Privacy Policy

Last updated: December 24, 2025

1. Introduction

Welcome to WalletHub ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web services (collectively, the "Service").

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Name and email address
  • Profile picture (if provided via Google Sign-In)
  • Authentication credentials

2.2 Financial Data

To provide our expense tracking services, we collect:

  • Transaction records and expense entries you create
  • debit and payment information between you and your contacts
  • Savings goals and progress
  • Currency preferences

2.3 Contacts Data

With your permission, we may access your device contacts to:

  • Help you add friends and split expenses
  • Enable you to invite others to WalletHub
  • Associate debit records with people in your contacts

We do not upload or store your entire contact list on our servers. Contact information is only used locally on your device and to facilitate connections you explicitly initiate.

2.4 Device Information

We automatically collect:

  • Device type, model, and operating system version
  • Push notification tokens (for notifications)
  • App version and usage statistics
  • Language and locale preferences
  • Device name (for push notification management)

2.5 Photos, Camera, and Documents

With your permission, we may access:

  • Camera: To take photos for attaching receipts and documents to transactions
  • Photo Library: To select existing photos for attachments
  • Document Picker: To select PDF files and documents from your device or cloud storage (iCloud)

Attachments you upload are stored securely on our servers and are only accessible to you and users you explicitly share them with.

2.6 Biometric Data

With your permission, we may use biometric authentication features:

  • Face ID / Touch ID (iOS): To securely unlock the app
  • Fingerprint / Face Recognition (Android): To securely unlock the app

Biometric data is processed entirely on your device using your operating system's secure enclave. We never receive, store, or have access to your actual biometric data (fingerprints, face scans, etc.). We only receive a success or failure response from your device's authentication system.

2.7 Subscription and Usage Data

We collect subscription-related information through our payment processor (RevenueCat):

  • Subscription status (Free, Trial, Pro, Expired)
  • Subscription type (Monthly, 6-Month, Yearly)
  • Usage metrics for feature limits (number of records, accounts, goals created)
  • Feature access permissions based on subscription tier

Important Payment Data Notice: WalletHub does NOT collect, store, or have access to your credit card numbers, bank account details, or any other banking credentials. All payment transactions are processed exclusively by Apple App Store or Google Play Store. We only receive subscription status information (active/expired) from these platforms through RevenueCat.

2.8 Real-Time Presence Data

When you use the app, we track your online/offline status to enable real-time features such as instant notifications, live updates when friends add or modify shared records, and typing indicators in comments. This presence data is temporary and not permanently stored.

2.9 Audio Preferences

We store your sound preferences locally on your device, including volume levels and notification sound settings. We do not record or access your microphone - audio features are limited to playback of notification sounds and feedback effects only.

2.10 Spotlight Search and App Indexing

On iOS, we index app content (module names and descriptions) to iOS Spotlight Search to help you quickly access app features. This indexing is performed locally on your device and does not transmit your personal data.

2.11 Analytics, Attribution, and Performance Data

We use several analytics and attribution services to understand how users interact with our app, measure marketing effectiveness, and improve app stability:

Firebase Analytics & Crashlytics (Google)

We use Firebase for analytics, crash reporting, and performance monitoring. Firebase may collect:

  • Device identifiers (including Advertising ID on Android)
  • App usage patterns and feature interactions
  • App launch events and session duration
  • Crash reports and error logs
  • Performance metrics (app load times, responsiveness)
  • IP address (used to determine approximate location)
  • Device type, model, and operating system version

For more information, see Google's Privacy Policy.

PostHog (Product Analytics)

We use PostHog for product analytics to understand user behavior and improve features. PostHog may collect:

  • Screen views and navigation patterns
  • Feature usage and user journey data
  • User properties (subscription status, language preferences)
  • Device and browser information
  • Session data and engagement metrics

PostHog data is hosted in the EU. For more information, see PostHog's Privacy Policy.

Microsoft Clarity (Session Recording)

We use Microsoft Clarity to understand how users interact with our app through session recordings and heatmaps. Clarity may collect:

  • Session recordings of user interactions (taps, scrolls, navigation)
  • Heatmap data showing interaction patterns
  • Screen views and user flow analysis
  • Device and session information

Important: Clarity does not record passwords, payment information, or other sensitive data. Session recordings help us identify usability issues. For more information, see Microsoft's Privacy Statement.

Tenjin (Attribution Analytics)

We use Tenjin to measure marketing campaign effectiveness and app install attribution. Tenjin may collect:

  • App install and conversion events
  • Advertising identifiers (IDFA on iOS, Advertising ID on Android)
  • Device information (model, OS version)
  • In-app events and subscription data
  • IP address (for attribution purposes)

For more information, see Tenjin's Privacy Policy.

This data helps us identify and fix bugs, improve app performance, measure marketing effectiveness, and understand which features are most valuable to our users.

2.12 App Tracking Transparency (iOS)

On iOS devices (iOS 14.5 and later), we request your permission to track your activity across other companies' apps and websites through the App Tracking Transparency (ATT) framework. This tracking is used for:

  • Measuring advertising campaign effectiveness
  • Attribution analytics (understanding how you discovered our app)
  • Delivering personalized advertisements

You can decline this request and still use all features of WalletHub. If you decline, we will not access your device's advertising identifier (IDFA) for tracking purposes. You can change this preference at any time in your device's Settings > Privacy > Tracking.

