1. Information We Collect
Account Information
- Email address
- Display name
- Authentication information provided through Sign in with Apple or Sign in with Google
Financial Data
- Transactions
- Wallet names
- Categories
- Budgets
- Notes
- Related financial records entered by users
Technical Data
- Device type
- Operating system version
- Crash and diagnostic information when available
2. How We Use Your Information
We use information to:
- Operate and maintain the App
- Synchronize data across devices
- Provide subscription functionality
- Enable shared wallets
- Respond to support requests
- Improve reliability and security
We do not sell, rent, trade, or monetize personal financial information.
We do not send marketing emails, newsletters, or promotional communications. Communications are limited to support responses, account notices, service announcements, and legally required notifications.
3. Shared Wallets
When participating in a shared wallet:
- Authorized members can view wallet transactions and related records.
- Your display name may be visible to wallet participants.
- Deleting your account removes your contributed records from shared wallets.
4. Data Storage, Transfers & Security
Spent uses Supabase as its cloud infrastructure provider for authentication, database storage, synchronization, and related services.
Data is hosted in the United States (East US region). Users accessing the App from other countries consent to the transfer and processing of information in the United States.
We use industry-standard safeguards including encrypted HTTPS/TLS transmission.
No method of storage or transmission can be guaranteed to be completely secure.
Notifications: We may send transactional notifications relating to wallet resets, reminders, subscriptions, shared wallet events, and account activity. Notification preferences may be managed through device settings.
5. Data Retention & Deletion
We retain personal information while accounts remain active and as reasonably necessary to provide App services.
When a verified deletion request is received:
- Personal information and User Content are removed from active systems within 30 days.
- Transactions and records created by the user within shared wallets are removed.
- Shared wallet balances and reports may change following removal.
- Limited encrypted backup copies may remain for up to an additional 30 days before automatic deletion.
6. Third-Party Services
| Service | Purpose | Privacy Policy |
|---|---|---|
| RevenueCat | Subscription entitlement management, purchase validation, and subscription analytics | https://www.revenuecat.com/privacy |
| Supabase | Authentication, cloud storage, database services, and synchronization | https://supabase.com/privacy |
| Apple Sign In | Authentication | https://www.apple.com/legal/privacy/ |
| Google Sign In | Authentication | https://policies.google.com/privacy |
7. Children's Privacy
Spent is not intended for children under 13 years of age. If we learn that information has been collected from a child under 13, we will take reasonable steps to delete it.
8. Privacy Rights (GDPR / Costa Rica Law 8968)
Depending on your jurisdiction, you may have the right to:
- Access your information
- Correct inaccurate information
- Request deletion of your information
- Request data portability
Eligible financial records may also be exported directly from the App in CSV format.
To exercise these rights, contact: hola@spentapp.co
9. Privacy Policy Updates
We may update this Privacy Policy periodically. Material changes may be communicated through the App or by other reasonable means before taking effect.
10. Contact Us
Joseph Murillo
San José, Costa Rica
hola@spentapp.co