Privacy Policy

1. Overview

Sift (“we”, “us”) provides a service that analyses bank statement PDFs to identify recurring charges and subscriptions, offering a free summary preview with a paid option to unlock the full report. This policy explains what information we collect, how it's used, and how it's protected.

2. What we collect

• Your bank statement file. When you upload a PDF or Word document, it is sent directly to our AI processing provider for analysis and is not stored on our servers. Once the analysis is returned to your browser, the file is discarded.
• Payment information. Payments are handled entirely by Stripe. We do not see or store your card details — Stripe provides us only with a payment confirmation status.
• Basic usage data. Standard web server logs (e.g. page requests, browser type, approximate location from IP) may be collected automatically by our hosting provider for security and reliability purposes.
• Temporary analysis cache. After a free scan, the full results are held in a short-lived cache (up to 30 minutes) so they can be retrieved if you choose to unlock the full report. This cache expires automatically and is never linked to your identity beyond the random reference generated for that scan.
• IP address (rate limiting). We use your IP address to apply a daily limit on free scans, to prevent abuse. This is not linked to any other personal information.

3. How your statement is processed

Your uploaded statement is sent securely to Anthropic's Claude AI API for analysis. Anthropic processes the document to extract subscription and recurring-charge information, which is returned to our server and passed straight to your browser. We do not retain a copy. Anthropic's handling of data submitted via their API is governed by their own privacy and data-usage terms.

4. We never ask for your bank login

Sift does not use bank-linking or “open banking” services and never asks for your online banking username, password, or any banking credentials. You provide only a PDF statement that you download yourself from your bank.

5. Third-party processors

We rely on the following third parties to operate Sift:

• Stripe — payment processing
• Anthropic — AI analysis of uploaded statements
• Vercel — website hosting and infrastructure

Each of these providers has its own privacy policy governing how they handle data passed to them.

6. Data retention

We do not store uploaded bank statements. The extracted results are held in a temporary cache for up to 30 minutes to support the unlock flow, then automatically deleted. Payment records are retained by Stripe in accordance with their standard retention practices, as required for accounting and fraud prevention.

7. Your rights

Since we don't store your statement or its contents, there is generally nothing for us to delete on request. If you have questions about any data we may hold (such as payment records via Stripe), email us at support@siftmoney.com and we'll assist.

8. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the “Last updated” date above.

9. Contact

Questions about this policy? Email support@siftmoney.com.