HF
Hollis Finance

Privacy & Beta Notice

Last updated 1 July 2026

This is a private beta.

Hollis Finance is under active development. Please don't rely on it as your only financial record, and tell us about anything that looks off — your feedback shapes the product.

Who we are

Hollis Finance is a private beta operated by Ash Hollis, based in Sydney, Australia. In this notice, “we” and “us” mean Hollis Finance.

What we collect

  • Your account: the email address and password you sign up with. Passwords are stored only as a secure one-way hash — we never see them.
  • The data you add: the accounts, balances, transactions, budgets, goals, properties and holdings you enter or import via CSV. We do not connect to your bank, so we never ask for or hold bank login credentials.
  • Basic technical data: with each sign-in we record your IP address and browser type, so we can keep your account secure and alert you to sign-ins from a device we don't recognise. This is encrypted.
  • How you use the app: we record basic, first-party usage analytics — which screens are viewed and where a sign-up came from — to understand how the app is used and improve it. This is handled on our own servers (no third-party analytics or tracking cookies), is only ever looked at in aggregate, and is never sold or used for advertising.

How we use it

Only to run the app for you — your dashboard, budgets, reports, forecasts, and answers from the assistant, all computed from your own data. We don't sell your data or share it with advertisers.

The assistant currently answers using only your own data, processed within our own systems — nothing is sent to any outside AI service. If we later turn on an external AI model to improve its answers, we'll update this notice and make clear what would be shared before doing so.

Where it's stored

In an encrypted, managed PostgreSQL database hosted in Sydney, Australia. All traffic is encrypted over HTTPS, and access is scoped per account, so you only ever see your own data.

Service providers

We rely on a few trusted providers to run the service: our managed database and application hosting are both located in Sydney, Australia; we use an email provider to send sign-in and security emails, and an error-monitoring service to help us find and fix bugs. We share only what each provider needs to do its job, never for advertising. Some providers may process limited technical data (such as an email address or error details) outside Australia.

How we protect it

  • Sensitive free-text and personal details — your name, notes, AI-assistant messages, and session info — are encrypted at rest in our application, on top of the database's own disk encryption.
  • All traffic is forced over HTTPS with HSTS, and a strict Content Security Policy limits what can run in your browser.
  • You can turn on two-factor authentication, and we reject passwords known from public data breaches.
  • We self-host our fonts and scripts, so opening the app doesn't share your IP address with third-party content networks.

How long we keep it

We keep your data for as long as your account is open. When you delete your account — which you can do yourself any time from Settings → Security — your account and all of its data are permanently erased from our systems. Backups are kept on a short rotation and then overwritten.

Your control

You're in control of your data. You can edit or correct anything you've entered at any time, export everything from the Data page, and delete your account and all its data whenever you like. Reach us via Help & Support → Send feedback in the app, or the email below.

If there's a data breach

We take protecting your data seriously, but no system is perfect. If a data breach occurs that's likely to put you at risk of serious harm, we'll notify you and the Office of the Australian Information Commissioner (OAIC) promptly, as required by Australia's Notifiable Data Breaches scheme.

Cookies

We use a single essential cookie to keep you signed in. We don't use third-party tracking, advertising, or analytics cookies.

Questions or complaints

Questions about your data, or a privacy concern? Email ash.hollis@outlook.com.au. If you're not satisfied with how we've handled it, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Privacy Terms Sign in