← Back to FinTracker

Privacy Policy

Last updated:

The short version

  • Your data stays on your device first. Cloud sync is opt-in.
  • Waitlist signups are stored in the EU (Frankfurt) and used only to email you when FinTracker launches.
  • We don’t sell your data, we don’t run ads, and we don’t embed Google or Meta tracking.
  • AI features process the minimum data needed for each task. OpenAI does not use your inputs to train its models.

1. Who we are

Data Controller: Bao Labs LLC, a Wyoming limited liability company, located at 30 N Gould St, Ste N, Sheridan, WY 82801, United States.

Privacy contact: privacy@fintracker.net.

For users in the European Economic Area, United Kingdom, or Switzerland: Bao Labs LLC is the data controller under the General Data Protection Regulation (GDPR) and equivalent regulations. You may exercise your rights of access, rectification, erasure, restriction, portability, and objection by contacting privacy@fintracker.net.

For users in California: under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have rights including the right to know, right to delete, and right to opt out of the sale or sharing of personal information. We do not sell personal information. Contact privacy@fintracker.net to exercise your rights.

2. What this policy covers

This policy explains how we handle personal data in two contexts:

  • Today (waitlist phase): this website and the email waitlist.
  • At app launch: the FinTracker iOS app and any cloud features you choose to enable.

We’ll update this policy before any new processing activity goes live.

3. What we collect on the website today

When you sign up for the waitlist, we collect:

  • Your email address.
  • The timestamp of your consent and the version of this policy you consented to.
  • The source that referred you (e.g. homepage hero form vs. footer form), so we know which channels are working.

We do not set tracking cookies on this website. We do not run analytics today. We do not embed third-party ad pixels.

4. What we will collect in the app (Phase 2 and later)

The FinTracker iOS app is local-first: transactions, notes, and budgets are stored on your device using SwiftData by default.

  • Cloud sync is opt-in. If you enable it, encrypted data is replicated to our Supabase database in Frankfurt.
  • Voice recordings for spoken transactions are processed on-device where possible. When cloud transcription is needed, the audio is sent to OpenAI, transcribed, and discarded — we do not store voice recordings.
  • AI chat messages with Bao are sent to OpenAI to be processed. They are not used by OpenAI to train its models — our API usage operates under OpenAI’s no-training default for API inputs.
  • Subscription status is handled by Apple and RevenueCat. We never see your card data — Apple processes payment.
  • Apple Pay tracking (planned, opt-in): in a future release, iPhone users may optionally enable Apple Pay tracking via Apple’s Shortcuts app. When enabled, an Apple Shortcuts automation forwards transaction details (amount, merchant, date) directly to FinTracker on your device, where they are categorized and stored locally in SwiftData. Bao Labs LLC servers do not see, receive, or store this Apple Pay data. You can disable Apple Pay tracking at any time in your Shortcuts app or in FinTracker Settings. Apple is the data source; FinTracker is the local recipient; no third-party data aggregator is involved.

See the AI Disclaimer for exactly what data leaves your device for each AI feature. We may, in the future, offer additional optional integrations with banks, fintech wallets, or payment services. Any such integration will be opt-in, every data processor involved will be disclosed, and this Privacy Policy will be updated before such an integration ships. You will retain control of which connections (if any) you authorize. As of 2026-05-20, no such third-party financial integrations are active beyond those listed above.

5. What we never collect

  • Bank login credentials, account numbers, or sort codes.
  • Social Security numbers, national identifiers, or government IDs.
  • Your precise or coarse location — FinTracker has no geolocation.
  • Your contacts, calendar, or photos beyond receipts you explicitly attach.
  • Advertising identifiers. We skip the iOS App Tracking Transparency prompt because we do not track you across apps or websites and we do not use the IDFA. Our Apple Privacy Nutrition Label will reflect this — minimal data linked to you, no data used for tracking.

6. How we use what we collect

  • Waitlist email: to send you one launch announcement plus occasional pre-launch updates if you opted in. You can unsubscribe from any email.
  • App data (once launched): to provide the FinTracker service — store transactions, run insights, power Bao chat, and sync across your devices if you’ve enabled cloud sync.
  • Aggregated, de-identified product usage (once analytics ship in a later phase): to understand which features matter and which break. You’ll be able to opt out from inside the app.

We do not sell your data. We do not share it with advertisers. We do not use it to train AI models.

7. Where your data is stored

  • Website waitlist data: Supabase, Frankfurt, Germany (EU).
  • App backend (when live): Supabase, Frankfurt, Germany (EU).
  • Website hosting: Vercel, with global edge delivery for static assets. Form submissions land in the EU.

Some processing happens outside the EEA where strictly necessary:

  • OpenAI (United States) for voice transcription and Bao chat. We rely on the EU Standard Contractual Clauses and OpenAI’s enterprise privacy commitments.
  • Apple and RevenueCat for App Store delivery, payments, and subscription receipts.

8. Third parties we use

  • Supabase — database, auth, and storage. Region: EU (Frankfurt).
  • Vercel — website hosting and edge delivery. Region: global with EU preference for compute.
  • OpenAI — voice transcription and AI chat. Region: US, under SCCs.
  • PostHog (planned, later phase) — product analytics, with an in-app opt-out. Region: EU.
  • Sentry (planned, later phase) — crash reporting with PII scrubbing. Region: EU.
  • RevenueCat — subscription receipt validation. Region: US, under SCCs.
  • Apple — App Store distribution and payment processing. Region: per Apple.

Each provider acts as a data processor on our instructions, with a contract that meets GDPR Article 28 requirements.

9. Your rights under GDPR

If you’re in the EEA or UK, you have the right to:

  • Access the personal data we hold about you.
  • Correct anything inaccurate.
  • Delete your data (the "right to be forgotten").
  • Export your data in a portable format.
  • Object to processing, or restrict it.
  • Withdraw consent at any time — for the waitlist, the unsubscribe link does this immediately.

To exercise any of these rights, email privacy@fintracker.net. We’ll respond within 30 days, free of charge.

You can also lodge a complaint with your local data protection authority. For UK residents, that’s the ICO (ico.org.uk). For EU residents, it’s your national DPA.

10. Children

FinTracker is not intended for users under 16. We do not knowingly collect data from children under 16. Users between 13 and 16 can only use FinTracker with verified parental consent, in line with Apple’s App Store policies and applicable national rules on the minimum age for digital consent.

If you believe a child has signed up to the waitlist, email privacy@fintracker.net and we’ll delete the record.

11. How long we keep your data

  • Waitlist signups: until the launch announcement, then for 90 days, then deleted. If you unsubscribe earlier, your email is deleted within 14 days.
  • App account data: for as long as your account is active. After you delete your account, data is wiped from production within 30 days, and from encrypted backups within the next backup-retention window (currently 30 days).
  • AI conversations: messages are stored on your device. Cloud copies (if sync is enabled) follow the account lifecycle above. OpenAI may retain API content for up to 30 days for abuse monitoring and then deletes it.

12. Security

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • The Supabase database uses Row Level Security — your data is only readable by your authenticated session.
  • No team member has direct production database access without an audit trail.
  • We notify affected users and the relevant DPA of any qualifying breach within 72 hours, per GDPR Article 33.

13. Changes to this policy

We’ll update this page when our practices change and refresh the "last updated" date at the top. For substantive changes, waitlist members will receive an email at least 14 days before the new policy takes effect.

14. Contact

  • Privacy questions and data requests: privacy@fintracker.net
  • Postal: Bao Labs LLC, 30 N Gould St, Ste N, Sheridan, WY 82801, United States
  • Related: Terms of Use · AI Disclaimer