Privacy Policy

Spendigo: AI Expense Tracker

Last Updated: March 26, 2026 · Effective Date: March 26, 2026

Burgeon Tech (“we,” “our,” or “us”) operates the Spendigo mobile application (“App”). This Privacy Policy explains how we collect, use, store, and protect your information when you use Spendigo.

By using Spendigo, you agree to the collection and use of information as described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Full name
Email address
Password (stored as a hash on our servers)
Phone number (optional)
Address (optional)

If you sign in using Google or Apple, we receive your authentication token and, where applicable, your name and email address.

1.2 Financial Data

To provide expense and income tracking, we collect:

Transaction titles and descriptions
Transaction amounts
Transaction categories
Income or expense classification
Timestamps

This data is stored locally on your device and synced to our servers for backup and cross-device access.

1.3 Voice Input

When you use the voice transaction feature:

Your voice is converted to text using your device's built-in speech recognition (on-device, not sent to external servers).
The text is processed by an on-device AI model (Google Gemma) to extract transaction details.
Your voice recordings and transcribed text are never sent to our servers or any third party.

1.4 Subscription Information

We use RevenueCat to manage subscriptions. RevenueCat receives a user identifier and subscription status. See their Privacy Policy.

1.5 Push Notifications

We use Firebase Cloud Messaging for push notifications. Firebase may collect device tokens and basic device info. Firebase Analytics is disabled in Spendigo.

1.6 On-Device AI (MediaPipe SDK) Telemetry

The on-device AI runs via Google's MediaPipe SDK, which may collect device-level metadata only (not personal or financial data):

Device manufacturer, model, and OS version
ML hardware accelerator information
App package name and version
Event types (initialize, run, detection)
Error codes and per-installation identifiers

1.7 Information We Do NOT Collect

Location or GPS data
Photos or camera data
Contacts or call logs
Browsing history
Advertising identifiers

2. How We Use Your Information

Create and manage your account
Record, categorize, and display your transactions
Sync your data across devices
Process voice input into structured transactions (on-device only)
Manage your subscription and payments
Send push notifications you have opted into
Provide customer support
Improve and maintain the App

We do not use your data for advertising, marketing to third parties, or profiling.

3. Data Storage and Security

3.1 Local Storage

Transaction data stored in a local database (ObjectBox) for offline access
Sensitive credentials stored using encrypted secure storage
Login preferences stored in local device storage

3.2 Server Storage

Data synced via HTTPS (encrypted in transit)
Passwords hashed and never stored in plain text

3.3 Security Measures

We implement industry-standard security including HTTPS encryption, secure token-based authentication, and encrypted local storage. No method is 100% secure, and we cannot guarantee absolute security.

4. Third-Party Services

Service	Purpose	Data Shared
Google Sign-In	Authentication	Google ID token
Apple Sign-In	Authentication	Apple ID token, email, name
RevenueCat	Subscription management	User ID, purchase events
Firebase Cloud Messaging	Push notifications	Device token, basic device info
Google MediaPipe SDK	On-device AI runtime	Device metadata only

Related privacy policies:

5. Data Sharing

We do not sell, rent, or trade your personal information. We may share information only:

With third-party service providers listed above, strictly for stated purposes
To comply with legal obligations
To protect the rights, safety, or property of Spendigo, users, or the public

6. Data Retention

Account and transaction data retained while your account is active
Upon account deletion, server-side data is removed
Local data cleared by uninstalling or clearing app data

7. Your Rights

Depending on your jurisdiction, you may:

Access your personal data
Correct inaccurate data
Delete your account and associated data
Export your transaction data (CSV export available in-app)
Withdraw consent for optional data processing

8. Children's Privacy

Spendigo is not intended for children under 13. We do not knowingly collect data from children. If discovered, such data will be deleted promptly.

9. Data Export

You can export your transaction data at any time in CSV format from within the App.

10. Google Gemma Attribution

Spendigo uses the Google Gemma model for on-device AI processing, provided under the Gemma Terms of Use.

11. Changes to This Privacy Policy

We may update this policy from time to time. Significant changes will be posted within the App. The “Last Updated” date reflects the most recent revision.

12. Contact Us

Burgeon Tech

Email: contact@spendigo.org

This privacy policy is designed to comply with applicable data protection regulations including GDPR and CCPA. For jurisdiction-specific rights, please refer to Section 7.