcription, assistant context, generated responses, spoken responses, and related metadata.
Deletion and disconnection
Stopping access is different from deleting stored data.
Disconnecting a financial account may stop future access where supported. Data already stored in Clarity may remain until you delete it through supported product controls or submit a deletion request.
Some records may remain for a limited period in backups, logs, security records, support records, or systems where retention is needed for legal, fraud-prevention, security, dispute-resolution, or operational reasons. Visit Data Deletion to learn how to request deletion.
Security contact
Report security concerns through the contact path.
To report a security concern, use the Contact page and choose Security concern, or email clarity.rex@gmail.com. Include a clear, high-level description. Do not include secrets, credentials, bank passwords, full account numbers, full card numbers, Social Security numbers, one-time codes, private keys, or sensitive files.
Related links