跳到主内容

Last updated:2026-06-20

Privacy Policy

SafeToSpend (“the app”, “we”, “us”) helps people with uneven income smooth their volatile earnings into a steady virtual paycheck and tells you how much you can safely spend today. This policy explains what we collect, why, and how you stay in control of your data. We do not connect to your bank, we do not show third-party ads, we do not track you across other apps or websites, and we never sell your data.

Our privacy principles

  • No bank connection. The app does not connect to any bank, credit card, or account-aggregation service. Every entry is added by you — by hand or by snapping/forwarding a receipt.
  • Local-first. Cash-flow calculations (buffer pool, safe-to-spend, virtual paycheck) run on your device and work without a network connection.

Information we collect

  • Account email. When you sign in with Sign in with Apple or Google, we receive your email address, used solely to create and authenticate your account. With Sign in with Apple you may choose to hide your real email and use Apple’s relay address.
  • The financial data you enter. The income, expenses, target salary, fixed expenses, buffer pool, and virtual paycheck records you enter are stored in our backend (Supabase) so the app can save and keep this data under your account. This data is strictly isolated with row-level security (RLS) and accessible only to you.
  • Subscription status. Whether you are a Pro subscriber is managed by RevenueCat (see “Subscriptions” below).

How we use this information

  • To authenticate you and keep your account secure.
  • To provide core features: saving and displaying your ledger, buffer pool, and virtual paycheck history.
  • We never use your financial data for advertising or cross-app tracking, and we never sell it to anyone.

AI features and data processing (important)

The app includes two optional AI features: the AI cash-flow coach (plain-language explanations of your numbers and general budgeting tips) and receipt OCR (automatic recognition of the amount and date on a receipt).

  • Consent before first use. Before you use any AI feature for the first time, the app explicitly asks for your consent in-app. Without consent, no data is sent to any AI.
  • What is sent. When you use the AI coach, the cash-flow data relevant to your question (e.g. safe-to-spend, buffer balance, a summary of recent entries) is sent to generate the explanation. When you use receipt OCR, the receipt image you capture/select is sent to recognize the amount and date.
  • How it is handled. This data is forwarded through our self-hosted server-side AI gateway to an AI model, used only to produce the explanation or recognition result you explicitly requested. Processing is transient — it is not used to train models, and original receipt images are not retained long-term. The client app holds no AI model keys.
  • Nature of AI content. AI coach answers are general information and do not constitute financial, investment, or tax advice; every answer carries this disclaimer.

Subscriptions

Subscriptions are completed via Apple In-App Purchase / Google Play billing, with status managed by RevenueCat. We do not receive or store your payment card details — those are handled entirely by Apple / Google.

Data sharing

We share data only with the infrastructure providers required to run the app:

  • Supabase — account authentication and storage of your financial data.
  • Our self-hosted AI gateway — forwards relevant data to generate results, only when you use an AI feature and have consented.
  • RevenueCat — manages your subscription status.

We do not share data with ad or tracking networks, do not integrate any third-party analytics or advertising SDK, and do not sell your data.

Data retention and deletion

  • While your account is active, we retain the financial data you enter so you can review it anytime.
  • You can delete your account at any time in the app (Settings → Account → Delete account). This permanently and irreversibly removes your account and cascades to delete all associated data — your entries, buffer pool, virtual paycheck history, fixed expenses, and target settings.

Data security

Data is transmitted between your device and our backend over industry-standard encrypted transport (TLS/SSL) and stored on Supabase with row-level security so that only you can access it.

Children

SafeToSpend is not directed to children under 13, and we do not knowingly collect their personal information.

Changes to this policy

For material changes, we will update this page and the “Last updated” date above, and notify you in-app.

Contact us

Questions about privacy? Email us at support@sanva.tk.

For questions about this document, contact support@sanva.tk.