← MarginDeck

Privacy Policy

Last updated: 2026-06-21. This is a plain-language summary of how MarginDeck handles your data. If anything here is unclear, contact us at fiveupclub@proton.me.

1. Core principle: local-first

MarginDeck is a macOS app. Your business data — products, costs, revenue, allocations, and computed results — is stored on your device. We do not run a server that stores your business data.

2. What leaves your device, and when

• Exchange rates: we request public historical exchange rates from a public FX service. No personal or financial data is sent.
• RevenueCat (optional): if you connect RevenueCat, authorization uses OAuth 2.0 with PKCE initiated on your device. Tokens are stored in your macOS Keychain, and revenue data is fetched directly from your device to RevenueCat. It does not pass through or get stored on our infrastructure.
• Stripe (optional, public release): if you connect Stripe via OAuth, authorization credentials are stored by a controlled cloud service. During sync, Stripe data passes through a backend proxy to your device but is not stored long-term. If you instead use CSV import or a read-only restricted key, no data passes through our service.
• AI insights (future, off by default): not part of the current product. If introduced, any cloud AI would be opt-in and clearly disclosed.

3. What we store on our backend (only for Stripe OAuth)

When you connect Stripe via OAuth, our controlled service stores only what is required to maintain the connection: an account identifier, encrypted access/refresh tokens, a sync cursor, and minimal technical logs. We do not log tokens, authorization codes, full API responses, or your customers' personal information.

4. Customer PII (accurate wording)

MarginDeck does not intentionally retain your customers' personal information. When Stripe sync is used, Stripe API responses (charges, invoices, customers, refunds) may contain customer or order fields while passing through the synchronization proxy; these fields are minimized, redacted from logs, and not stored long-term. We do not collect analytics that identify you without disclosure.

5. The website & this waitlist

If you submit the waitlist form, we collect your email address to send occasional product updates. We may use a third-party form or email provider to process and store it. You can unsubscribe at any time, and you can ask us to delete your email by contacting us. We link to this policy next to the form.

6. Interviews & free teardowns (research)

If you take part in a user interview or a free profit teardown:

• Recordings: we only record with your consent, use recordings solely to organize our own notes, and delete them within 90 days unless you agree otherwise.
• Teardown data: we ask only for anonymized, aggregated cost and revenue figures — never customer names, emails, order details, or API keys. We use them only to produce your analysis and to validate our calculation method, and we delete them on request. Any public use requires your renewed, explicit consent and full anonymization.
• Email: messages you send us are kept only as long as needed to follow up.

7. Retention & deletion

Local data lives on your device until you delete it. Waitlist emails are kept until you unsubscribe or request deletion. Interview recordings: deleted within 90 days. Teardown data: deleted on request. For Stripe OAuth connections, you can disconnect at any time, which deletes the stored tokens and connection record from our service. Technical logs are retained for a limited period (target: 30 days) only as needed to operate and secure the service. To access, correct, or delete your data, email us (below).

8. Security

Credentials on your device are stored in the macOS Keychain. Backend storage (Stripe OAuth only) uses row-level access controls, encryption of tokens, and redacted logging.

9. Third parties

Depending on what you use: a form/email provider (waitlist), and — when you connect them — RevenueCat, Stripe, and a public exchange-rate provider. Each is used solely to provide the functionality you enable.

10. Changes

We will update this page if our practices change, and note the date above.

11. Contact

fiveupclub@proton.me