privacy policy

1. Introduction

Welcome to Pinch ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Pinch (the "App").

Please read this policy carefully. If you disagree with its terms, please discontinue use of the App.

2. Information We Collect

We may collect information in the following ways:

Information you provide directly:

• Account registration details (e.g., name, email address)
• Financial data you manually enter (budgets, spending categories, transactions)
• Preferences and settings you configure within the App

Information collected automatically:

• Device information (device type, operating system version, unique device identifiers)
• Usage data (features used, session duration, crash reports)
• Log data (IP address, access times, app diagnostics)
• Session recordings: approximately 20% of user sessions are recorded using Mixpanel Session Replay. These recordings may capture screen interactions, taps, and navigation flows within the App. Financial data fields are masked and excluded from recordings.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the App and its features
• Personalize your experience and deliver relevant content
• Process transactions and manage your account
• Send you service-related communications (updates, security alerts)
• Analyze usage patterns to improve the App's performance and design
• Detect, prevent, and address technical issues or fraudulent activity
• Comply with legal obligations

4. Sharing of Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

• Service providers: Trusted third-party vendors who assist us in operating the App (e.g., cloud hosting, analytics), bound by confidentiality obligations.
• Legal requirements: When required by law, court order, or governmental authority.
• Business transfers: In connection with a merger, acquisition, or sale of assets, with notice provided to you.
• Protection of rights: To protect the rights, property, or safety of Pinch, our users, or the public.

5. Data Retention

We retain your personal information for as long as necessary to provide you with the App's services and fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by legal obligations.

6. Security

We implement industry-standard technical and organizational security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS) and at rest, access controls, and regular security reviews.

However, no method of electronic storage or transmission over the internet is 100% secure. We cannot guarantee absolute security and encourage you to use strong, unique passwords and keep your device software up to date.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data ("right to be forgotten").
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to certain types of data processing.
• Withdrawal of consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at the email address listed below.

8. Children's Privacy

The App is not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we learn that we have collected such information, we will promptly delete it. If you believe we have inadvertently collected information from a child, please contact us immediately.

9. Third-Party Services and Sub-Processors

The App integrates with the following third-party services that may process your data on our behalf:

• Mixpanel (Analytics & Session Replay): We use Mixpanel to analyze how users interact with the App and to record a sample of sessions (approximately 20% of sessions) via Mixpanel Session Replay. Session recordings may capture taps, navigation flows, and screen content. We configure Mixpanel to mask sensitive financial fields so they are not captured. Data is processed by Mixpanel, Inc. in accordance with their Privacy Policy.
• Groq (AI Infrastructure): The AI-powered features of the App — including the conversational advisor and natural language expense logging — are powered by Groq, Inc. When you interact with the AI advisor, the content of your messages and relevant financial context is transmitted to Groq's API to generate responses. Groq processes this data in accordance with their Privacy Policy. We do not use your data to train third-party AI models.
• Supabase (Backend & Database): Your account data and financial records are stored securely using Supabase, which provides our backend infrastructure and database services.
• RevenueCat (Subscription Management): In-app purchases and subscription status are managed through RevenueCat, which processes transaction metadata to validate and manage your Pro subscription.

The App may also contain links to third-party websites. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy policies of any third-party services you access.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by updating the "Last updated" date at the top of this page and, where appropriate, through an in-app notification.

Continued use of the App after changes become effective constitutes your acceptance of the revised policy.