Privacy Policy

1. Information We Collect

• Account information: the email address and password you provide when creating an account.
• Financial data through Plaid: when you link a bank, Plaid Inc. provides us transaction history, account names and types, balances, merchant names, and category metadata. Plaid handles your bank credentials directly — we never see or store them.
• Location data: with your permission, we use foreground location to identify your state, province, or city for benchmarking. With your additional permission, we use background location to power Spend Guard notifications when you are near a store you have shopped at before. You can turn this off at any time in Settings or in your device permissions.
• Device and diagnostic information: device model, manufacturer, operating system, app version, locale, time zone, and crash and error logs used to diagnose problems and improve reliability.
• Approximate location from IP address: on first launch we use your IP address to suggest your region.
• Subscription information: when you subscribe to Pro or Ultra, the Apple App Store or Google Play processes your payment and shares purchase confirmation with us so we can grant access. We do not see your full payment card details.
• Advertising identifiers: if you allow tracking on iOS or do not opt out of personalized ads on Android, Google AdMob may receive your device's advertising identifier in order to serve ads.

3. How We Share Information

We share information only as described below.

• Plaid Inc. — to securely connect to your financial institutions. Your use of Plaid is also governed by Plaid's End User Privacy Policy.
• Supabase (database and authentication provider) — to host your account and your encrypted data on our behalf.
• Google Cloud Run — to host our backend API.
• Apple App Store and Google Play — to process subscriptions.
• Google AdMob — to deliver in-app advertising on free tiers. You can opt out of personalized ads in Settings.
• Trusted family member — only if you explicitly enable Family Sharing on the Ultra plan and grant access to a specific user. You can revoke this any time.
• Legal and safety: we may disclose information if required by law, subpoena, or to protect our rights, your safety, or the security of the Service.
• Business transfers: in connection with a merger, acquisition, or sale of assets, subject to confidentiality.

We do not sell your bank, transaction, or location data. Personalized advertising via Google AdMob may be considered "sharing" under California law; you can opt out at any time using the Do Not Sell or Share switch in the app or by visiting our Do Not Sell or Share page.

4. Your Rights and Choices

• Access and correction: you can review most of your data inside the app and update profile information at any time.
• Account deletion: you can permanently delete your account and associated data in Settings → Delete Account. This revokes all Plaid connections and removes your transactions, benchmarks, exports, and login. Active subscriptions are not cancelled by this action and must be cancelled in your store account settings.
• Location: turn off Spend Guard in Settings, or revoke location permission in your device settings.
• Personalized advertising: use the Do Not Sell or Share switch in the app to disable personalized ads on your device.
• California residents (CCPA/CPRA): you have the right to know, delete, correct, and opt out of sale or sharing of personal information. See our Do Not Sell or Share page.
• European, UK, and Canadian residents: you have rights of access, rectification, erasure, restriction, portability, and objection under applicable laws (GDPR, UK GDPR, PIPEDA, Quebec Law 25). Contact us using the details below to exercise these rights.

5. Data Retention

We keep your account data for as long as your account is active. When you delete your account, we delete or anonymize your personal data within 30 days, except where retention is required by law (for example, payment records under tax law) or to resolve disputes and enforce our agreements.

6. Security

We protect your data using AES‑256 encryption at rest, TLS 1.3 in transit, row-level access controls keyed to your account, and short-lived authenticated sessions. No system is perfectly secure; please choose a strong, unique password and enable biometric login on your device.

7. Children's Privacy

Sentinel Defender is intended for adults aged 18 and over. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, please contact us and we will delete it.

8. International Transfers

Our infrastructure is hosted in North America. If you use the Service from outside Canada or the United States, your information will be transferred to and processed in those countries, which may have different data-protection laws than your country of residence.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and prompt you to re-accept the updated policy the next time you open the app. Continued use after a change means you accept the updated policy.

10. Contact Us

Questions or requests about this Privacy Policy can be sent through our Contact Us page. The data controller is BIHM Inc.