Effective Date: May 7, 2026
Ask Allen LLC (“Ask Allen,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you access or use the Ask Allen web-based application at askallen.ai and related services (collectively, the “Service”).
By using the Service, you agree to this Privacy Policy.
This Privacy Policy applies to information collected through:
This Privacy Policy does not apply to third-party websites or services that we do not control.
We may collect:
The Service allows you to connect financial accounts through Plaid Technologies, Inc. (“Plaid”) to provide budgeting insights, transaction categorization, merchant identification, and other financial analysis features.
When you choose to connect financial accounts, you authorize Plaid and Ask Allen to access and retrieve certain financial account information from your financial institutions on your behalf. Connecting accounts via Plaid constitutes your authorization for Ask Allen to receive, store, and process the categories of financial information described in Section 5 of this Privacy Policy.
Financial account connections are optional. You may choose not to connect accounts or may disconnect them at any time.
Important: Ask Allen does not receive or store your bank login credentials. Authentication is handled directly through Plaid’s secure infrastructure.
When you interact with Allen, our AI-powered assistant, we collect:
To generate responses, your messages and relevant financial context (such as recent transactions, account balances, and categorization data) are transmitted to Anthropic for processing. See Section 4 for details.
If you purchase a subscription, we may collect or receive:
Subscription billing is processed by Stripe. Stripe collects your name, email, billing address, and payment method directly. Card details are handled entirely by Stripe — Ask Allen never receives, transmits, or stores credit card numbers. See Section 6 for details.
We may collect technical information including:
We use cookies and similar technologies on our website and within the Service for the following purposes:
We do not use cookies for cross-context behavioral advertising. We do not sell or share information collected via cookies for advertising purposes.
You can control cookies through your browser settings. Disabling strictly necessary cookies will prevent the Service from functioning.
We use information for the following purposes:
Including creating and maintaining your account, connecting and syncing financial data, generating spending summaries and budgeting insights, generating cash flow projections and net worth calculations, and providing AI-powered responses and educational guidance.
Processing your messages and relevant financial context to generate responses through AI models, as described in Section 4.
Verifying purchases, confirming subscription status, enabling access to subscription features, processing renewals, and preventing subscription fraud.
Troubleshooting errors, monitoring performance, improving categorization accuracy, improving user experience, and improving internal merchant verification systems using aggregated and de-identified data.
Ask Allen may aggregate and de-identify your data to create derived data and aggregated data. Such derived data may be used to improve the Service, including its categorization accuracy for all users, provided such data cannot reasonably identify any individual.
Detecting suspicious logins, preventing prompt injection and misuse, preventing unauthorized access, and enforcing our Terms of Use.
Responding to support requests, communicating about account issues, and sending service-related notices.
Responding to lawful requests, complying with regulatory obligations, and enforcing our legal rights.
The Service uses Anthropic’s Claude API as a third-party AI service provider to process user prompts, transaction metadata, and related contextual information in order to generate AI-powered financial insights, categorizations, summaries, and educational guidance.
When you submit a question, request analysis, or interact with conversational features of the Service, the following information may be transmitted securely to Anthropic for real-time processing:
We do not transmit bank login credentials, authentication secrets, payment card numbers, or Social Security numbers to Anthropic.
Our integration with Anthropic is configured under a zero data retention (“ZDR”) setting. Under this configuration:
We rely on Anthropic’s contractual commitments and technical controls to support this configuration. Anthropic acts as a service provider and processor under our instructions, not as an independent data controller.
Although Anthropic does not retain conversation content, Ask Allen does store your chat history within our own infrastructure (Firebase / Google Cloud) so that you can review past conversations and so that Allen can maintain context across sessions. This stored history is subject to the data retention and deletion provisions in Sections 9 and 10 of this Privacy Policy.
Ask Allen does not use your identifiable conversation data, transaction data, or financial information to train artificial intelligence or machine learning models. Aggregated and de-identified data may be used to improve internal categorization systems and the Service’s performance, but such data cannot reasonably be used to identify you.
AI-generated outputs are probabilistic and may contain inaccuracies, misclassifications, or incomplete analysis. The use of zero data retention does not eliminate the inherent limitations of machine learning systems. Refer to our Terms of Use for additional disclaimers regarding AI output accuracy.
We use Plaid Technologies, Inc. to enable secure connections between your financial accounts and the Service.
