Monk PortfolioDocs
HomeOpen App
Privacy

Privacy

Most portfolio apps know everything about you: your holdings, your account balances, sometimes your broker credentials. Monk Portfolio is designed to know as close to nothing as software can. This page is about what we see, not the broader legal policy — for that, see the privacy policy.

What we collect

Your encrypted blob (only if sync is on)

When sync & encryption is enabled, your portfolio becomes opaque ciphertext that our server stores alongside a non-secret salt. It is unreadable to us — see Sync for the full mechanics.

Ticker symbols for pricing

To draw charts and compute returns, your device asks our pricing proxy for quotes. The proxy receives a list of ticker symbols (e.g. AAPL, BTC) and forwards them to a third-party pricing API. The request contains no quantities, no dollar amounts, no account identity — just the symbols you're currently looking at. We do not store identity with pricing requests.

AI prompts (only when you use AI features)

AI chat, AI portfolio evaluation, Monk Insights, and AI-powered screenshot import are optional. If you opt in and use them, a curated slice of data is sent to OpenAI for inference. The exact slice is listed in AI & Data Sharing. Consent is enforced both in the app and at the server, so if you never grant it, no data is ever sent to OpenAI.

Anonymous server-side pulse (always on)

Once per session the app sends a single ping to our own server. The ping's only content is the platform, and the server stores only:

  • The date
  • The platform (web or ios)
  • A coarse country derived from the edge request header

No session id, no user agent, no IP, no referrer. This lets us see that the app is being used without learning anything about any individual user. It does not require consent.

Consented usage events (your choice on the first screen)

On your very first screen we show a clearly labelled checkbox next to “Get started.” You can leave it on, untick it, or flip it any time in Settings. If usage events are on, the app sends a short event name (like “Add Asset Succeeded”) with coarse device, platform, and country context — never holdings, dollar amounts, or identifiers. The full field list lives in the privacy policy.

Why this stays out of Apple ATT scope

First-party analytics only — no ad networks, no cross-app tracking.

What we don't collect

  • No account. No signup, no email or password to use the app. (If you ever write in through the optional Contact Us form, you can include an email so we can reply — entirely your choice.)
  • No phone number, Apple ID, or payment info.
  • No cookies. Not strictly necessary, not functional, not marketing. Nothing.
  • No IP-based identity. Access logs are short-lived operational data only.
  • No third-party trackers. No ad SDKs, no social widgets, no embedded analytics.
  • No broker credentials. Monk never asks for your brokerage login. You import by screenshot or by typing.

Privacy-mode inside the app

You can toggle a local privacy mode that masks dollar amounts in the UI and hides value-based chart modes. It's purely visual — for showing someone your allocation without showing them your balance. This is a client-side display preference; no other user ever sees it.

What shows up on disk and in the network tab

You can verify most of the above without taking our word for it:

  • Open your browser's DevTools Application tab: with encryption on, the IndexedDB records under the app origin are ciphertext, not readable portfolio data.
  • Watch the Network tab: every outbound request goes to our own domain — no ad networks, social platforms, or analytics vendors.
The legal policy
This page is an engineering explanation. For the short, plain-English policy you'd typically see linked at the bottom of a website, visit the Privacy Policy.
Last updated May 30, 2026