Privacy Policy
Last updated: July 15, 2026
1. Introduction & Scope
This Policy explains how Wellet collects, uses, shares, and protects your data when you use the Wellet app (iOS, Android, Web). We take your privacy seriously, especially since Wellet is a personal finance app — the data you provide is highly sensitive.
2. Data We Collect
Account data
- Email address, display name.
- If you sign in with Google or Apple: an identity token from that provider used to authenticate you — we do not receive or store your Google/Apple password.
Financial data you enter
- Income/expense transactions, amounts, notes, currency.
- Accounts/wallets, categories, budgets, savings goals, debt payoff plans (if you use these features).
- This data is entered by you — Wellet does not automatically connect to or pull data from your real bank accounts.
Device & usage data (analytics)
- Feature-usage events (e.g., creating a transaction, which screens you open, usage frequency) collected via Firebase Analytics/Google Analytics — these events are privacy-safe (PII-safe): they do not include transaction amounts, transaction names, or any specific financial content, only action type and timing.
- Basic technical information (device type, OS, app version) for debugging and product improvement purposes.
3. How We Use Your Data
We use the data we collect to:
- Operate the Service: display your transactions/budgets/reports, sync data across your devices.
- Send notifications you've actively enabled (e.g., daily expense-entry reminders, budget alerts) — these are processed locally on your device, not through a push server on our end.
- Analyze feature-usage trends (anonymized/aggregated) to improve the product.
- Measure advertising effectiveness (see Section 5 below).
- Detect and prevent fraud or abuse of the system.
4. Third Parties & Integrated Services
Wellet uses the following third-party services, each with its own privacy policy:
- Firebase Analytics / Google Analytics (GA4) (Google): collects PII-safe usage events as described in Section 2.
- Google Sign-In: authentication, if you choose to sign in with a Google account.
- Sign in with Apple (iOS and Web only): authentication, if you choose to sign in with your Apple ID.
- Google Ads: measures advertising campaign effectiveness to help us reach new users more efficiently — see Section 5 for details.
- Server infrastructure operated by Wellet itself (we do not use any third-party financial-data storage service beyond those listed above).
We do not share your specific financial data (amounts, transaction content) with any third party beyond the purposes described above.
5. Advertising & Tracking on iOS (ATT/IDFA)
To measure the effectiveness of Google Ads campaigns (knowing which campaign led a new user to install Wellet), on iOS we may request App Tracking Transparency (ATT) permission from Apple to use the advertising identifier (IDFA) — this is requested exactly once, after you've successfully created your first transaction (not immediately on first app launch).
- The sole purpose of this is advertising measurement (knowing which ads are effective) — it is entirely unrelated to your financial data and is not used to track your personal financial behavior.
- If you decline this permission, Wellet works normally, with no loss of any feature — we simply fall back to aggregated/modeled measurement (no personal identification) provided by Apple (SKAdNetwork).
- On Android, we use the Advertising ID under Google Play's standard mechanism (no separate prompt as on iOS).
6. Data Shared Within a Space
If you join a Space (e.g., a Family Space) with other users, the financial data in that Space (transactions, accounts, budgets) becomes visible to other members of that Space according to their role/permissions (see Section 4 of the Terms of Use). This is a core feature of Wellet — transparent financial sharing with family — not unintended data leakage. Data in a Personal Space (with no one else invited) is not visible to anyone but you.
7. Storage & Security
- Data transmitted between the app and our servers is encrypted via HTTPS/TLS.
- Account passwords are stored hashed; we never store plain-text passwords.
- Wellet is offline-first: data is stored locally on your device so the app works without a connection, and syncs with our server once connectivity is restored.
- You can enable a PIN/biometric app lock as an additional layer of protection on your own device.
- No system is perfectly secure; we apply reasonable security measures but cannot guarantee absolute security.
8. We Do Not Sell Your Data
Wellet does not sell, rent, or trade your personal or financial data to third parties for commercial purposes. Data is only shared with the services listed in Section 4, to the extent necessary to operate the Service.
9. Your Rights
You have the right to:
- Access & correct: view and update most of your data directly within the app.
- Request export/deletion: Wellet does not yet have a self-service account-deletion feature in the app. To request deletion of your account and all associated data, please email support@byttech.org from the address associated with your account — we will process your request within 30 days.
- Withdraw consent: for optional permissions (such as notifications, ATT on iOS), you can disable them at any time in the app's Settings or your device's system settings.
10. Children
Wellet is not directed at, and we do not knowingly collect data from, users under the age of 13. If you become aware that a child under 13 has provided us with data, please contact support@byttech.org so we can delete it.
11. Data Retention
We retain your account and financial data for as long as your account remains active. After an account is deleted upon request (Section 9), the data is removed from our active systems, unless the law requires us to retain it for a specific additional period.
12. Changes to This Policy
We may update this Policy from time to time to reflect actual product functionality or new legal requirements. Material changes will be announced through the app or this page before taking effect. The "Last updated" date at the top of this page reflects the current version.
13. Contact
If you have questions about this Privacy Policy or wish to exercise your rights, please contact: support@byttech.org