Slash Cash (slash.cash) is a local-first personal finance product. The open-source slashcash CLI and local dashboard run on your machine. This policy describes what data is involved and where it lives.
1. What we collect
1.1 On your device (primary)
- Transaction ledger: Structured spend data in a local SQLite database (default under your home directory).
- Connector credentials: Gmail IMAP app passwords stored locally (for example macOS Keychain or a local credentials file when Keychain is unavailable).
- Email-derived data: Finance-related messages are read over read-only IMAP, parsed on your device, and converted into transactions. We do not operate a hosted copy of your inbox.
- Attachments: PDFs and similar files saved locally when you enable attachment storage.
1.2 On this website
The marketing site at slash.cash is static. We do not ask you to sign in or upload financial files through the website. Standard server or CDN logs (if any) may include IP address and browser type — the same as any public website.
1.3 Optional assistant
If you configure an assistant provider (for example a local Ollama instance or a cloud API you supply), prompts may be sent to that provider under your configuration. Ingestion and categorization do not require any model.
2. How we use information
- Import approved receipt emails, store structured transactions, show local dashboard analytics, and answer optional assistant questions when you configure a provider.
- Improve the open-source product when you choose to share feedback or issues publicly.
We do not: sell your financial data, run ads against your transaction graph, move money on your behalf, or require uploading your ledger to a Slash Cash cloud.
2.1 No Slash Cash cloud ledger
There is no Slash Cash–hosted database of your transactions today. If we ever offer optional hosted features, they will be opt-in and described separately before you enable them.
3. Security
You control the machine and filesystem. Use disk encryption, strong device passwords, and careful backup of your SQLite file. Connector credentials should be treated like any other app password.
4. Third-party names
We reference merchants and services (Swiggy, banks, UPI apps, etc.) only to describe ingestion and categorization. We are not affiliated with or endorsed by those companies unless we state otherwise.
5. Your choices
- Delete your local database file at any time.
- Revoke or rotate your Gmail app password in Google Account settings.
- Export or back up SQLite using standard tools — you own the file.
6. Children
Slash Cash is not intended for users under 18.
7. Changes
We may update this page. Material changes will be reflected in the "Last updated" date above.
8. Contact
Questions: hi@slash.cash