When you connect financial accounts, you authorize Plaid to access your financial account information and transmit it to Ask Allen. The financial data provider processes your information according to its own privacy policy, available at https://plaid.com/legal/.
When you connect financial accounts, we may receive the following categories of information from your financial institutions through Plaid:
We do not receive or store your bank login credentials, online banking passwords, or authentication secrets. Authentication is handled directly through Plaid’s secure infrastructure.
Financial data obtained from connected accounts is used to:
Financial data is used solely to provide and improve the functionality of the Service. We do not sell financial transaction data to third parties. We do not use financial data for advertising, marketing profiling, or data brokerage.
You acknowledge that:
You maintain control over connected financial accounts and may at any time:
Upon disconnection, Ask Allen will revoke active Plaid access tokens and cease ongoing data retrieval. Previously retrieved transaction data may be retained as described in Section 9 unless you also request deletion.
Subscription billing is processed by Stripe, Inc. Ask Allen LLC is the merchant of record. We use Stripe Checkout (hosted by Stripe), meaning all payment form rendering and card processing occur on Stripe’s infrastructure, not on Ask Allen’s servers.
Stripe collects your name, email, billing address, payment method (card details handled entirely by Stripe), subscription status, and purchase history. Stripe does not receive any financial account data from Plaid or any AI conversation data.
Ask Allen uses Stripe Checkout (hosted) for all payment processing and never receives, transmits, or stores credit card numbers. Stripe maintains PCI DSS Level 1 certification.
Stripe processes billing data under its own privacy policy, available at https://stripe.com/privacy. Ask Allen is not responsible for and has no liability for damages arising from your use of Stripe’s products and services. Your use of Stripe is subject to Stripe’s Privacy Policy.
We use Firebase and Google Cloud for application infrastructure, including authentication, database storage, file storage, hosting, cloud functions, push notifications, crash reporting, and application performance monitoring.
Data processed may include account registration information, encrypted financial data, conversation history, usage logs, authentication tokens, device identifiers, and application performance metrics. Data is stored on secure cloud infrastructure managed by Google. Cloud providers act solely as data processors under our instructions.
We may use analytics and crash-reporting providers to understand usage and improve stability. These providers receive aggregated usage information and technical diagnostics, not financial data or conversation content.
All service providers are contractually required to process information solely to provide services on our behalf, in accordance with applicable data protection laws. We do not authorize service providers to use your information for their own marketing or commercial purposes.
We may update our list of service providers from time to time as the Service evolves. Where required by law, we will provide notice of material changes.
To the extent your information is transferred internationally by a service provider, such transfers will be subject to appropriate legal safeguards as required by applicable law (such as standard contractual clauses or equivalent mechanisms).
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising or for targeted advertising of any kind.
We may share information only in the following circumstances:
We share data with the service providers identified in Sections 4 through 7 (Anthropic, Plaid, Stripe, Firebase / Google Cloud, analytics providers) for the limited purposes described.
We may disclose information if required by law, subpoena, court order, regulatory request, or other legal process; or where we have a good-faith belief that disclosure is necessary to comply with applicable law.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify users of any such transaction in accordance with applicable law.
We may share information to protect our users, enforce our Terms of Use, prevent fraud, investigate suspected violations, or protect the safety, rights, or property of Ask Allen, our users, or the public.
We may share information with your express consent or at your direction.
We retain personal information only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security and fraud prevention. Retention periods vary depending on the type of data.
Account information (name, email, account identifiers, login credentials) is retained while the account remains active. It is deleted or anonymized within 30 days after account deletion, unless legal obligations require longer retention.
Financial data retrieved from connected accounts is retained while the account is connected and the Service is active. It is deleted within 30 days after disconnection or account deletion, except where retention is necessary for legal compliance, fraud prevention, or dispute resolution.
Conversation history stored within Ask Allen’s own infrastructure is retained while your account is active so you can review past conversations and so Allen can maintain context. Conversation history is deleted within 30 days after account deletion. Anthropic does not retain conversation content (see Section 4.2).
Subscription and billing records may be retained for up to seven (7) years to comply with accounting, tax, and audit obligations. Stripe may retain billing data for similar periods under its own retention policies.
Operational logs are retained for 30 to 90 days. Security and fraud logs may be retained for up to one (1) year.
