SparrowStash logoSparrowStash

Privacy Policy - SparrowStash

9/28/2025 • SparrowStash Legal

Privacy Policy

Effective Date: September 30, 2025

Welcome to SparrowStash. We are committed to protecting your privacy and earning your trust. This policy explains what information we collect, how we use it, and how we keep it safe.

1. The Information We Collect

We only collect information necessary to provide and improve the SparrowStash service.

1.1 Personal Identification Information (PII)

This is data you provide to create and maintain your account:

  • Contact Data: Your email address (used for login and essential communications).
  • Authentication Data: Encrypted passwords (managed by Supabase Auth).

1.2 Financial and Transactional Data

This is the core data required for the app's functionality:

  • Transaction Details: Date, amount, category (e.g., Housing, Food), type (Income/Expense), and description of your financial movements.

1.3 Technical and Usage Data

When you use our services, we may automatically collect:

  • Device Information: IP address, browser type, operating system, and unique device identifiers.
  • Usage Patterns: Information about the pages you visit, the features you use, and the time and frequency of your activity.

2. How We Use Your Information

We use your data strictly to deliver value and security:

  • Service Provision: To track your spending, calculate your balance, generate KendoReact charts, and populate data grids.
  • Security & Authentication: To verify your identity and protect your data from unauthorized access, managed securely by Supabase Auth.
  • AI Financial Advice (RAG): When you ask a question to our AI Advisor, your query is sent to Nuclia. We use your Usage Data (but NOT your PII or Transactional Data) to inform the search process and generate a relevant answer.
  • Communication: To send you essential service updates and password recovery information.

3. Data Storage and Security

3.1 Our Core Infrastructure

  • Database & Authentication: Your PII and Transactional Data are stored in our secure database managed by Supabase. Supabase uses industry-standard security measures, including encryption at rest and in transit. We do not store raw, unencrypted passwords.

3.2 Third-Party Services for AI

  • Nuclia: When you use the AI Advisor, only your search query is processed by Nuclia. Your personal identification data (like your email) and your financial transaction data are never shared with Nuclia.

3.3 Protection Measures

We employ organizational and technical security measures to protect your data, including data encryption, access controls, and regular security reviews. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.

4. Your Choices and Rights

You have control over your information:

  • Access and Correction: You can review and update most of your personal information (like email) through your account settings.
  • Data Portability: You can request a copy of the Transactional Data you have provided to us.
  • Account Deletion: You may delete your account at any time. Upon request, we will delete all PII and Transactional Data associated with your account, subject to legal and operational requirements.

5. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Effective Date" at the top. We encourage you to review this policy periodically.

6. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

SparrowStash Legal Team support@sparrowstash.com