Your financial data is yours. It never leaves your browser — we have no access to it.
Effective: 21 March 2026 · portfolioiq.au
Portfolio IQ (portfolioiq.au) is a personal finance tool for tracking capital gains, dividends, and investment holdings. It is operated as an independent application.
This policy explains what information is collected when you use the app, where it lives, and how it is used.
We collect the absolute minimum required to provide the service.
| Data | Where it lives | We can see it? |
|---|---|---|
| Your password | Google / Yahoo servers only | ✓ Never |
| OAuth tokens | Firebase Auth servers | ✓ Never |
| User identifier (UID) | Firebase Auth console | UIDs only |
| Email address | Firebase Auth console | If provided via OAuth |
| Portfolio / CSV data | Your browser (RAM only) | ✓ Never |
| Calculation results | Your browser (RAM only) | ✓ Never |
| Preferences (method, currency) | Your browser (localStorage) | ✓ Never |
Key point: Your portfolio files and transaction data are loaded directly into your browser's memory. They are processed entirely on your device. No portfolio data is ever transmitted to any server — ours or anyone else's.
Authentication is handled entirely by Google or Yahoo via OAuth 2.0 — the same sign-in standard used by millions of apps. When you click "Sign in with Google", your browser talks directly to Google's servers. We never see or handle your password.
Firebase Authentication (by Google) is used to verify your identity and issue a secure session token. This token allows the app to confirm you are logged in, and nothing more.
You can verify this yourself: open browser DevTools → Network tab → sign in. You will see traffic to accounts.google.com and identitytoolkit.googleapis.com — not to our own server.
Portfolio IQ uses the following external services to function. Each has its own privacy policy.
| Service | Purpose | Data shared |
|---|---|---|
| Firebase Auth (Google) | User authentication | Email, UID (via OAuth) |
| Yahoo Finance API | Live market prices | Ticker symbols only |
| Frankfurter API | Currency exchange rates | Currency codes only |
| Google Fonts | Typography | Standard browser request |
| cdnjs (Cloudflare) | JavaScript libraries | Standard browser request |
No portfolio data, transaction history, or personal financial information is shared with any of these services.
Portfolio IQ uses browser localStorage to remember your preferences (e.g. cost basis method, display currency, theme). This data stays on your device and is never transmitted anywhere.
We do not use tracking cookies, advertising cookies, or analytics of any kind.
Since your portfolio data only exists in your browser's memory, it is automatically cleared when you close the tab or sign out. Nothing persists on our servers.
Your Firebase Auth record (email and UID) is retained as long as your account exists. To request deletion of your authentication record, contact us at the address below and we will remove it from the Firebase console within 30 days.
This app is operated from Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Given the minimal personal data collected (email and UID only, via OAuth), and the local-only nature of all financial data, no sensitive personal information as defined by the APPs is collected or processed by this application.
If this policy changes materially, the effective date at the top of this page will be updated. Continued use of the app after such changes constitutes acceptance of the revised policy.
Reach out at privacy@portfolioiq.au. For account deletion requests, please include "Delete my account" in the subject line.