Aggregated or de-identified data that cannot reasonably be used to identify you (including contributions to our shared merchant reference database) may be retained indefinitely to improve the Service for all users. Because this data is not reasonably linkable to an individual, it is not subject to deletion upon account closure.
We may retain information longer where required to comply with applicable financial regulations, meet tax and accounting obligations, investigate fraud or misuse, or resolve disputes or enforce agreements. When retention periods expire, data is securely deleted or irreversibly anonymized.
You may delete your account at any time within the Service under Settings → Delete Account, or by contacting us at privacy@askallen.ai.
Upon confirmed deletion, Ask Allen will:
Data retained by third-party platforms per their own policies (outside our control) may include Stripe billing and payment records. Ask Allen does not store credit card numbers — Stripe handles all payment data.
Backup data may persist for approximately 30 days for fraud prevention, billing dispute resolution, and legal compliance purposes. After this period, backup data is overwritten on a rolling basis pursuant to standard backup rotation cycles.
Anonymized contributions to the shared merchant reference database are retained as described in Section 9.6. This data contains no name, email, account number, device identifier, or other direct user identifier and cannot reasonably be used to re-identify a specific user.
Account deletion is permanent and irreversible. Once completed, access to historical data cannot be restored, previously generated reports cannot be recovered, and reconnection of financial accounts requires creation of a new account.
Deleting your account does not automatically cancel your active subscription. You should cancel your subscription through the Stripe Customer Portal accessible from the Ask Allen dashboard settings page before deleting your account.
We may retain limited information where necessary for legal compliance, fraud prevention, dispute resolution, billing verification, and backup and recovery systems. We will handle retained information in accordance with this Privacy Policy.
We use commercially reasonable administrative, technical, and organizational safeguards to protect your information. These safeguards include:
However, no system can guarantee 100% security. You use the Service at your own risk. You are responsible for safeguarding your account credentials and notifying us promptly of any unauthorized access.
Depending on your jurisdiction, you may have rights regarding your personal information, including the right to:
To exercise privacy rights, contact us at privacy@askallen.ai. We may require identity verification before fulfilling requests.
You also have the right to lodge a complaint with the data protection authority in your jurisdiction. We will not retaliate against you for exercising your privacy rights.
This section applies only to California residents and is provided pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”).
In the past twelve (12) months, we may have collected the following categories of personal information:
We do not use or disclose sensitive personal information for purposes other than those permitted by the CPRA, such as providing the Service, ensuring security, preventing fraud, and maintaining functionality. You have the right to limit our use of sensitive personal information; however, certain limitations may prevent us from providing the Service.
We collect personal information from the following sources:
We collect and use personal information for business purposes including providing and operating the Service, generating AI-powered insights and responses, account authentication and security, subscription management and purchase verification, analytics and performance monitoring, fraud detection and prevention, customer support, and legal compliance and enforcement.
In the past twelve (12) months, we may have disclosed the categories of personal information listed above to the following categories of recipients for business purposes:
Ask Allen does not sell personal information. Ask Allen does not share personal information for cross-context behavioral advertising (as defined under CPRA). We do not provide targeted advertising and do not monetize user data.
Ask Allen has not sold or shared the personal information of any consumer, including consumers under 16, in the preceding twelve (12) months.
California residents have the right to:
To submit a request, contact us at privacy@askallen.ai with the subject line “California Privacy Request.” We may request additional information to verify your identity. You may authorize an agent to submit a request on your behalf, but we may require proof of authorization. We will respond within the timeframes required by the CCPA/CPRA.
Ask Allen does not offer financial incentives for the collection or sale of personal information.
California Civil Code Section 1798.83 permits California residents to request information regarding disclosure of personal information to third parties for direct marketing purposes. Ask Allen does not disclose personal information to third parties for direct marketing purposes.
Some browsers offer “Do Not Track” settings. At this time, we do not respond to Do Not Track signals due to the lack of an industry standard. We do honor the Global Privacy Control (GPC) signal as an opt-out preference signal where applicable.
Residents of certain other U.S. states have privacy rights under their respective state laws, including (without limitation) the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), the Oregon Consumer Privacy Act (OCPA), and the Montana Consumer Data Privacy Act (MCDPA), as well as other comparable state laws.
