Your data stays in Canadian waters.

What we collect

Fathom is local-first. All financial data lives entirely on your device. We operate no analytics, no telemetry, and no crash reporting services. We do not receive, transmit, or store your financial data on any server.

How we handle your email

If you connect your Gmail or Outlook account, Fathom uses OAuth (the same standard used by major apps) to read your email with your explicit permission. Here is exactly what happens:

• › We request read-only access. Fathom cannot send, delete, or modify your email.
• › Email content is processed entirely on your device. Raw email data is never sent to our servers or any third party.
• › Fathom scans for bank transaction alerts and merchant e-receipt confirmations. It extracts only structured financial data — merchant name, amount, date, and line items.
• › After parsing, the raw email content is discarded. Only the extracted financial record is stored in your local encrypted database.
• › Your OAuth access and refresh tokens are stored in your device's secure enclave (iOS Keychain / Android Keystore), never in the app database.
• › You can disconnect your email at any time in Settings. This revokes the OAuth token immediately.

On-device AI

Fathom runs a small language model directly on your device for receipt parsing, spending insights, and natural language queries. The model processes your financial data locally — nothing is sent to a server. If you optionally connect a cloud AI provider (such as OpenRouter), your queries are sent to that provider under their privacy policy. This is always opt-in and clearly disclosed in Settings.

Biometric data

Fathom uses your device's built-in biometric authentication (Face ID, Touch ID, or fingerprint) to protect the app. Your biometric data is handled entirely by your operating system — Fathom never accesses, stores, or transmits biometric data. We receive only a yes/no authentication result from the OS.

Cloud sync (future)

We plan to offer optional cloud sync in the future. When available, your data will be encrypted end-to-end on your device before it leaves. We will store only ciphertext that we cannot decrypt. Until then, all data stays entirely on your device.

Third-party services

Fathom integrates with a small number of external services. Each is used only when you initiate it:

• › Google Gmail API — read-only email access for bank alert and e-receipt parsing. Google's privacy policy applies to the OAuth connection.
• › Microsoft Graph API — read-only Outlook email access for the same purpose. Microsoft's privacy policy applies.
• › OpenRouter (optional) — cloud AI inference. Only used if you explicitly connect it in Settings. OpenRouter's privacy policy applies to queries you send.
• › Apple / Google — app distribution and future subscription billing only. We receive confirmation of payment status, not payment details.

What we never do

• ✕ Sell ads or show advertising
• ✕ Share data with brokers or third parties
• ✕ Track your behaviour or build profiles
• ✕ Monetize your financial data in any way
• ✕ Fingerprint your device or collect device identifiers
• ✕ Sell, rent, or trade your personal information

Data retention

Your financial data lives on your device for as long as you keep it. There are no cloud backups unless you opt into cloud sync in the future. Audit logs (which record what actions were taken, not your financial data) are retained locally for 2 years.

Your rights under PIPEDA

Under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to:

• › Access any personal information we hold about you
• › Request correction of inaccurate information
• › Request deletion of your data
• › Withdraw consent for data processing at any time
• › Export your data in a portable format (CSV or JSON)

Because Fathom is local-first, your data never reaches us. You can exercise these rights directly in the app via Settings > Privacy, or by contacting us at privacy@getfathom.ca. Deletion requests are processed within 30 days.

Children's privacy

Fathom is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children. If you have concerns, please contact us at privacy@getfathom.ca.

Data breach notification

Because Fathom is local-first, a server breach cannot expose your financial data — it never leaves your device. If we introduce cloud sync in the future and a breach affects that service, we will notify affected users within 72 hours and report the breach to the Office of the Privacy Commissioner of Canada as required by PIPEDA.

This website

This website (getfathom.ca) uses no cookies, no analytics, no tracking scripts, and no third-party resources that track visitors. It is a static site hosted on Cloudflare. Cloudflare may process standard server logs (IP address, request time) under their privacy policy; we do not access these logs.

Launch waitlist

If you join our launch waitlist, we store your email address and preferred language on Cloudflare KV (edge storage). We use this only to send you a confirmation email and to notify you when Fathom launches. We never share your email with third parties. You can unsubscribe at any time via the link in our emails or by emailing privacy@getfathom.ca.

Governing law

This privacy policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein.

Contact

For privacy inquiries, data access requests, or concerns, contact us at privacy@getfathom.ca.