Privacy Policy

Spenny AI is an agentic expense tracker that helps you log, understand, and manage your personal finances through natural conversation with Sage — our AI assistant. We are currently in early access / beta and operate as an independent product.

Contact: hello@spenny.ai

Information you provide directly

• Account information: Email address and optional mobile number when you join the waitlist or sign up.
• Expense data: Text messages, voice recordings (transcribed and then discarded), receipt images, and bank statement PDFs you share with Sage.
• Chat history: Your conversations with Sage, including expense logs and spending queries.

Information collected automatically

• Usage data: Pages visited, features used, session duration, and crash reports — collected anonymously to improve the product.
• Device information: Browser type, operating system, and IP address for security and rate limiting.

Information from integrations (Pro)

• Gmail (read-only): We access only bank and payment alert emails to extract transaction data. We never read personal emails and we do not store email content — only the extracted transaction fields (amount, merchant, date).
• WhatsApp / Telegram: Messages you send to the Spenny bot are processed to log expenses or answer queries. They are not stored beyond what is needed to respond.

• To provide, operate, and improve Spenny AI and Sage.
• To process and categorise your expense data and generate insights.
• To communicate product updates, early access invites, and important notices.
• To detect and prevent fraud, abuse, and security incidents.
• To comply with legal obligations.

We do not sell your data to third parties. We do not use your financial data to train general-purpose AI models or for advertising.

• Expense data is stored in a secure database (Supabase / PostgreSQL) with row-level security.
• Data is encrypted in transit (TLS) and at rest.
• Receipt images and bank statement PDFs are processed immediately and not permanently stored — only the extracted transaction records are saved.
• Voice input is transcribed by Whisper AI and the audio is discarded immediately after transcription.
• We apply strict access controls — only you can access your expense data.

We use the following third-party services to operate Spenny AI:

• Supabase — database and authentication
• Groq / Llama — AI inference for Sage responses and receipt parsing
• Vercel — hosting and edge delivery
• Airtable — waitlist management
• WhatsApp Business API / Telegram Bot API — messaging integrations (Pro)
• Google OAuth — Gmail integration (Pro, read-only scope)

Each of these services has their own privacy policy. We share only the minimum data necessary for them to function.

Our use of Gmail data via Google OAuth is limited to the following:

• We request read-only access restricted to emails matching bank and payment alert patterns.
• Gmail data is used solely to extract expense transactions for your personal dashboard.
• We do not store raw email content — only extracted fields (merchant, amount, date, category).
• We do not use Gmail data to serve advertising or for any purpose unrelated to expense tracking.
• You can revoke Gmail access at any time from your Google Account settings or from within Spenny AI.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• Your expense records are retained as long as your account is active.
• If you delete your account, all personal data is deleted within 30 days.
• Anonymised, aggregated usage statistics may be retained indefinitely for product analytics.

You have the right to:

• Access all expense and personal data we hold about you.
• Export your data as CSV or PDF at any time from within the app.
• Correct inaccurate data.
• Delete your account and all associated data.
• Withdraw consent for any integration (Gmail, WhatsApp, Telegram) at any time.

To exercise these rights, email us at hello@spenny.ai.

Spenny AI is not intended for users under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us and we will delete it promptly.

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top and notify users by email for material changes. Continued use of Spenny AI after changes constitutes acceptance of the updated policy.

Questions, concerns, or requests? Reach us at:

hello@spenny.ai