Privacy Policy — Spent: Expense Tracker

Spent ("the App") is built with privacy as a core principle. Your financial data never leaves your device. This policy explains what data is and isn't collected, how your information is protected, and your rights as a user.

1. 100% Offline & Local

Your financial data is completely private. All transactions, passbooks, categories, budgets, saving goals, subscriptions, and preferences are stored entirely locally on your device using SQLite. We do not operate servers, and we never collect, transmit, or share your financial data with any third parties.

The only network activity is for:

Displaying ads (free version only, after explicit consent)
Fetching currency exchange rates
Processing in-app purchases via Apple/Google

Data we do NOT collect: Transaction details, account balances, spending patterns, receipt images, clipboard contents, or biometric templates.

2. Legal Basis for Processing

We process data under the following legal bases (GDPR Article 6):

Legitimate Interest: Processing your financial data locally to provide core app functionality (expense tracking, budgets, reports).
Consent: Displaying advertisements via Google AdMob. Ads are only loaded after you explicitly consent during onboarding. You may withdraw consent at any time by upgrading to Premium.
Contract: Processing in-app purchases through Apple App Store or Google Play Store.

3. Camera & Receipt Scanning

Spent allows you to scan receipts using your device camera or by selecting photos from your gallery. This feature requires camera and photo library permissions, which are requested only when you use the receipt scanner.

How it works securely:

Receipt images are processed entirely on-device using Google ML Kit (on-device OCR).
No images or extracted text are uploaded to any server.
Photos are used only to extract transaction details (amount, merchant, date).
Receipt images are not stored permanently — only the extracted data is saved locally after you approve it.

4. Clipboard Feature (Paste & Log)

The "Paste & Log" feature detects bank SMS messages, UPI confirmations, or payment receipts from your clipboard entirely on-device. Clipboard data is:

Processed locally and cleared from memory after detection.
Never transmitted, stored on servers, or shared with third parties.
Fully optional — you can disable it in Settings at any time.

5. Biometric Security

If you enable the Biometric Lock feature, Spent uses your device's native Face ID, Touch ID, or passcode API. The app only receives a "success" or "fail" signal from the operating system and does not have any access to your fingerprint or facial recognition data.

6. Learn Feature

Spent's Learn Hub provides bite-sized financial literacy lessons across 5 progressive levels. All lesson completion progress is tracked locally on your device using SQLite. No lesson data, progress, or usage information is transmitted to any server. Your learning journey remains entirely private.

7. Advertising (Google AdMob)

The free version of Spent displays advertisements provided by Google AdMob, which acts as a data processor. Ads are only loaded after you explicitly consent during onboarding. If you deny consent (including EU/EEA users via the GDPR consent form), no ads are loaded and no ad-related data is collected.

AdMob may collect certain device and usage data to serve ads:

Device identifiers (advertising ID)
IP address
General location (country/region level)
App interaction data (ad views, clicks)
Device information (model, OS version)

This data is collected by Google, not by Spent. We request non-personalized ads only. You can opt out of personalized advertising through your device settings. Premium subscribers enjoy a completely ad-free experience with no third-party data collection.

For more details, see Google's Privacy Policy.

8. Third-Party Services

Spent uses the following third-party services that may process limited data:

Google AdMob: Serves advertisements in the free version. Collects device identifiers and IP addresses per Google's policies. Only active after user consent.
Exchange Rate API: Currency conversion rates are fetched via a Cloudflare Workers proxy. Only the currency pair is transmitted — no personal or financial data. Cloudflare may log your IP address as part of standard request processing.
Apple App Store / Google Play Store: Subscription purchases are validated through platform-native APIs. The developer does not have access to your payment information. These platforms process payment data under their own privacy policies.
Google ML Kit: Used for on-device receipt text recognition. All processing occurs locally — no data is sent to Google.
Firebase Cloud Messaging: Generates Android notification tokens for local push notifications. No financial data is transmitted.

9. Data Security

Your data is protected through multiple layers:

SQLite encryption for local database storage
SHA-256 hashing for duplicate transaction prevention
Expo SecureStore for sensitive settings
On-device processing for all financial data — nothing leaves your phone

10. Data Retention & Deletion

All your data is stored locally on your device and persists until you either:

Use the "Delete All Data" option in Settings to permanently erase all app data
Delete individual transactions, accounts, or categories within the app
Uninstall the app

There is no server-side data to retain or expire.

11. Your Rights (GDPR, CCPA & Global)

You have full control over your data:

Right to Access: Export all your transaction history via CSV or PDF from Settings > Reports & Export.
Right to Erasure: Use "Delete All Data" in Settings to permanently erase all app data, or uninstall the app.
Right to Data Portability: Export your data in CSV format at any time.
Right to Withdraw Consent: You can withdraw ad consent by upgrading to Premium, which stops all ad-related data collection.
Right to Object: Since all data is local, there is no profiling or automated decision-making to object to.

12. Permissions

Permission	Platform	Purpose	When Requested	Where Data Goes
Camera	iOS & Android	Capture receipt photos for OCR scanning	When you tap "Take Photo" in Receipt Scanner	Stays on device — processed locally via ML Kit
Photo Library	iOS & Android	Select receipt images from gallery	When you tap "Choose from Gallery"	Stays on device — never uploaded
Notifications	iOS & Android	Daily reminders, budget alerts, subscription renewals	When you enable reminders in Settings	Local only — no financial data in notifications
Biometrics	iOS & Android	App lock via Face ID / Touch ID / Fingerprint	When you enable Biometric Lock	Handled by OS — app receives only success/fail
Internet	Android	Ad serving (free version) and exchange rate fetching	Automatic	Ads: Google AdMob (after consent). Rates: Cloudflare proxy (currency pair only)

All permissions are requested at runtime — nothing is accessed without your explicit consent.

13. Children's Privacy

Spent is designed for users aged 18 and above. We do not knowingly collect personal data from children under 13 (or 16 in the EEA). If you believe a child has provided data through the app, please contact us.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. Continued use of the App after changes constitutes acceptance. For material changes, we will notify you through App Store/Play Store update notes.

15. Contact Us

For any privacy-related questions, data requests, or concerns, please visit our Contact page.