Privacy Policy

1. Introduction

Welcome to Baki ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App") and website (collectively, the "Services").

By using Baki, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Services:

• Account Information: Name, email address, and password when you create an account
• Financial Data: Expense transactions, amounts, categories, dates, merchant names, notes, and receipt images that you manually enter or scan using our AI receipt scanner
• Wallet Information: Wallet names, budgets, and currency preferences you configure
• Support Communications: When you contact us for support, we collect your name, email, and the content of your message

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

• Device Information: Device type, operating system, unique device identifiers, timezone, mobile network information
• Usage Data: Features used, time spent in the App, interaction patterns, crash logs, and performance data
• Analytics Data: We use PostHog for product analytics, collecting hashed (non-reversible) user identifiers, behavioral events (40+ event types including feature usage, screen views, user actions), and device metadata. No session replay or autocapture is enabled—only explicit events are tracked. User IDs are hashed for privacy.
• Error & Diagnostic Data: We use Sentry for crash reporting and error tracking, collecting stack traces, error context, and performance metrics. Personal information is automatically scrubbed, and IP addresses are removed. This data is used solely to improve app stability and performance. Compliant with iOS Privacy Manifest requires crash data, performance data, and diagnostic data collection.
• Location Data: We do NOT collect precise location data. General region information may be inferred from IP address for analytics purposes only

2.3 Information from Third Parties

• Authentication Services: If you sign in with Apple or Google, we receive basic profile information (name, email) as permitted by those services
• Payment Processing: Subscription payment information is processed by Apple App Store and Google Play Store. We do not store your payment card details
• AI Receipt Processing: Receipt images you upload are processed by our third-party AI service provider to extract transaction details. The uploaded image is then encrypted and stored in a private storage servers

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain Services: To operate the App, process your expenses, generate analytics, and provide budgeting features
• AI Receipt Scanning: To analyze receipt images and automatically extract transaction details
• Account Management: To create and manage your account, authenticate you, and process subscriptions
• Product Analytics & Feature Adoption: To track which features are used, understand user behavior patterns, and measure feature adoption rates through privacy-safe analytics (no PII collected)
• Error Monitoring & Crash Reporting: To detect, diagnose, and fix bugs, crashes, and technical issues to improve app stability and reliability
• Performance Monitoring: To measure app performance, identify bottlenecks, and optimize speed and responsiveness
• Improve Our Services: To understand usage patterns, diagnose technical issues, and develop new features based on aggregated, anonymized data
• Customer Support: To respond to your inquiries and provide technical assistance
• Communications: To send you service-related notifications, updates, and security alerts (you can opt out of promotional emails)
• Legal Compliance: To comply with legal obligations, enforce our Terms of Service, and protect our rights

4. How We Share Your Information

We do NOT sell your personal information. We may share your information in the following circumstances:

• Analytics Provider (PostHog): We use PostHog (EU-hosted option available) for product analytics and feature flags. We share hashed user identifiers, behavioral event data, and device metadata. PostHog does not receive any personally identifiable information. Session replay and autocapture features are disabled for enhanced privacy
• Error Tracking Provider (Sentry): We use Sentry for crash reporting and error tracking. We share error logs, stack traces, and performance metrics. All personal information is automatically scrubbed before transmission, and IP addresses are removed
• Subscription Management (RevenueCat): We use RevenueCat to manage in-app subscriptions and sync purchase data from Apple App Store and Google Play Store. RevenueCat receives your user ID, transaction information, and subscription entitlements to enable cross-platform subscription access
• AI Receipt Processing: Receipt images are processed by AI services running on our own secure backend infrastructure (not external third-party services). Images are encrypted at rest after processing and stored securely on our servers
• Payment Processors: Apple App Store and Google Play Store process subscription payments. We do not receive or store your payment card details. Please review their respective privacy policies
• Authentication Services: When you sign in with Apple or Google, basic profile information (name, email) is shared as permitted by those services
• Legal Requirements: We may disclose information if required by law, court order, or governmental request, or to protect our rights and safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
• With Your Consent: We may share information for other purposes with your explicit consent

