INTRODUCTION
TidyWallet ("TidyWallet," "we," "us," or "our") is a personal-finance, expense, and budget tracking app for iOS and Android. This Privacy Policy explains what information we collect, how we use it, who processes it on our behalf, and the choices and rights you have. By using TidyWallet, you agree to the practices described here.
OUR CORE PRINCIPLE: LOCAL-FIRST
TidyWallet is designed to keep your data on your device by default. If you are on the 7-day free trial, or are otherwise not a paid subscriber, ALL of your financial data — transactions, accounts, goals, budgets, and categories — is stored ONLY on your device. During the trial, none of this financial data is sent to our servers.
WHAT WE COLLECT AND WHEN
Data stored only on your device (trial and non-subscribers): The financial information you enter, including transactions, accounts, savings goals, budgets, and categories. We do not receive or store this information.
Data synced to our cloud (Pro subscribers and their household members only): If you subscribe to Pro, your financial data is synced to our hosted backend so we can provide cloud backup, cross-device sync, and household sharing. This includes the same categories of financial data listed above, plus an account identifier and, for a household member, an email address and password used to establish that member's identity.
Authentication data: For cloud features we use Supabase anonymous sessions. A household member's identity is established using email and password.
Aggregated figures for AI insights (Pro): When you use AI Insights, the app sends only aggregated figures — for example, monthly income and expense totals, savings rate, top spending category, and budget amounts — to generate written insights. Individual transactions and their descriptions are never sent.
Payment information: Subscriptions are sold and processed by the Apple App Store and Google Play through RevenueCat. We never receive or store your card or payment details.
HOW WE USE INFORMATION
We use the information above to: provide the app's core budgeting and tracking features; for Pro subscribers, back up data, synchronize it across devices, and enable household sharing; generate AI-written financial insights from aggregated figures; authenticate your sessions and secure your account; manage subscriptions and entitlements; respond to support requests sent to tidywalletapp@nesqolabs.com; and maintain, troubleshoot, and improve the app.
AI INSIGHTS — AGGREGATE ONLY
AI Insights are available to Pro subscribers. To generate them, the app sends only aggregated summary figures to Anthropic (the Claude API) through our server function. Raw transactions, transaction descriptions, payee names, and similar line-item details never leave your device for this purpose. The insights returned are informational only and are not financial advice.
LEGAL BASES (EEA/UK USERS)
Where the GDPR or UK GDPR applies, we rely on these legal bases: performance of our contract with you, to provide the app and the cloud, sync, household, and AI features you request; our legitimate interests, to secure, maintain, and improve the app and prevent abuse; and your consent, where required, which you may withdraw at any time. For non-subscribers, financial data stays on your device and is not processed by us.
SUBPROCESSORS AND INTERNATIONAL TRANSFERS
We use the following service providers (subprocessors) to operate TidyWallet: Supabase (cloud database, backend, and authentication), Anthropic (AI insights from aggregated figures), RevenueCat (subscription management), and Apple and Google (payment processing).
Our hosted backend (Supabase) runs on servers located in the United States. If you access TidyWallet from outside the United States, your synced data (Pro only) and aggregated AI figures will be processed in the United States. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses for these transfers.
DATA RETENTION
Device data is retained on your device until you delete it or remove the app. For Pro subscribers, cloud data is retained for as long as your account is active. When you delete your account, we permanently remove the account and all associated cloud data. Aggregated figures sent for AI insights are processed to generate a response and are not used to build a profile of you for advertising.
SECURITY
We use industry-standard measures to protect your information, including encryption in transit and access controls on our backend. Your cloud data is associated with your authenticated account. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Protect your device and any household credentials you use.
YOUR PRIVACY RIGHTS
Depending on where you live, you may have the right to access, correct, export, or delete your information, to object to or restrict certain processing, and to withdraw consent.
GDPR (EEA/UK): You may request access, rectification, erasure, portability, and restriction, and you may lodge a complaint with your local supervisory authority.
CCPA/CPRA (California): You may request to know, access, and delete the personal information we hold, and to correct it. We do NOT sell your personal information, and we do NOT share it for cross-context behavioral advertising. We will not discriminate against you for exercising your rights.
You can export or delete most data directly in the app. For Pro accounts, in-app account deletion permanently removes your account and all cloud data. To make any other request, contact us at tidywalletapp@nesqolabs.com. We may need to verify your identity before acting on a request.
ACCOUNT DELETION
TidyWallet provides in-app account deletion. Deleting your account permanently removes the account and all of its cloud data from our backend. Data stored only on your device is removed when you delete it in the app or uninstall the app.
NO ADVERTISING OR CROSS-APP TRACKING
TidyWallet does not use third-party advertising or cross-app tracking SDKs, and it does not show ads. We do not sell your data.
CHILDREN'S PRIVACY
TidyWallet is not directed to children under 13 (or under 16 in the European Union) and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us at tidywalletapp@nesqolabs.com and we will delete it.
CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, where appropriate, notify you in the app. Your continued use of TidyWallet after an update means you accept the revised policy.
CONTACT US
Questions or requests about this Privacy Policy can be sent to: tidywalletapp@nesqolabs.com.