Last updated: July 3, 2026
Dutch Defend is privacy-first and local-first by design. Core planning data lives on your device. This policy explains what stays local, what leaves your device when you choose to export or share, what APIs are called for reference data, and how consent works for monetization features.
Core planning data is stored locally on your device. Sensitive values use encrypted secure storage; non-sensitive preferences use standard app storage.
Encrypted secure storage holds:
Standard app storage holds:
Demo Mode: When you run Dutch Defend in Demo Mode, none of your real financial inputs are used. Demo Mode calculations are based on a pre-built synthetic profile and are not linked to your data.
Dutch Defend includes two opt-in sharing features. Both use the operating system share sheet only — nothing is uploaded to Dutch Defend servers.
Calendar Export: When you tap Export Key Dates, the app generates a plain-text list of your upcoming financial milestones. You select which events to include, then share via the OS share sheet. Dutch Defend does not write events directly to your calendar, does not read your existing calendar contents, and does not require calendar permission.
Shareable Defense Summary: When you choose to share your Defense Summary, the app generates a text snapshot of your planning position. You see a preview before any share action fires. Once you share, the exported text is outside Dutch Defend's control. You are responsible for where you send or store it.
We fetch public reference data for app behavior. These calls do not include your full financial profile:
Some monetization features use backend events and partner integrations. These are controlled by feature flags and your consent choices:
You can disable or withdraw consent in app settings at any time. If consent is off, monetization tracking and lead/contact flows are blocked by design.
If you contact Dutch Defend through the website contact or support form, your message is processed by Formspree (formspree.io), a third-party form provider. The information you choose to include in the message is used only to respond to your request. Please do not include sensitive financial, tax, visa, passport, BSN, bank, salary, or residence-permit documents in support messages. This is separate from app profile data, which remains on your device by default and is not sent through the contact form.
Depending on enabled features, we may use:
These services may process limited operational metadata under their own privacy terms.
Local app data can be deleted with in-app reset controls. Monetization event, lead, and order data retained on backend systems follows operational retention windows documented in release and compliance materials. You may request data deletion through support channels.
We may update this policy when features, processors, or legal obligations change. Updates are posted on this page with a new “Last updated” date.
If you have privacy concerns, please open an issue on GitHub or contact us through the app or via the support page.