← Back to Mali
Privacy Policy
Last updated: May 20, 2026 · Effective: May 2, 2026
The short version. Mali is a personal-finance assistant. Your bank credentials never touch our servers — Teller handles those. Your linked balances, transactions, uploaded documents, and conversations are stored under your account, isolated from every other user, and used only to answer your questions. We don’t sell your data. We don’t train AI models on your data. You can delete everything any time from Settings.
1. Who we are
Mali (“the service”) is operated by TBS Enterprises LLC (“we,” “us”). For privacy questions or data requests, email privacy@toddbsmith.com.
2. What we collect
From you, directly
- Account info: your Google account email and display name (used only to sign you in)
- Documents you upload: bank statements, tax forms, CSVs — whatever you choose to share with the assistant
- Conversations: your text and voice messages and Mali’s replies
- Profile prefs: region, encryption settings, subscription tier
From your bank, via Teller
When you tap “Connect Bank,” you sign in to your bank through Teller’s secure widget. Your bank credentials go directly to Teller — we never see your username or password. Teller sends us back:
- Account names, types, masked numbers, and balances
- Transactions for the last 90 days (and continuously thereafter while linked)
- An access token Teller uses to refresh that data on your behalf
Teller’s end-user privacy policy is at teller.io/about/privacy.
Automatically
- Anonymous usage analytics: screen views, button taps, error events. No personally identifiable content; aggregated only.
- Standard server logs: request timestamps, IP, user-agent. Retained ~30 days for abuse prevention and debugging.
3. How we use it
- To provide the chat and voice assistant — Mali reads your accounts and documents only to answer your questions
- To maintain conversation context across sessions and devices
- To process subscription payments (if you choose Voice Pro or Voice Premium)
- To detect abuse, fraud, or violations of our Terms
- To improve the service through aggregated, anonymized usage signals
We never sell your data and we don’t share it with third parties for advertising.
4. Service providers we share with
| Provider | What they get | Why |
|---|
| Google Firebase |
All account, conversation, account-balance, and transaction data (encrypted at rest) |
Our authentication, database, and file storage |
| Teller |
Bank credentials (directly, not via us); ongoing account + transaction sync |
Linking your bank to the app |
| xAI (Grok) |
The text of your chat and voice messages, plus contextual data needed to answer (account names, balances, recent transactions, document summaries) |
AI text + realtime voice responses |
| OpenAI |
(Standby fallback, text chat only) — chat message text + contextual data, same as xAI above |
Backup text-chat provider when Grok is unavailable |
| Stripe |
Email + name + payment method (you enter it directly into Stripe’s checkout) |
Processing subscription payments |
| Google Cloud Logging |
Server-side error logs (may include user IDs, never raw bank data) |
Debugging and uptime monitoring |
We choose providers that contractually agree not to use your data for their own purposes (e.g., AI vendors do not train on your inputs by default).
5. How we secure it
- Client-side AES-256-GCM encryption of your uploaded documents and synced transaction data before storage. The encryption key is derived in your browser (PBKDF2, 600k iterations) from your Firebase user ID plus a per-user salt; our servers handle only ciphertext blobs. This protects your data at rest from the server’s perspective; it is not a zero-knowledge system (see Security details for the threat model).
- Encryption in transit via HTTPS/TLS for every API call
- Per-user isolation: every Firestore read is scoped to your authenticated user ID; no other user can access your data
- Teller access tokens live in a Firestore collection that is unreadable by any client — only our server can use them
- Sign-out wipes the local cache on your browser so a shared device doesn’t leak the previous user’s data
6. How long we keep it
- While your account is active: as long as you keep using Mali, your data stays
- After you delete your account: all your data — accounts, transactions, messages, files, Teller tokens — is permanently removed within 30 days
- Server logs: ~30 days
- Aggregated, anonymized analytics: retained indefinitely
7. Your rights
- Access: view your data within the app any time
- Delete: Settings → Delete all my data (this is irreversible)
- Disconnect a bank: Accounts tab → Disconnect (removes the access token and stops future sync)
- Export: email privacy@toddbsmith.com and we’ll send you a copy
If you’re in California (CCPA / CPRA)
You additionally have the right to know what we collect, to correct inaccuracies, to opt out of data sales (we don’t sell), and to non-discrimination. Submit requests to privacy@toddbsmith.com.
If you’re in the EU/UK (GDPR)
You have rights to access, rectify, erase, restrict processing, port, and object to processing. The legal basis for our processing is (a) performance of a contract with you, (b) your consent for AI processing of your conversations, and (c) our legitimate interest in operating and securing the service. Contact privacy@toddbsmith.com.
8. Children
Mali is not directed to children under 13 (under 16 in the EU). We do not knowingly collect data from minors. If you believe a child has signed up, email us and we’ll remove the account.
9. Changes
We may update this policy as the product evolves. Material changes will be flagged in-app and at the top of this page with a new “Last updated” date. Continued use after a change means you accept the updated policy.
10. Contact
Questions, concerns, or requests: privacy@toddbsmith.com
See also: Terms of Service · Security details · Data retention