Your financial data deserves clarity.

Traqa is a financial clarity and organization platform. We help users upload, email, parse, categorize, and understand their bank statements and transaction history.

Traqa is not a bank, payment processor, wallet provider, lender, investment adviser, tax adviser, accounting firm, or regulated financial institution. We do not hold customer funds or initiate payments.

Account information: your name, email address, authentication details, workspace details, profile settings, and linked bank-account metadata that you provide.

Financial document information: bank statement files, statement metadata, account numbers or masked account hints, bank names, statement periods, balances, transaction descriptions, amounts, dates, categories, tags, and parsing results.

Smart Drop email information: inbound statement email alias, sender address, recipient alias, provider message identifiers, attachment metadata, and supported statement attachments sent to your Traqa inbox.

Technical information: IP address, device/browser metadata, logs, request metadata, rate-limit events, security events, and diagnostic information needed to operate and protect the service.

Website and product usage information: cookie identifiers, local storage values, page views, product interaction events, referrer information, device/browser details, and aggregate analytics generated through cookies or similar technologies where used.

Support and communication information: messages you send us, feedback, issue reports, and related correspondence.

To provide the service, including accepting uploads, opening supported statements, identifying the bank/account, extracting transactions, showing dashboards, and helping you organize financial activity.

To secure the platform, prevent abuse, detect duplicate uploads, verify statement ownership, protect against replayed webhooks, and audit sensitive actions.

To improve product reliability, including debugging parser failures, monitoring queue health, measuring performance, and reducing duplicate or partial processing.

To understand website and product usage, measure aggregate performance, and improve Traqa's design, content, and user journeys where analytics technologies are enabled.

To communicate with you about account activity, statement-processing status, password-required events, support issues, security notices, and service updates.

To comply with legal obligations, enforce our terms, resolve disputes, and protect users, Traqa, and the public.

Traqa uses automated parsing and AI-assisted extraction to convert statement documents into structured transaction data.

Statement text, images, metadata, or extracted snippets may be sent to AI service providers or internal AI services solely to identify statement details, extract transactions, classify data, improve reliability, or provide the features you request.

AI output is treated as untrusted until validated by our systems. We use deterministic checks, ownership validation, duplicate controls, and audit logs to reduce incorrect or unsafe processing.

Traqa does not use your statement data to initiate payments, move money, or make lending, credit, investment, tax, legal, or employment decisions.

Where required by law, we process your information based on one or more lawful bases, including providing the service you request, your consent or instruction, our legitimate interests in operating and securing Traqa, compliance with legal obligations, and protecting vital security interests.

You can withdraw consent where consent is the applicable basis, but withdrawal may limit or stop features that require the relevant data.

Service providers and subprocessors: we may share data with vendors that help us host the platform, store files, send email, process inbound statement email, run AI extraction, monitor reliability, provide analytics, and support users.

Security and compliance: we may share information where necessary to investigate abuse, protect the service, comply with law, respond to lawful requests, or enforce our terms.

Business transfers: if Traqa is involved in a merger, acquisition, financing, restructuring, or sale of assets, user information may be transferred as part of that transaction, subject to appropriate protections.

We do not sell your bank statement data.

We keep personal and financial information only for as long as needed to provide Traqa, comply with legal obligations, resolve disputes, maintain security, and enforce agreements.

Statement files, extracted text, parsed transactions, webhook receipts, logs, and duplicate-processing records may have different retention periods based on operational need and legal requirements.

When data is no longer needed, we delete it, anonymize it, or isolate it from active use according to our retention procedures.

Traqa may use cookies, local storage, pixels, tags, and similar technologies for security, authentication continuity, preferences, analytics, and related website or product functions.

Where required by law, we ask for consent before using non-essential cookies or similar technologies. You may also be able to manage those technologies through browser controls or future in-product preference tools.

Some analytics or support technologies may be provided by service providers acting on our behalf. For more detail, see our Cookie Notice and, where available, our subprocessor information.

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, port, or withdraw consent for your personal data.

You may request deletion of your account or specific statement data, subject to lawful retention needs, fraud or security review, and backup limitations.

You may disable Smart Drop email ingestion or update allowed sender settings where those controls are available.

To exercise privacy rights, contact us using the details in this policy. We may need to verify your identity before fulfilling a request.

We use administrative, technical, and organizational safeguards designed to protect your information, including access controls, authentication, encryption in transit, service-to-service protections, rate limits, audit logs, and duplicate-ingestion controls.

No system is perfectly secure. You are responsible for protecting your login credentials and only uploading statements you are authorized to process.

Traqa and its service providers may process information in countries other than where you live. Where required, we use appropriate safeguards for cross-border processing and vendor access.

Traqa is not intended for children. Do not use Traqa if you are not old enough to enter into a binding agreement or provide valid consent under the laws that apply to you.

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify users through the product, email, or another appropriate channel.

For privacy questions, data requests, or complaints, contact Traqa at privacy@usetraqa.com.

For subprocessor or security diligence questions, you may also contact security@usetraqa.com.

If you believe your data-protection rights have not been respected, you may also contact the relevant data protection authority in your jurisdiction.