Privacy Policy
Effective date: April 30, 2026 · Last updated: April 30, 2026
1. Who we are
SumDay: Daily Budget Planner ("SumDay", "the App", "we", "our", or "us") is operated by:
- Operator / Data Controller: SumDay
- Contact email: support@sumdaytracker.com
This Privacy Policy explains what personal information SumDay processes, why, on what legal basis, with whom we share it, and what rights you have.
This policy applies only to SumDay. It does not cover services operated by third parties (Apple, Google, RevenueCat, Mixpanel) — please read their own privacy notices, linked in Section 5.
2. TL;DR — the short version
- Your financial data stays on your device. Transactions, budgets, categories and notes are stored locally on your iPhone. We do not have a server and we do not see your transaction list, balances or notes.
- We use third-party SDKs for analytics, crash reporting, subscriptions, AI and abuse prevention. Those SDKs receive limited data described below.
- Receipt scanning is optional and uses AI. When you choose to scan a receipt, the photo is sent to Google's AI service for processing. We don't store the image; Google may, under its own policies.
- AI insights use aggregated numbers only. No individual transactions, notes or names are sent.
- We sell nothing. We do not sell, rent or trade personal data. We do not run ad networks or share data for cross-context behavioral advertising.
The detailed disclosures below override this summary in case of conflict.
3. Data we process
SumDay processes the following categories of data. For each category we list what is processed, where it goes, why, the legal basis (where GDPR applies), and a retention indicator.
3.1 Financial data you enter
What: monthly income, fixed costs, savings goal, currency, period start day, transaction amounts, dates, category assignments, free-text notes you type, the categories you create.
Where stored: locally on your device, in the local app database on your device. The current version of the App does not sync this data to any server we operate.
Why:to provide the App's core feature — calculating your daily spending limit and showing your history and analytics.
Legal basis (GDPR): performance of the contract you enter into when installing the App (Art. 6(1)(b)).
Retention: for as long as you keep the App installed. Uninstalling the App removes the local database. In-app deletion (where offered) removes specific records.
3.2 Subscription and purchase data
What: your subscription status, the product purchased, purchase / renewal / cancellation dates, an anonymous subscription identifier, and aggregate purchase metrics.
Where it goes: Apple StoreKit (handles the actual payment), RevenueCat (subscription state and entitlement management), and our analytics events (which only contain whether you subscribed, the plan name, restore/failed events).
What we never see: your name, payment card, billing address, Apple ID email, or App Store account. That information stays with Apple.
Legal basis (GDPR): performance of the contract (Art. 6(1)(b)) and our legitimate interest in measuring product performance (Art. 6(1)(f)).
3.3 AI receipt scanning (optional feature)
What: the receipt photo you choose to scan and the structured fields the model returns, such as amount, merchant, category and confidence.
Where it goes:the image and the model prompt are sent over HTTPS to Google's AI service.
What we do with the image: we do not save it. The image is sent only to obtain the structured JSON response and is then discarded by the App. Google may retain or process the image according to its own policies — see Section 5.
Verification: the App always shows you the extracted values before saving. You can edit any field; the save only happens after you tap to confirm.
Sensitive content warning: receipts may contain merchant names, items purchased, locations, payment methods, dates, and other potentially sensitive details. Please review the photo before scanning and avoid scanning anything you are not comfortable transmitting to a third-party AI service.
Legal basis (GDPR): your explicit consent (Art. 6(1)(a)), which you give by accepting the in-app disclosure and by deliberately initiating each scan.
3.4 AI weekly insights (optional feature)
What: aggregated spending statistics for the relevant period, such as totals, averages, over-budget days, top categories and currency.
Where it goes:Google's AI service, same as Section 3.3.
What is NEVER sent: individual transactions, dates, merchant names, notes, your name, your device identifier, your user id.
Legal basis (GDPR): legitimate interest in providing a useful product feature (Art. 6(1)(f)).
3.5 Abuse prevention (Firebase App Check)
What: technical signals used to help verify that requests come from a genuine installation of SumDay.
Where it goes: Firebase App Check.
Why: to prevent fraud, abuse and quota theft against our paid AI quota.
3.6 Product analytics (Mixpanel and Firebase Analytics)
What we send to Mixpanel:
- Event names only for most events (e.g.
home_screen_viewed,transaction_added,paywall_shown). The event names tell us that a step happened, not what the values were. - A small set of non-financial event properties: the selected spending category, analytics period, receipt-scan source, subscription plan type, and similar product metadata.
- No transaction amounts. We do notsend the user's income, fixed costs, savings goal, daily limit, individual transaction values, or currency codes to Mixpanel.
