B
Butter
Privacy policy

Your statements are never stored.
Never sold.

Butter is built on a simple principle: your financial information is yours. We never store your statements, and analysis runs on your device whenever possible.

Last updated: July 11, 2026

What we never do

Sell or share your financial data with third parties
Upload or store your bank statement files
Read, store, or transmit your card numbers or CVVs
Track your browsing history across sites
Show you ads or share data with advertisers
Keep your statement text after returning your result

The Chrome extension

What it accesses

Butter reads the visible text of checkout pages you visit — only to detect if you're on a checkout page and estimate the purchase amount. This analysis happens entirely in your browser. No page content is sent anywhere.

What it stores

Your card wallet — a list of card product names you own — is stored in Chrome's encrypted sync storage. This is never card numbers, CVVs, or account details. Chrome encrypts this data and syncs it only between your own signed-in devices.

Affiliate links

When you click Apply, we may receive a referral fee if you're approved, including through partner networks. This never influences our recommendations, which are based purely on your spending data and publicly available earn rates. Butter provides information and tools, not financial advice — always confirm card details with the issuer before applying.

The website

Interactive demo

The reward calculator on our homepage runs entirely in your browser. No data is sent to any server at any point.

Statement analysis

When you upload a bank statement at /analyse, we never store the file or your statement data on our servers — processing is stateless and nothing is retained after your result is returned. Our fast local analysis runs entirely in your browser, and the file never leaves your device. If you choose AI-assisted analysis, the extracted statement text is sent to our processing endpoint and on to our AI provider (Google Gemini) solely to return your result. Before it leaves your device we strip card numbers, account numbers, postal codes, and phone numbers — but this stripping does not remove names or merchant details, so text sent to the AI provider may include your name as printed on the statement. For image-based or scanned PDFs that contain no readable text, we ask for your explicit permission before sending images of the statement pages to the AI provider for reading, since identifiers cannot be stripped from images beforehand. We use Google's paid Gemini API tier: under Google's API terms, your statement data is not used to train Google's models and is retained by Google only temporarily for abuse monitoring. Nothing is stored by us, and the original file is cleared from your browser's memory when you close the page.

Analytics

We may use minimal, privacy-respecting analytics (no cookies, no personal identifiers) to understand site traffic. We do not use Google Analytics.

Chrome permissions explained

storage

Saves your card wallet (product names only, never card numbers) in Chrome's encrypted sync storage — available only on your own signed-in devices.

activeTab

Reads the visible text of checkout pages to detect whether you're on a payment page and estimate the purchase total. Analysis runs locally.

tabs

Opens card application pages in a new tab when you click an Apply button.

notifications

Sends optional alerts about upcoming welcome bonus deadlines. Only fires if you have an active bonus tracked.

Questions?

Email us at privacy@butter.ca. We respond to all privacy inquiries within 48 hours.