Privacy Policy for Spendly Link to heading

Effective Date: December 23, 2025

This Privacy Policy (“Policy”) governs the collection, use, and disclosure of information by Spendly (the “Application”, “App”, “we”, “us”, or “our”). By installing, accessing, or using the Application, you (“User”, “you”, or “your”) acknowledge that you have read, understood, and agree to be bound by the terms of this Policy.

Spendly is designed and operated as a strictly offline application. We do not collect, transmit, process, or store any personal or financial data on external servers or third-party systems.

1. Information We Do Not Collect Link to heading

1.1. Personal Financial Data
The Application does not collect, transmit, store, or sell any personally identifiable information or financial data to any external servers, third parties, or cloud services. All transaction records, expense entries, income data, budget configurations, account details, and category information entered by the User remain stored exclusively on the User’s device in local internal storage.

1.2. No Network Transmission
The Application does not request or utilize the android.permission.INTERNET permission for its functionality. This architectural design ensures that User data cannot be transmitted off-device through the Application under normal operating conditions.

1.3. On-Device Processing
The Application may employ on-device artificial intelligence (AI) and machine learning models to provide features including, but not limited to, automatic transaction categorization, spending pattern analysis, and financial insights. All such processing occurs locally on the User’s device. No data is transmitted to external servers for processing, model training, or analytical purposes.

2. Third-Party Services and Distribution Link to heading

2.1. Google Play Store
The Application is distributed through the Google Play Store, a platform operated by Google LLC. Google Play Services may collect certain aggregate, anonymized telemetry data, including but not limited to: application crash reports, installation metrics, device specifications, and operating system versions. Such data collection is governed exclusively by Google’s Privacy Policy and is not controlled by or accessible to the Application developers. This telemetry data is not correlated with, derived from, or linked to any User financial data entered within the Application.

2.2. Third-Party Privacy Policies
Users are advised to review the privacy policies of third-party services:

3. Device Permissions Link to heading

To deliver functionality, the Application requests certain device permissions. All permissions are utilized exclusively for the stated purposes and do not result in data transmission off-device:

3.1. SMS (Read SMS Messages)

  • Permission: android.permission.READ_SMS and android.permission.RECEIVE_SMS
  • Purpose: To enable automatic detection and parsing of transactional SMS messages received from Indian financial institutions, including banks and Unified Payments Interface (UPI) service providers.
  • Data Processing: SMS content is processed locally on-device to extract transaction details (amount, merchant, date/time). No SMS message content is transmitted to external servers or third parties.
  • User Control: This permission can be revoked at any time through device settings. Revoking this permission will disable automatic SMS transaction detection.

3.2. Camera

  • Permission: android.permission.CAMERA
  • Purpose: To enable capturing receipt images for attachment to transactions.
  • Data Processing: Captured images are stored locally on the device. No images are transmitted to external servers.
  • User Control: This permission is requested only when the receipt capture feature is used and can be revoked through device settings.

3.3. Notifications

  • Permission: android.permission.POST_NOTIFICATIONS
  • Purpose: To deliver local notifications for budget alerts, recurring transaction reminders, and expense logging prompts.
  • Data Processing: All notifications are generated locally by the Application. No notification content is transmitted to or generated by external servers.
  • User Control: This permission can be managed through device settings.

3.4. Storage Access

  • Permission: Storage access permissions (as applicable to device Android version)
  • Purpose: To enable export and import of transaction data in CSV/JSON formats, and to attach receipt images to transactions.
  • Data Processing: All file operations occur locally. No files are uploaded to external servers.
  • User Control: This permission is requested only when export/import or receipt attachment features are used.

4. Data Retention and Deletion Link to heading

4.1. No Server-Side Storage
As the Application does not transmit or store User data on external servers, we do not have access to, nor the ability to delete, User data remotely.

4.2. User Control
Users maintain complete control over all data generated within the Application:

  • Retention: Data persists on the User’s device for the duration of the Application installation and includes all transaction records, accounts, budgets, categories, receipts, and settings.
  • Deletion: Uninstalling the Application or clearing application data through device settings will permanently delete all locally stored data.
  • Backup Responsibility: Users are solely responsible for creating and maintaining backups of their data prior to deletion. We recommend utilizing the Application’s export functionality to create periodic backups.

5. Children’s Privacy Link to heading

The Application does not knowingly collect personally identifiable information from individuals under the age of thirteen (13) years. Given that the Application operates entirely offline and does not transmit data to external servers, it does not collect personal information from users of any age. The Application is not directed toward children and is designed for adult users managing personal finances.

6. Data Security Link to heading

While the Application does not transmit data externally, we implement reasonable security measures to protect locally stored data:

  • All sensitive financial data is stored in encrypted form using industry-standard encryption protocols.
  • Optional biometric authentication (fingerprint/face recognition) can be enabled to restrict unauthorized access to the Application.
  • Users are responsible for maintaining the physical security of their devices.

7. Modifications to This Policy Link to heading

We reserve the right to modify, amend, or update this Privacy Policy at any time and for any reason. Material changes to this Policy will be communicated through:

  • Updates to this page with a revised “Effective Date”
  • In-application notifications (where applicable)
  • Release notes accompanying Application updates

Continued use of the Application following the posting of changes constitutes acceptance of such changes. Users are advised to review this Policy periodically.

8. Governing Law and Jurisdiction Link to heading

This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising from or relating to this Policy or the Application shall be subject to the exclusive jurisdiction of the courts located in India.

9. Contact Information Link to heading

For questions, concerns, or requests regarding this Privacy Policy or data handling practices, please contact us at:

Email: privacy@spendly.co.in

We will make reasonable efforts to respond to inquiries within thirty (30) days of receipt.