Privacy Policy

Last updated: April 24, 2026

This Privacy Policy explains what information PennyWise ("we", "us", the "app") collects, how we use it, and the choices you have. By using PennyWise, you agree to the practices described below.

1. Information We Collect

• Email address — for account creation, sign-in, and important service notifications.
• Expense data — amounts, categories, notes, tags, locations you enter manually or import.
• Bank connection metadata — account names, balances, transaction history fetched from bank APIs you authorise.
• Device information — anonymous crash reports and analytics to detect bugs.
• Usage patterns — which features you open, to prioritise improvements.

2. How We Use Your Data

• Provide and maintain the PennyWise service.
• Improve expense categorization accuracy.
• Generate personalised spending insights and reports.
• Send important service notifications.

We never sell your personal data to third parties.

3. Data Storage and Security

Your data is stored in Supabase cloud infrastructure with row-level security so only you can access your rows. All data is encrypted at rest and in transit. Bank connections use 256-bit encryption through certified banking APIs. We never store your banking passwords — only a scoped read-only token your bank issued.

4. Third-Party Services

PennyWise integrates with:

• Supabase — authentication and database hosting.
• Salt Edge — bank account connections for EU and global banks.
• Plaid — bank connections for US banks.
• Monobank API — direct integration with Monobank accounts.
• Google Gemini — AI-powered receipt scanning and expense parsing.
• Sentry — anonymous crash reporting.
• Apple StoreKit — subscription management.

Each service has its own privacy policy. We share only the minimum data necessary for each integration to function.

5. Your Rights

• Export all your expense data at any time (CSV).
• Delete your account and all associated data from Settings.
• Opt out of AI-powered features.
• Disconnect bank accounts and remove stored connection data.
• Request a copy of all data we hold about you — email us.

6. Data Retention

Your personal data is kept for as long as your account is active. When you delete your account, all personal data is permanently removed within 30 days. We may retain anonymized, aggregated analytics data that cannot be linked back to you.

7. Children's Privacy

PennyWise is not intended for use by children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Continued use of PennyWise after changes constitutes acceptance of the updated policy.

9. Contact

For questions or concerns about this Privacy Policy or your data, contact us at pennywiseappsupport@gmail.com.