- No transaction notes, no merchant names, no receipt images, no location data, no contacts.
What we send to Firebase Analytics: Firebase Analytics may collect standard app analytics data such as app usage, device and app information, locale, timezone and in-app interactions. We do not pass it your transactions, amounts, or other financial data.
What we send to Firebase Crashlytics: crash reports, stack traces, device model, OS version and app version. We do not log financial data into crash reports.
Opt-out: you can ask us to stop processing your analytics data — see Section 8.
3.7 Device permissions and identifiers
- IDFA (advertising identifier) — not used. The App Tracking Transparency prompt is not triggered.
- Device and app identifiers — Firebase, Mixpanel or RevenueCat may use limited identifiers for analytics, crash reporting, subscriptions and abuse prevention.
- Camera— only when you tap "Scan receipt" and choose Camera.
- Photo Library— only when you choose "Pick from library".
- Contacts, Location, Microphone, HealthKit, Motion — not used.
4. How long we keep data
- On your device: as long as the App is installed, or until you delete data in-app.
- With third-party processors:subject to each provider's policy (Section 5). Default Mixpanel and Firebase retention apply unless we choose to shorten it.
- In our control: essentially none — we do not currently operate any servers that store user financial data.
5. Third-party services we use
We are not responsible for the practices of these companies, but we list them here because their SDKs are bundled in the App and receive some data:
| Provider | Purpose | Privacy policy |
|---|---|---|
| Apple Inc. | App Store, purchases, notifications, iOS services | apple.com/legal/privacy |
| Google LLC (Firebase) | Analytics, Crashlytics, AI features, abuse prevention and configuration | firebase.google.com/support/privacy |
| RevenueCat, Inc. | Subscription and entitlement management | revenuecat.com/privacy |
| Mixpanel, Inc. | Product analytics | mixpanel.com/legal/privacy-policy |
We will update this list when we add or remove SDKs.
6. International data transfers
Some processors (Google, Mixpanel, RevenueCat, Apple) operate or store data in the United States and other countries outside the EEA, the UK, Switzerland, and Ukraine. When we transfer personal data internationally we rely on the recipient's published transfer mechanisms — typically Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Addendum, and (for Google) participation in the EU-U.S. Data Privacy Framework where applicable.
You can request a copy of the safeguards by emailing support@sumdaytracker.com.
7. Children's privacy
SumDay is not directed to children under 16 (under 13 in the United States, under 16 in the EEA / UK, or the higher minimum age set by your local law). We do not knowingly collect personal data from children. If you believe a child has provided us data through a third-party SDK, contact support@sumdaytracker.com and we will delete it.
The App is rated 4+ on the App Store but it is not designed for, intended for, or marketed to children. Parents and legal guardians are responsible for supervising minors who use the App.
8. Your rights
Depending on where you live, you may have the following rights. We honor these rights regardless of jurisdiction where it is reasonable to do so.
- Access — receive a copy of the personal data we have about you.
- Rectification — correct inaccurate data.
- Erasure — ask us to delete your data, subject to legal exceptions.
- Restriction — ask us to pause processing.
- Objection — object to processing based on legitimate interests.
- Portability — receive data you provided to us in a machine-readable format.
- Withdraw consent — for processing based on consent (e.g. AI receipt scanning), without affecting prior processing.
- Lodge a complaint with your supervisory authority. EU users may complain to the data protection authority of their country. UK users may complain to the ICO. Ukrainian users may complain to the Ukrainian Parliament Commissioner for Human Rights.
- California residents (CCPA/CPRA)also have the right to know, delete, correct, limit use of sensitive personal information, and opt out of "sale" or "sharing". We do not sell or share personal information for cross-context behavioral advertising.
- No discrimination — we will not discriminate against you for exercising these rights.
To exercise privacy rights or request deletion of data processed by third-party services, email support@sumdaytracker.com.
Self-service deletion. Most of your data is on your device. To delete it, open Settings → Delete All Data inside the App, or delete the App from your iPhone. This removes local budgets, transactions, categories and notes. It does not delete subscription records held by Apple or RevenueCat, or analytics events already transmitted before deletion.
9. Security
We use reasonable technical measures such as encrypted network communication and platform security features where applicable. No method of transmission or storage is completely secure.
10. Automated decision-making
We do not make decisions that produce legal effects about you, or significantly affect you, based solely on automated processing. AI-generated suggestions (receipt amounts, weekly insight text) are informational; you make the decision to accept them.
11. Changes to this Policy
We may update this Policy. Material changes will be announced in-app or via the App Store release notes. The "Effective date" at the top reflects the latest version. If you continue to use the App after a change, you accept the updated Policy to the extent your local law allows.