Depending on your state of residence, you may have the right to:
To submit a request, contact us at privacy@askallen.ai. We may require identity verification before fulfilling requests. We will respond within the timeframes required by applicable state law (typically 45 days, with possible extensions).
If we decline to take action on your request, you may appeal our decision by contacting us at privacy@askallen.ai with the subject line “Privacy Request Appeal.” We will respond to appeals within the timeframes required by applicable state law. If your appeal is denied, you may contact your state attorney general’s office.
Where required by applicable state law (including the VCDPA, CPA, CTDPA, OCPA, MCDPA, and others), processing of sensitive personal information is conducted only with your consent. By connecting financial accounts to the Service via Plaid, you consent to our processing of your financial account information for the purposes described in this Privacy Policy.
Although Ask Allen is not a “financial institution” as defined under the Gramm-Leach-Bliley Act (“GLBA”) and is not subject to GLBA’s direct regulatory requirements, we recognize the sensitive nature of financial account information and apply protective practices consistent with GLBA principles.
Specifically, with respect to nonpublic personal financial information you provide or that we receive on your behalf via Plaid:
Plaid, as a regulated financial data aggregator, maintains its own GLBA-aligned privacy practices described in Plaid’s privacy policy.
We design and operate our artificial intelligence systems with consideration for emerging state and federal laws governing artificial intelligence systems, automated decision-making, and consumer protection. These laws may include, among others:
The Service is designed primarily to provide informational financial insights and educational guidance. The Service is not intended to make and does not make automated consequential decisions regarding eligibility for financial services, employment, housing, healthcare, education, or government services. The Service does not approve or deny credit, determine eligibility for financial products, or make legally binding determinations.
When you interact with Allen, you are interacting with an artificial intelligence system. Responses are generated by automated AI technology and are not reviewed in real time by a human financial advisor. AI outputs are probabilistic and may contain inaccuracies. You should independently verify important financial decisions.
Users remain responsible for interpreting AI-generated outputs and making final decisions based on their own judgment. The Service does not replace professional financial, legal, or tax advice.
Where appropriate, we maintain internal documentation addressing intended uses of our AI systems, potential risks associated with AI outputs, safeguards designed to reduce harmful or discriminatory outcomes, and internal governance practices relating to AI development and deployment.
Ask Allen does not train artificial intelligence or machine learning models using your identifiable conversation data, transaction data, or financial information. We use Anthropic’s Claude API as our AI model provider; the developers of underlying foundation models maintain their own training data documentation.
We seek to design AI systems consistent with widely recognized responsible AI principles, including fairness and non-discrimination, transparency, reliability, security, and human oversight. We monitor AI outputs for potentially discriminatory patterns, avoid using protected characteristics as model inputs, and review consumer complaints for fairness concerns.
Artificial intelligence regulation continues to evolve. We may update our AI governance practices, disclosures, and policies as new laws or regulations take effect.
The Service is intended for adults 18 years of age and older. We do not knowingly collect personal information from anyone under 18, and we do not knowingly collect personal information from children under 13 within the meaning of the Children’s Online Privacy Protection Act (“COPPA”).
If we learn that we have collected personal information from a child under 13, we will delete that information promptly. If you are a parent or guardian and believe a child under 13 has provided us with personal information, please contact us at privacy@askallen.ai.
The Service is operated from the United States. If you access the Service from outside the United States, you understand that your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate. By using the Service, you consent to such transfers.
Where required by applicable law, international transfers are subject to appropriate legal safeguards (such as standard contractual clauses) to protect your information.
In the event of a data breach or security incident affecting your personal information, we will notify affected users and applicable regulatory authorities as required by applicable law. Notifications will include the categories of information affected, the date of the incident (if known), the steps we are taking to address the incident, and recommended steps you may take to protect yourself.
The Service may include links to third-party websites or services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party websites or services you access.
We may update this Privacy Policy from time to time. If changes are material, we will notify you through the Service or by email. The “Effective Date” at the top of this Privacy Policy indicates when it was last updated. Your continued use of the Service after updates take effect constitutes acceptance of the revised Privacy Policy.
If you have questions about this Privacy Policy or our privacy practices, contact us at:
Ask Allen LLC
900 Foulk Rd, Ste 201
Wilmington, DE 19803
Privacy: privacy@askallen.ai
Support: support@askallen.ai
Legal: legal@askallen.ai