Privacy Policy

Last updated: May 2026

1. Introduction

PocketSpend ("we", "our", "us") is operated by ONXYN, Birmingham, UK. This policy explains how we handle information when you use our app. We are committed to protecting your privacy and ensuring you have a positive experience using our budget tracking services.

2. Information We Collect

Financial Data

All budget data (transactions, categories, goals, wallets) is synced to secure cloud storage powered by Supabase (EU-based servers) and encrypted with AES-256. Your data is accessible only to you through your account.

Purchase Information

If you subscribe to Premium or Starter, payment is processed entirely by Apple (App Store) or Google (Google Play). We receive a confirmation of your subscription status through RevenueCat (our subscription management provider) but never receive your payment details, card numbers, or billing address.

Analytics

We collect anonymous, non-personally-identifiable usage analytics (feature usage counts, retention milestones) to improve the app experience.

Device Information

We generate a random device identifier for transaction ID generation. This is not linked to your identity.

Notifications

If you enable bill reminders, notification permissions are used to deliver notifications on your device.

3. Information We Do NOT Collect

  • We do not collect your name, email address, phone number, or any personal identifiers
  • We do not access or store bank account information
  • We do not track your location (expo-location is included as a framework dependency but is not actively used)
  • We do not use advertising SDKs or sell data to third parties
  • We do not use cookies or web tracking technologies

4. Third-Party Services & Data Processors

Supabase (Cloud Database): Stores your synced financial data on EU-based servers with AES-256 encryption. Their privacy policy: https://supabase.com/privacy

RevenueCat: Manages subscription status. Their privacy policy: https://www.revenuecat.com/privacy

Apple App Store / Google Play: Handles payment processing. Subject to their respective privacy policies.

No other third-party services receive your data.

5. Data Storage & Security

  • All financial data is synced to secure cloud storage (Supabase, EU-based servers)
  • Data is encrypted with AES-256 both in transit and at rest
  • Passcode protection available with SHA-256 hashing
  • Backup/export data can be generated and shared through your chosen method (messaging, email, etc.)

6. Data Retention & Deletion

Your data is stored securely on our cloud servers. You can delete your account and all associated data at any time by following the instructions at /delete-account. Upon deletion, all data is permanently removed from our servers within 24 hours.

7. Children's Privacy

PocketSpend is not directed at children under 13. We do not knowingly collect information from children.

8. International Users & Data Controller

Your data is stored on EU-based servers (Supabase). The app complies with GDPR, UK GDPR, and other international privacy regulations.

Data Controller: ONXYN, Birmingham, United Kingdom
Contact: [email protected]

9. Your Rights (GDPR/UK GDPR)

  • Right to access: All your data is visible within the app
  • Right to deletion: Delete the app to remove all data, or use in-app features to delete individual transactions
  • Right to portability: Use the Export feature to download all your data as JSON or CSV
  • Right to object: No data processing occurs on our servers

10. Changes to This Policy

We will update this page if our practices change. Continued use of the app after changes constitutes acceptance.

11. Contact Us

Email: [email protected]
Website: https://pocketspend.cloud
Data Controller: ONXYN, Birmingham, United Kingdom