Spends — Privacy Policy

Last updated: 13 May 2026

Short version: Spends is a fully offline personal finance app. We collect no personal data, send nothing over the network, and store your financial information only on your own device — encrypted with your PIN.

What the app does NOT do

The app has no INTERNET permission. It cannot make network requests. You can verify this in Settings → Apps → Spends → Permissions.
We do not operate any server that receives your data.
We do not use analytics, telemetry, advertising IDs, or crash reporting.
We do not share, sell, or transmit any user data to any third party.
We do not require an account, email address, or sign-up.

What the app stores on your device

Bank account names, credit card last-4 digits, and account types you add manually
Transactions imported from statements you upload (date, amount, description, merchant, category)
Your PIN, hashed using PBKDF2-SHA256 with a per-device salt
Your categorization rules and custom category preferences

All of the above is stored in a single SQLite database file encrypted with AES-256 (SQLCipher). The encryption key is derived from your PIN and is never written to disk in plain text. The database file lives at /data/data/in.spends/files/ on your device, accessible only to the app itself.

Permissions the app requests

USE_BIOMETRIC — to unlock the app with your fingerprint, if you enable it. Biometric data never leaves the device; the Android Keystore handles it.
READ_EXTERNAL_STORAGE (Android 12 and below only) — to pick statement files (PDF / Excel / CSV) you choose to import.

Data deletion

You have full control over your data:

Use the in-app Settings → Erase All Data option, or
Uninstall the app — Android removes the entire /data/data/in.spends/ folder, including the encrypted database.

Because all data is on your device, there is no server-side data to request deletion of.

Children

Spends is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). The app handles personal financial information and is intended for adult users.

Changes to this policy

If this policy changes, we will update the Last updated date at the top of this page. Material changes will also be noted in the app's release notes on Google Play.

Contact

Questions about privacy or this policy? Email mohd0109@gmail.com.