Privacy policy
Last updated: July 2026
Draft — pending counsel review before public launch1. What Spendkin is
Spendkin is a personal finance app that turns transaction alerts you already receive — app notifications, text messages, emails, and receipts — into a private record of your spending. It is built around one principle: capture, don’t connect. We never ask for, store, or transmit your bank credentials, and there is no bank linking.
2. Information we collect
- Account: your email address, used to sign you in.
- Transactions: the entries you record and the ones created from captures.
- Captured text: the text of alerts, messages, or receipts you send us through a capture channel you explicitly enabled.
We do not collect your contacts, location, browsing history, or photo library. Receipt images are processed on your device; only extracted text reaches our servers.
3. Capture channels are opt-in, individually
- Notification capture (Android): reads notifications only from the apps you select, after an explicit in-app disclosure and the system permission. Disable any time.
- Text messages (iPhone): forwarded by a Shortcut you install and control, authenticated with a key you can revoke.
- Ingest email: only mail sent to your personal Spendkin address is processed. Rotate the address any time.
- Share & receipts: processed only when you explicitly share content into Spendkin or pick an image; OCR runs on-device.
4. How parsing works
Captured text is converted into a structured transaction by an AI model (Anthropic Claude, under a no-training, zero-retention API configuration). Parse inputs are not logged.
5. Data retention
Raw captured text is deleted as soon as it has been parsed (or when you approve or reject a capture under review). Any remainder is permanently purged within 30 days. One-time sign-in codes expire after 10 minutes; sessions after 90 days. The structured transaction remains until you delete it.
6. Your controls and rights
- Export everything from Settings at any time (JSON + CSV).
- Delete all transactions without closing your account.
- Delete your account in-app; all data is permanently erased after a 72-hour grace period.
- GDPR/CCPA requests: hello@spendkin.com.
7. Third-party processors
Hosting provider, Cloudflare (inbound email routing), Anthropic (parsing; no-training, zero-retention), Google (push delivery; on-device ML Kit OCR on Android), Apple (on-device Vision OCR on iOS), Apple/Google (sign-in and billing), RevenueCat (subscription state). We sell data to no one and run no ads.
8. Security
Data is encrypted in transit; capture endpoints are authenticated per user with revocable keys; untrusted email senders are quarantined for your review so a leaked address can’t forge cleared transactions.
9. Children’s privacy
Spendkin is not directed at children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect their data.
10. Changes to this policy
We’ll post changes here and, for material changes, notify you in the app before they take effect.