5. Data Security

We take data security seriously and implement industry-standard measures to protect your information:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using AES encryption
• Secure Storage: Sensitive data is stored securely on your device using iOS Secure Store and in encrypted & private cloud databases
• Hashed User Identifiers: User IDs sent to analytics services are cryptographically hashed (one-way, non-reversible) to prevent identification of individual users
• Automatic Data Sanitization: Our analytics system automatically filters out sensitive information including financial amounts, email addresses, names, locations, and user-entered text before any data is transmitted
• Access Controls: We restrict access to personal information to authorized personnel only, with role-based access controls and audit logging
• iOS Privacy Manifest Compliance: Our iOS app includes a Privacy Manifest that declares all data collection practices, ensuring transparency and compliance with Apple's privacy requirements
• Regular Audits: We regularly review our security practices and conduct vulnerability assessments

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy. Specifically:

• Account Data: Retained until you delete your account
• Expense Data: Retained until you delete individual expenses or your entire account
• Receipt Images: Stored as long as the associated expense exists; automatically deleted if you delete the expense
• Analytics Events: Retained for 12 months for analysis purposes, after which they are aggregated and anonymized for long-term trend analysis
• Error Logs: Retained for 90 days to diagnose and fix issues, then automatically deleted
• Performance Data: Retained for 30 days for optimization purposes, then automatically deleted
• Backup Data: System backups may retain deleted data for up to 14 days for disaster recovery purposes, but this data is not accessible for normal operations

When you delete your account, we permanently delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (right to be forgotten)
• Data Portability: Export your data in a machine-readable format (CSV, JSON)
• Opt-Out: Unsubscribe from marketing communications
• Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, contact us at support@baki.money. We will respond within 30 days.

8. Children's Privacy

Our Services are not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it immediately. If you believe we have collected information from a child, please contact us at support@baki.money.

9. Analytics & Tracking Details

We believe in transparency about how we track app usage and performance. Here's what you need to know:

9.1 What We Track

We track over 40 different event types to understand how users interact with Baki, including:

• Authentication events (sign in, sign out, onboarding completion)
• Feature usage (expense creation, wallet management, AI receipt scanning)
• Screen views and navigation patterns
• Subscription events (purchases, cancellations, restorations)
• Error events and crash reports
• Performance metrics (API response times, app load times)

9.2 Privacy-First Approach

Our analytics implementation is designed with privacy as the top priority:

• No Personal Information: We never track financial amounts, merchant names, expense descriptions, email addresses, full names, or any user-entered text
• Hashed User IDs: Your user ID is cryptographically hashed before being sent to analytics services, making it impossible to identify you personally
• Automatic Sanitization: Our system has a blocklist of sensitive property keys (amount, balance, email, name, location, etc.) that are automatically filtered out before any data leaves your device
• No Session Replay: We do not record your screen or capture screenshots. Session replay features are explicitly disabled
• Manual Event Tracking Only: We only track events we explicitly define. Autocapture features that might inadvertently collect sensitive data are disabled
• Data Minimization: We only collect the minimum data necessary to improve our Services

9.3 Your Control

Analytics data collection is essential for maintaining and improving app functionality, including crash reporting and performance optimization. While you cannot opt out of essential analytics, you can:

• Delete your account at any time, which will anonymize all historical analytics data associated with your hashed ID
• Contact us at support@baki.money with questions or concerns about data collection
• Review our open-source privacy utilities that show exactly how we sanitize data (available in our public documentation)

9.4 Third-Party Analytics Services

• PostHog: Privacy-focused product analytics. We use EU-hosted servers where available. Learn more at PostHog's Privacy Policy
• Sentry: Error tracking and performance monitoring. Learn more at Sentry's Privacy Policy

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

11. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect, use, and disclose
• Right to request deletion of your personal information
• Right to opt-out of the sale of personal information (we do NOT sell your information)
• Right to non-discrimination for exercising your rights

To exercise these rights, email us at support@baki.money.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access, rectify, or erase your personal data
• Right to restrict or object to data processing
• Right to data portability
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

Our lawful basis for processing includes consent, contract performance, and legitimate interests. Contact us at support@baki.money to exercise your rights.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we will provide prominent notice within the App or via email. Your continued use of our Services after changes constitute acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@baki.money
• Twitter: @baki.money

We will respond to your inquiry within 30 days.