Privacy Policy
Last updated 14 June 2026
Introduction & scope
SpentOn — operated by Arpan Jha (doing business as SpentOn)("we", "us") — provides a personal-finance service that reads your financial email to reflect where your money actually goes — a mirror for your money. That makes your data among the most sensitive a person has, so privacy is a core part of how the product is built, not an afterthought. This policy covers the SpentOn website and app, applies to all users, and is written to meet GDPR (EU/UK), CCPA/CPRA (California), and India's DPDP Act. It takes effect on the date above.
What we collect
- Email you authorise us to read. When you connect Gmail, we read messages to find financial events (charges, credits, bills, statements). A triage step discards non-financial email before any AI sees it — we don't want, and don't keep, your personal correspondence.
- What we derive from it. Transactions, categories, recurring obligations, the people you exchange money with, and the budget/goal figures you set once you've seen your baseline.
- What you tell us. Profile details (name, income, budget cycle), cards and accounts (last 4 digits only — never full numbers), and any manual entries or corrections.
How we use it
- To extract and categorise your transactions and reflect your spending, budgets and goals back to you.
- To improve accuracy for you — learning your patterns and corrections. We do not sell your data, and we do not train shared models on it without your explicit consent.
- Every number is traceable to its source email and the reasoning behind it, so you can always see why SpentOn concluded something.
Google user data — Limited Use
SpentOn's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, for data obtained through Gmail (the gmail.readonly scope you grant):
- We use it only to provide and improve SpentOn's features you can see — finding your transactions, bills, and balances to reflect your money back to you. Nothing else.
- We do not transfer this data to others except as needed to provide or improve those features, to comply with applicable law, or as part of a merger/acquisition with your consent.
- We do not use Gmail data for advertising, and we do not sell it.
- We do not allow humans to read your Gmail data, unless we have your explicit consent for a specific message (e.g. to debug an issue you report), it's needed for security or to comply with law, or the data has been aggregated and anonymised.
- We do not use Gmail data to train generalised or shared AI/ML models. The AI only interprets your messages to produce your ledger; it never trains a model others benefit from.
Legal basis & sharing (GDPR / CCPA)
- Legal basis (GDPR). We process your data to perform the contract you enter when you use SpentOn (reflecting and understanding your spending), on the basis of your explicit consent for reading Gmail, and on our legitimate interest in keeping the service accurate and secure. You can withdraw Gmail consent at any time by disconnecting.
- We do not "sell" or "share" your personal information as those terms are defined under California law (CCPA/CPRA) — including no sharing for targeted advertising. There is nothing to opt out of because we never do it.
- We share data only with the sub-processors below, strictly to run the service for you.
AI processing
To interpret email, relevant text is sent to a large-language-model provider via our AI gateway. We minimise what is sent (triaged, financial-relevant content only) and use providers under zero-retention terms where available. The AI interprets; it never directly moves your money records — deterministic, rules-based code writes the ledger.
Sub-processors
We rely on a small set of vendors to run the service. Each only processes what it needs:
- Supabase — database, authentication, storage (data at rest).
- Railway — the processing worker.
- Vercel — web app hosting.
- OpenRouter (and the underlying model provider) — AI extraction, minimised input, zero-retention where available.
- Upstash — background job queue.
- Google — Gmail access you explicitly grant (and can revoke any time).
How we protect it
- Gmail credentials are encrypted at rest.
- Your data is isolated per user at the database level (row-level security) — one user can never read another's rows.
- Cards are stored as last-4 only; we never see or store full card numbers.
Your control
- Export — download everything we hold as JSON, any time, from Settings.
- Delete — erase your account from Settings. We revoke the Gmail grant at Google and permanently delete your data across every table (it cascades from your account record — nothing is left behind).
- Disconnect — unlink Gmail to stop all future reading while keeping what you've already reviewed.
Retention
We keep your derived financial data for as long as your account is active so your history and the picture we reflect stay accurate. When you delete your account, it is removed promptly and permanently. We are reducing how long raw email bodies are kept after processing — our aim is to retain only the structured result, not the original message.
Your rights
Wherever you live — and specifically under GDPR, CCPA/CPRA, and India's DPDP Act — you have the right to:
- Access & portability — get a copy of your data (Settings → Export, instant JSON).
- Correction — fix any detail (edit it directly in the app).
- Deletion / erasure — remove your account and all data (Settings → Delete).
- Object / restrict / withdraw consent — disconnect Gmail to stop processing, or email us to object to or restrict a specific use.
- Do Not Sell or Share (California) — not applicable, because we never sell or share your personal information.
Children
SpentOn is not intended for anyone under 18, and we do not knowingly collect data from children under 13 (COPPA). If you believe a child has used the service, contact us and we'll delete the data.
Tracking & advertising
We do not show ads, run advertising trackers, or use your data for remarketing or behavioural ad tracking. We use privacy-respecting product analytics (Vercel Analytics, which is cookieless and loads only if you accept on the consent banner) to understand how SpentOn is used and improve it — never for advertising, and never sold or shared. See our Cookie Policy.
Contact & grievances
For any privacy request or complaint, contact our Grievance & Data Protection contact at privacy@spenton.dev. We aim to respond within the timeframes required by applicable law (e.g. promptly, and within the statutory windows under GDPR and the DPDP Act). If you are in the EU/UK, you also have the right to lodge a complaint with your local data-protection authority.
Questions about your data or these terms? Email privacy@spenton.dev.