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve our Service
  • Process and track your financial records
  • Enable expense splitting and debit tracking with friends
  • Send push notifications about transactions, reminders, and updates
  • Sync your data across devices in real-time
  • Provide customer support through in-app ticketing
  • Detect and prevent fraud or abuse
  • Store and display attachments (receipts, documents) you upload
  • Enable biometric app locking for enhanced security
  • Provide real-time collaboration features (live updates, presence indicators)
  • Track subscription status and enforce feature limits
  • Enable data export in PDF and CSV formats
  • Provide offline functionality with automatic synchronization
  • Enable gamification features (XP, badges, streaks) to enhance engagement

4. Third-Party Authentication

4.1 Google Sign-In Data

When you sign in using Google OAuth 2.0, we access the following information from your Google account:

  • Email address: Used as your unique identifier and for account-related communications
  • Name: Displayed in your profile and to other users you interact with
  • Profile picture: Displayed in your profile (optional)

How we use Google user data:

  • To create and authenticate your WalletHub account
  • To personalize your experience within the app
  • To enable other users to identify you when sharing expenses or debits

Important: We do not:

  • Sell your Google user data to third parties
  • Use Google user data for advertising purposes
  • Share Google user data with third parties except as described in this policy
  • Access any other Google services or data beyond basic profile information

Your Google user data is retained as long as your account is active. You can request deletion of your account and all associated data at any time.

4.2 Apple Sign-In Data

When you sign in using Sign in with Apple, we access the following information from your Apple account:

  • Email address: Used as your unique identifier and for account-related communications. You may choose to share your real email or use Apple's private relay email service.
  • Name: Displayed in your profile and to other users you interact with (only provided on first sign-in)

How we use Apple Sign-In data:

  • To create and authenticate your WalletHub account
  • To personalize your experience within the app
  • To enable other users to identify you when sharing expenses or debits

Important: We do not:

  • Sell your Apple Sign-In data to third parties
  • Use Apple Sign-In data for advertising purposes
  • Share Apple Sign-In data with third parties except as described in this policy
  • Access any other Apple services or data beyond basic profile information

If you use Apple's private relay email, we will only communicate with you through that relay address. Your Apple Sign-In data is retained as long as your account is active. You can request deletion of your account and all associated data at any time.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • With Other Users: Transaction, debit, and attachment information is shared with users you explicitly connect with through shared records, expense groups, or ROSCA groups
  • Service Providers: We use third-party services including:
    • Apple (Sign in with Apple authentication, App Store subscription billing)
    • Google (authentication via OAuth 2.0, Play Store subscription billing)
    • Firebase/Google (analytics, crash reporting, performance monitoring)
    • PostHog (product analytics and user behavior analysis)
    • Microsoft Clarity (session recording and heatmaps)
    • Tenjin (attribution analytics and marketing measurement)
    • RevenueCat (subscription status management)
    • Expo (push notifications)
    • Cloud hosting providers (data storage)
  • Legal Requirements: When required by law or to protect our rights

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via OAuth 2.0
  • Optional biometric app locking (Face ID, Touch ID, Fingerprint)
  • Automatic lock on app background (configurable timeout)
  • Regular security audits and updates
  • Access controls and monitoring
  • Secure WebSocket connections for real-time data
  • Local encrypted database for offline data storage

7. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. You can request deletion of your account and associated data at any time by contacting us.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data directly within the app settings (Account > Delete Account) or by contacting us at support@wallethub.app
  • Export your data in PDF or CSV format
  • Withdraw consent for optional data processing
  • Opt-out of push notifications
  • Revoke camera, photo library, contacts, or biometric permissions at any time through your device settings
  • Manage sound and notification preferences within the app
  • Delete individual attachments or records

Account Deletion: You can request complete deletion of your account and all associated data directly within the app by navigating to Account > Delete Account. Upon deletion, all your personal data, transaction records, attachments, and shared records will be permanently removed from our servers within 30 days. You may also contact us at support@wallethub.app to request account deletion.

9. Device Permissions

WalletHub requests the following device permissions, all of which are optional and can be denied or revoked:

  • Camera: "Allow WalletHub to take photos to attach receipts and documents."
  • Photo Library: "Allow WalletHub to access your photos to attach receipts and documents."
  • Contacts: "Allow WalletHub to access your contacts to quickly add people you know."
  • Face ID (iOS): "Allow WalletHub to use Face ID to unlock the app securely."
  • Notifications: "Allow WalletHub to send you notifications about debit updates, friend requests, and payment reminders."

You can manage these permissions at any time in your device's Settings app. Denying permissions may limit certain features but will not prevent you from using the core functionality of the app.

10. Offline Data Storage

WalletHub stores data locally on your device using an encrypted local database to enable offline functionality. This local data includes your transactions, records, and preferences. When you come back online, data is automatically synchronized with our servers. You can clear local data by logging out or uninstalling the app.

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: support@wallethub.app