Privacy Policy

Wallia is operated by Jorge Arturo Rangel Luna, an individual developer based in Mexico. For privacy questions, contact wallia.app@gmail.com.

We collect only what is needed to operate the App.

Account information

When you sign up we collect your name, email address, and (if you sign in with Apple or Google) a profile picture URL. If you sign up with email and password, your password is hashed by our authentication provider (Supabase) and is never accessible to us in plain text.

If you opt in to marketing email, or where applicable law otherwise allows, we may use your email address to send optional Wallia updates, launch messages, offers, or product news. Marketing emails include an unsubscribe option. We may keep a suppression record of unsubscribed email addresses only to honor opt-out requests.

Profile preferences

Monthly budget, preferred currency, preferred language, voice language, timezone, voice auto-save preference, and favorite categories and accounts you choose.

Financial entries you create

Every transaction you log (title, amount, type, date, category, account, optional note), every account or category you create, and every recurring schedule you configure. This is the data the App exists to manage; it is stored under your user ID.

Voice entries (optional, only when you use voice input)

When you tap the voice button, your device captures audio and Apple's speech recognition features convert it into text according to Apple's platform behavior, your device settings, and the permissions you grant. Wallia does not store microphone audio or send microphone audio to our backend. The resulting text transcript (capped at 500 characters) is sent over TLS to our backend, which forwards it to OpenAI's GPT-4o-mini model to extract the amount, category, and account for the transaction. OpenAI processes the text under its API data-use terms and does not train on it by default. We send your category and account names alongside the transcript so the model can map text to your data; we do not send your identity, email, or other transactions. We log only a daily counter of how many voice categorizations you used (max 50/day) to enforce rate limits.

Photo import (optional, only when you choose a screenshot)

When you choose to import from a bank screenshot, you pick a single image from your photo library. The App downscales and compresses it on your device, then sends that processed copy over TLS to our backend, which forwards it to OpenAI's vision model to draft transaction entries for your review. Nothing is saved to your account until you review and confirm the drafts. We do not store the image — raw or processed — after the analysis completes. We send your category and account names alongside the image so the model can map movements to your data; we do not send your identity, email, or other transactions. We store only a monthly usage counter (max 30 analyses/month) and a cryptographic hash (fingerprint) of the image to enforce limits and prevent duplicate or abusive submissions; the hash cannot be turned back into the image. OpenAI processes the image under its API data-use terms and does not train on it by default. We never access your camera or your photo library beyond the single image you explicitly choose.

Subscription and purchase information

When you start a free trial or buy a subscription, the transaction is processed by the Apple App Store and our subscription provider, RevenueCat. We receive your subscription status (such as active, in trial, or expired), the product you purchased, renewal and expiration dates, an app user identifier, and basic device and app metadata used to validate the purchase and unlock features. We never receive your full payment card number or your Apple ID password — Apple handles payment processing.

Automatically collected

Your device's locale, timezone, currency code (auto-detected on first sign-in to set sensible defaults), authentication/session timestamps, and basic request metadata such as IP address, error information, and rate-limit events processed by our backend and hosting providers for security and abuse prevention.

We do not collect

Location, contacts, calendar, camera images, advertising identifiers, third-party tracking data, behavioral advertising analytics, or any data about you outside the App. We never access your camera. We do not access your photo library except for the single image you explicitly choose for photo import, and that image is not retained after processing. We do not store raw microphone audio on our servers.

We use it solely to (a) operate the App's features (storing and displaying your transactions, computing budgets, syncing across devices on the same account), (b) authenticate you, (c) categorize voice entries and analyze bank screenshots via the AI provider when you choose to use those features, (d) manage your subscription and verify your entitlements, (e) prevent fraud, abuse, and unauthorized access, (f) communicate with you about your account if needed, (g) send optional Wallia marketing emails where you opt in or where applicable law allows, and (h) comply with legal obligations. We do not use your data for third-party advertising, ad-network tracking, behavioral advertising analytics, sale to data brokers, profile sales, or training third-party AI models.

