Privacy Policy

Pockita is a personal-finance app built by a small team. We take your privacy seriously because we use the same tool ourselves. This page explains what we collect, why we collect it, and what we never do.

What we collect

We collect only the data we need to run the product:

• Account info: email address, display name, and your chosen avatar / theme preferences.
• Financial data you enter: transactions, accounts, budgets, recurring rules, and savings goals.
• Bank data (optional): if you choose to link a bank via Plaid, we receive transaction history and balances for the accounts you authorize. We do not store bank login credentials; Plaid does, encrypted.
• Device push tokens: so we can deliver the notifications you opt into.
• Anonymous usage: basic crash and performance telemetry to keep the app stable.
• Voice recordings (only during voice quick-add): when you tap the microphone to log a transaction by voice, the short audio clip is transmitted for transcription. It is never stored on our servers and is not retained by the transcription provider - see the AI section below.

How we collect it. All of the above is collected directly from you while you use the app (typing, tapping, opting into a bank link, or tapping the microphone). We do not buy data from data brokers, scrape your contacts, or pull from social networks.

How we use AI (third-party AI provider)

Pockita uses OpenAI (a third-party AI provider operated by OpenAI, L.L.C., San Francisco, USA) to power four features: voice quick add, AI chat, AI-assisted transaction categorization, and weekly AI summary reports / insight cards. These features are off by default and you must explicitly consent in-app before any data is sent.

Explicit, in-app consent.The first time you tap an AI feature, Pockita shows a consent dialog that names OpenAI, lists exactly what data will be sent, and offers a clear “Allow” / “Don't allow” choice. No data is transmitted to OpenAI before you tap Allow.

What we send to OpenAI. Only what the feature you tapped needs:

• Voice quick-add: the short audio recording you just spoke, sent to OpenAI Whisper for transcription. The recording is not stored on our servers and OpenAI does not retain it.
• AI chat / insights / weekly reports: transaction amount, date, merchant name (as written on the receipt or statement), and category. For chat, we also send a short anonymized summary of your budgets and account balances so the assistant can answer questions about them.

What we never send. Before any model call we strip the following from every payload:

• Your email address and full name.
• Account identifiers (bank account numbers, Plaid item IDs, internal user IDs).
• Authentication tokens, passwords, or any token-like string.
• Data from any feature where AI is turned off.

Retention and training. Under our agreement with OpenAI, your data is notused to train OpenAI models. We use the OpenAI API with zero-retention enabled, which means prompts, audio, and responses are not stored on OpenAI's side. OpenAI provides privacy protections that are equivalent to or stronger than those described in this Privacy Policy; see OpenAI's Privacy Policy and the API Data Processing Addendum.

You're in control. You can revoke AI consent any time from Profile → AI consent. Revocation is immediate: every AI surface in the app (voice mic, chat, receipt scan, insight cards, weekly report generation) stops functioning until you opt back in, and no further data is sent to OpenAI.

AI never performs financial calculations. All math happens server-side in Pockita's code; the model is asked only to phrase the result in plain English.

Where data is stored

Your data lives in your private row inside our Supabase database (PostgreSQL with row-level security). It's encrypted at rest. Only you, via your authenticated session, can read or write it. Our team uses scoped admin tools for support and reliability work.

Third-party services we share data with

Pockita uses the following processors to operate the app. Each is bound by a contract requiring privacy protections equivalent to or stronger than those described here.

• Supabase, Inc. - database hosting, authentication, and serverless functions. Holds your account row and all financial data you enter.
• OpenAI, L.L.C. - AI processing for voice transcription, chat, categorization, insights, and weekly reports. See the AI section above for exactly what is shared, when, and your opt-out.
• Plaid Inc. - only if you choose to link a bank. Receives your bank credentials directly (we never see them) and returns transaction history and balances.
• RevenueCat, Inc. - subscription management. Receives a hashed identifier and your purchase receipts; never your payment card.
• Apple Inc. and Google LLC - billing and push notification delivery on iOS and Android respectively. Receive your payment information directly (we never store it) and a push token if you opt into notifications.
• PostHog Inc. - anonymous product analytics and crash telemetry. We do not send your name, email, or financial data to PostHog.

What we don't do

• We don't sell your data. Ever.
• We don't share it with advertisers, brokers, or third parties beyond the processors strictly required to run the app (Supabase, Plaid where you opted in, OpenAI for AI features, Apple/Google for push delivery).
• We don't train AI models on your data. OpenAI doesn't either, per their API terms.

Your rights

You can, at any time:

• Export every transaction as CSV (Profile → Export CSV).
• Edit or delete any individual record from the app.
• Delete your account permanently (Profile → Danger zone → Delete account). This wipes your row and every piece of data tied to it.

Your legal rights (GDPR / UK GDPR / CCPA)

Depending on where you live, you have additional rights under privacy laws like the EU's General Data Protection Regulation, the UK GDPR, and California's Consumer Privacy Act. These include:

• Access: request a copy of the personal data we hold about you.
• Rectification: ask us to correct anything inaccurate.
• Erasure: ask us to delete your data (you can do this yourself in-app, or email us if you can't).
• Portability: get your data in a machine-readable format. CSV export covers transactions; for the rest, email us.
• Object / restrict: limit how we process your data, or opt out of specific uses.
• Lodge a complaint with your local data protection authority. For California residents, the rights to know, delete, correct, and not be discriminated against under CCPA apply.

We don't sell or share personal information for cross-context behavioural advertising under CCPA, so there's nothing to opt out of on that front. Email privacy@pockita.com to exercise any of these rights, we respond within 30 days.

How long we keep your data

We keep your data while your account is active. When you delete your account, we wipe it from our live database immediately. Any encrypted backups containing prior states roll off within 30 days. Aggregated, fully anonymous metrics (e.g. “X total users this week”) may persist beyond that.

Plaid retains a record of accounts you linked even after you unlink them, per their own retention policy, see Plaid's Privacy Policy for specifics.

International data transfers

Pockita is operated from the United States. If you use the Service from outside the US, your data is transferred to and processed in the US (and other countries where our processors operate). Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

Subscriptions

Subscription billing is handled by Apple (iOS) and Google (Android) via RevenueCat. We never see or store your payment information.

Children

Pockita is not intended for users under 13. We don't knowingly collect data from children.

Contact

Questions, requests, or concerns: support@pockita.com.