Privacy Policy

Last Updated : Oct 4, 2025

Introduction

Pennie is a personal finance tracker that helps you record, categorize, and analyze your transactions locally on your device. We respect your privacy and protect your information. This privacy policy explains what data Pennie collects, why we collect it, how it is used, and the choices you can make.

1. Data Collected and Why

Pennie is built using an offline-first model: most data is stored locally on your device. The app may collect or store the following:

• Personal Data you provide voluntarily

  • Examples: account display name, category names, transaction notes. This data is stored on-device in a local SQLite database and is not uploaded to any server by default.

• Billing / Purchase Information

  • When you purchase the premium subscription (managed via Google Play Billing), Pennie will store a locally-scoped token and the product id to record entitlement. Payment processing, receipts and billing details are handled by Google Play — Pennie does not directly collect or transmit your payment card information.

• Device identifiers and advertising

  • Pennie integrates with advertising SDKs on Android to display ads in the free version. The app does not log or transmit the device advertising ID in plain text or to our servers. The ad SDKs may receive identifiers necessary to serve ads (as required by the ad provider). See "Third-party services" below for more detail and opt-out information.

• Crash reports / analytics (optional)

  • If you enable crash reporting or analytics in settings (or if these are enabled by default), anonymized crash reports and usage metrics may be sent to third-party services to help improve the app. These reports do not contain raw transaction data or sensitive personal information.

2. How We Use Data

• Core app functionality

  • All core features (transaction storage, categorization, reports) work locally on your device. Data is used only to provide the app's features to you and to show ads

• Subscription enforcement

  • Tokens or flags stored locally are used to enable premium features. The server-side billing and receipts are handled by Google Play.

• Advertising

  • Device-level identifiers may be used by ad networks to serve relevant advertising. We do not share or sell your personal transaction data to advertisers.

• Improvement and diagnostics

  • If crash reporting or analytics are enabled, anonymized information helps us fix bugs and prioritize improvements.

3. Data Sharing and Third Parties

Pennie uses third-party SDKs and services to provide ads, billing, analytics, and crash reporting. These services act independently and may have their own privacy practices:

• Google Play Billing: handles purchases and subscriptions. Google receives billing and purchase-related information.

• Advertising SDKs (e.g., AdMob): may collect device identifiers and usage signals to serve ads. Review the ad provider's privacy policy for details and opt-out mechanisms.

• Optional analytics / crash reporting services: collect anonymized telemetry if enabled.

We do not share your transaction data with third parties for marketing or sale.

4. Data Retention

All app data stored locally remains on your device until you delete it or clear the app data. Locally-stored billing tokens are retained as long as needed to verify premium status and may be cleared if entitlement is revoked.

5. Your Rights and Choices

• Local control: You can delete the app data or uninstall the app to remove all locally stored information.

• Billing & refunds: For billing issues and refunds, refer to Google Play support and purchase history — Google handles payments and refunds.

• Opt-out of personalized ads: On Android, you may opt out of ad personalization via your Google account settings or use Android's limited ad tracking settings. Ad networks also provide their own opt-out pages.

6. Security

Pennie uses platform-provided secure storage (SecureStorage / Android Keystore) for small secrets and tokens. We follow standard cryptographic practices for local integrity checks. However, no method of storing data locally is 100% secure — please protect your device with a PIN or biometric lock.

7. Notifications

Pennie requests notification permission on Android for two primary reasons:

• Reminders and alerts: to display local reminders (for example, daily spending summaries, budget reminders, or scheduled background processing completion) so you don’t miss important updates.

• Optional notification parsing (Android only): with your explicit consent, Pennie can read incoming notifications from selected apps (for example, message apps) to help auto-detect transactions. This feature is disabled by default and requires you to enable it explicitly.

How notification data is used

• Notification parsing happens entirely on your device. Pennie does not upload raw notification content to any server.

• If parsing is enabled Pennie may extract and store parsed transaction details (merchant, amount, timestamp) in the local database only after you review/approve them.

Permissions and opt-out

• On Android 13+ the app requests the POST_NOTIFICATIONS runtime permission to show notifications. For parsing, the app will request Notification Access (a system-level permission) which you must grant explicitly in settings.

• Both features are optional. You can deny or later revoke these permissions in device settings; core app features continue to work without them.

8. Children

Pennie is not intended for children under 13. If you believe a child under 13 provided personal information, please contact us and we will delete the information from our records.

9. Changes to this Policy

We may update this policy to reflect changes in the app, services, or legal requirements. Material changes will be noted at the top of the document.