Features Pricing Support ES Download

Privacy Policy

Last updated: May 7, 2026

1. Information we collect

Bolsillos does NOT collect personally identifiable information. Your financial data — accounts, transactions, pockets, goals, receipts, notes — is stored exclusively on your device and never leaves it.

We do send anonymous app usage events to our servers for the sole purpose of understanding which features work, which don't, and where users abandon flows. These events contain no financial data and no information that identifies you — see section 4 for the full detail, including how to disable them.

2. Data storage

Your data is saved locally on your device. On iOS, it is protected with iOS Data Protection (AES-256 encryption tied to the device passcode, managed by the operating system). On Android, we use database-layer encryption provided by SQLite3 Multiple Ciphers (sqlite3mc) with AES-256. In both cases, not even we can access your financial information.

3. Third-party services

Bolsillos uses two external services with limited purposes and without transmitting your financial data:

You can review the privacy policies of RevenueCat and Supabase on their respective websites.

4. Anonymous analytics, no tracking

To improve the app we need to know which parts get used, which don't, and where users abandon flows. For that we send anonymous events to our servers. Here is exactly what we collect:

Anonymous. On first launch we generate a random UUID v4 on your device and hash it with SHA-256. That 64-character hash is the only identifier that reaches our servers. It cannot be reversed to your Apple ID, email, IDFA, IDFV, or any other identifier tied to your identity.

No PII. Events come from a closed whitelist of 39 names defined in the app's source code (e.g. “onboarding_completed”, “first_envelope_created”, “paywall_viewed”, “voice_input_used”). The payload contains only enums, numbers, or booleans. We NEVER send: amounts, payee names, custom categories, notes, receipt text, IPs, or anything that could identify you or reveal your financial situation.

No cross-app tracking. We do not cross-reference these events with any external service. We do not share them with advertisers or data brokers. We do not use them to profile you or to personalize ads — Bolsillos shows no advertising. We do not use cookies, pixels, Google Analytics, Firebase Analytics, or any third-party tracking SDK. This is our own infrastructure on Supabase.

Retention. Events are automatically deleted after 1 year via a scheduled job in the database.

How to disable. You can disable anonymous analytics at any time from Settings → Privacy & data → Usage analytics. When you turn it off we stop sending events immediately. Previously sent events (anonymous, not associable with you) remain in our database until the retention cleanup.

If you have questions about which specific events we send or want us to email you the full list, write to support@bolsillos.app.

5. Backups

If you enable iCloud backups (Pro feature), your data is stored in your personal iCloud Drive account, protected by Apple's security. We have no access to these files. Local backups are stored on your device.

6. Voice and on-device recognition

Bolsillos Pro includes two features that may look like "AI" but run entirely on your device:

Voice input. On iOS, we use Apple Speech Framework with requiresOnDeviceRecognition enabled — audio never leaves your iPhone.

On Android, behavior depends on your device model. Modern devices with on-device speech recognition (Pixel 6 and newer, Galaxy S22 and newer, and equivalent models) process audio locally. On devices without that capability, the Android operating system may temporarily send audio to Google Speech Services for transcription — this behavior is governed by Android, not by Bolsillos. If this concerns you and you're unsure of your device's capability, don't use voice input: any transaction can be entered manually. Bolsillos does not store or send to its servers either the audio or the transcription.

Receipt scanning (OCR). Both on iOS and Android we use Google ML Kit Text Recognition in on-device mode — the Latin text recognition model is embedded in the app bundle and never contacts external servers. The receipt image is processed locally.

In all cases, recognition only transcribes audio or text. You always choose the category of each transaction. We don't use LLMs (language models like GPT, Claude, Gemini) to suggest, categorize, or predict anything. We don't send your transactions or spending patterns to any AI service.

7. How to delete your data

Since all your data lives only on your device, you can delete it at any time in two ways:

  1. From the app: Settings → Privacy & data → “Delete all my data”. This option requires two-step confirmation and then permanently removes all your accounts, pockets, transactions, transfers, receipts, goals, local backups, and configuration.
  2. By uninstalling the app: when you remove Bolsillos App from your device, all local data is permanently deleted. No copies remain on any server because we never upload anything.

If you enabled iCloud backups (Pro feature), those files live in your personal iCloud Drive account, encrypted with a key derived from your personal password via PBKDF2-HMAC-SHA256 (80,000 iterations). You can delete them from Settings → iCloud → Manage storage → Bolsillos on your device.

If you had a Bolsillos Pro subscription managed by Apple through RevenueCat, RevenueCat retains an anonymous identifier associated with your Apple ID for payment compliance reasons. You can email us at support@bolsillos.app to request that we initiate the deletion process for that identifier.

8. Children's data

Bolsillos is not directed at children under 13, and we do not knowingly collect information from minors.

9. Changes to this policy

If we make significant changes, we will update the “last updated” date on this page.

10. Contact

If you have questions about this policy, write to us at support@bolsillos.app.