Privacy Policy

Welcome to PocketPay.ai ("we," "our," or "us"). This Privacy Policy explains how we handle information when you use the PocketPay.ai mobile application ("App"). We are committed to protecting your privacy. Our core principle is simple: your data stays on your device.

PocketPay.ai is designed as an offline-first, privacy-first application. We do not collect, transmit, or store any of the following:

• Personal identification information (name, email, phone number)
• Financial data, transaction records, or account balances
• SMS messages or their content
• Device identifiers, IP addresses, or location data
• Usage analytics, crash reports, or telemetry
• Behavioral data or user patterns

There are no servers, no backend infrastructure, and no analytics SDK in PocketPay.ai that receives your data.

All data you enter or that is detected by PocketPay.ai is stored exclusively on your device using Hive, a fast local NoSQL database. This includes:

• Transaction records and amounts
• Account and card information
• Budget categories and limits
• Income sources and recurring transactions
• App settings and preferences

This data never leaves your device unless you explicitly choose to export it or back it up to your own cloud storage.

The App requests permission to read SMS messages on Android devices. This permission is used solely to:

• Detect bank transaction messages from your device
• Parse transaction amounts, merchants, and dates automatically

SMS content is processed entirely on-device. No SMS data is transmitted over the internet. You review and approve each detected transaction before it is saved.

You may revoke this permission at any time through your device settings without affecting other app functionality. Manual transaction entry will remain available.

PocketPay.ai offers an optional backup feature using Google Drive. This feature:

• Is entirely opt-in and disabled by default
• Sends your encrypted data only to your personal Google Drive account
• Uses Google's OAuth 2.0 for authentication — we never see your Google credentials
• Can be disabled and all remote backups deleted at any time

When you use the backup feature, your data is governed by Google's Privacy Policy in addition to ours. We never have access to your Google Drive data.

You may export all your data at any time in CSV or JSON format. These exports are saved to your device storage. We do not receive copies of exported data.

We take security seriously and have implemented several measures to protect your on-device data:

• PIN lock with custom 4-6 digit passcode
• Biometric authentication (fingerprint / face ID via Android BiometricPrompt)
• Hive database encryption for stored data

The security of your device PIN and biometric credentials is managed by your operating system. We recommend using a strong PIN and keeping your device up-to-date.

PocketPay.ai is not intended for use by children under 13 years of age. We do not knowingly collect information from children. Since we collect no personal information from any user, this applies equally to all age groups.

We may update this Privacy Policy periodically. We will notify you of significant changes by updating the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

If you have questions, concerns, or requests about this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Web: Contact Form