Korin

Privacy Policy

Last updated: March 2026 — Beta version

What data we collect

When you connect your bank via Akahu, Korin retrieves and stores:

Your WhatsApp phone number (used as your account identifier)
Account balances and account metadata (name, type, formatted account number)
Transaction history (amount, date, merchant, category)
Your conversation messages with the AI assistant
Goals and preferences you set within the app

What we do not collect

Your bank login credentials — we never see or store these
Your full account number — shown redacted only
Payment card details
Any biometric data

How we use your data

Your data is used solely to power the Korin assistant — to answer your questions, generate spending summaries, track goals, and send proactive nudges. We do not sell your data to third parties. We do not use your data for advertising.

Third-party processors

Korin relies on the following third-party services to operate:

Akahu

Bank data provider — provides read-only access to your bank accounts

OpenAI

AI assistant — your messages and financial context are sent to OpenAI to generate responses

Meta (WhatsApp)

Messaging — used to deliver assistant responses and one-time login codes

Data retention

Your data is retained while your account is active. You can request full deletion at any time from the Permissions page in the dashboard. We process deletion requests within 24 hrs and confirm via WhatsApp.

Security

Your bank access token is encrypted at rest using AES-256-GCM. Dashboard sessions use short-lived JWT tokens stored in httpOnly cookies. We use HTTPS for all communications.

Your rights

You have the right to access, correct, and delete your data. To exercise these rights, use the Permissions page in the dashboard or contact us at hello@korin.nz.

Contact

For any privacy questions or concerns, email hello@korin.nz.