For users in the EEA, UK, and similar regimes, our legal bases are:

• Contract — to create your account, store your profile and financial entries, sync your data, and provide the App's core expense-tracking features.
• Consent, your request, or where applicable law allows — for optional features such as voice input, social sign-in choices, and marketing emails. You can stop using an optional feature, unsubscribe from marketing email, revoke device permissions where available, or delete your account.
• Legitimate interests — to keep the App secure, prevent abuse, enforce rate limits, troubleshoot errors, and protect the service.
• Legal obligations — where we must process or retain information to comply with applicable law or valid legal requests.

• Supabase, Inc. — authentication, database hosting, and serverless functions. Data: account, profile, transactions, backend request metadata, and voice transcripts in transit through backend functions. Location: the primary project region and related infrastructure chosen in Supabase.
• OpenAI, L.L.C. — voice transcript categorization and bank-screenshot analysis into draft transactions. Data: the voice text transcript or the processed screenshot you choose, plus your category and account names. Location: United States.
• RevenueCat, Inc. — subscription management, purchase validation, and entitlement syncing. Data: an app user identifier, subscription and purchase status, product IDs, renewal and expiration dates, and basic device and app metadata. Location: United States.
• Apple Inc. — Sign in with Apple and Apple speech recognition, if you choose to use those features. Data: the name and email you authorize Apple to share, and speech data handled by Apple according to its terms and your device settings. Location: per Apple's privacy terms.
• Google LLC — Sign in with Google, if you choose this method. Data: your Google identity token, name, email, and profile picture. Location: per Google's privacy terms.
• Email delivery or marketing provider — sending Wallia service or marketing emails and managing unsubscribe requests, if we use a provider for that purpose. Data: email address, unsubscribe status, and basic delivery metadata. Location: per the provider's privacy terms.

We use these providers only to operate the App features described in this Policy. Data may be processed outside your country, including in the United States or the infrastructure regions used by our service providers. Where required, we rely on appropriate transfer mechanisms such as standard contractual clauses or equivalent safeguards.

We keep your account data for as long as your account exists. When you delete your account (Settings → Delete Account), we delete your authentication record and cascade-delete your profile, transactions, accounts, categories, recurring schedules, and AI usage counters from our database. Deleting your account removes your data from our systems but does not cancel an active App Store subscription, which is billed and managed by Apple — to stop charges you must cancel through your Apple ID subscription settings. Subscription records held by Apple and RevenueCat are retained under their own policies. Some provider logs, backups, security records, and request metadata may remain for a limited period as needed for security, abuse prevention, legal compliance, or backup integrity before they expire or are deleted under our providers' retention practices.

Subject to applicable law (including GDPR for EEA/UK users, CCPA/CPRA for California users, and Mexico's LFPDPPP for Mexican users), you have the right to:

• Access the data we hold about you.
• Correct it (most fields are directly editable in the App).
• Delete it (in-App via Settings → Delete Account, or by emailing us).
• Export it (email us for a JSON export of your transactions and profile).
• Object to processing.
• Withdraw consent.

To exercise these, email wallia.app@gmail.com. We respond within 30 days. You may also lodge a complaint with your local data protection authority (in Mexico: INAI).

The App is not directed at children under 13 and we do not knowingly collect data from children under 13. If you believe a child has provided us data, contact us and we will delete it.

We use industry-standard practices such as TLS for transport, hashed passwords handled by Supabase Auth, backend access controls, rate limits on sensitive endpoints, and row-level security on the database so users can only read their own data. No system is perfectly secure; if you suspect a breach of your account, contact us immediately.

We may update this Policy. If we do, we will update the "Effective date" at the top and, for material changes, ask you to re-consent inside the App. Continued use after a change means you accept the updated Policy.

Jorge Arturo Rangel Luna — wallia.app@gmail.com.