Privacy Policy

MoneyLens is an expense tracker. Your spending records stay on your device unless you choose an optional service that needs a limited data exchange.

Effective date: July 10, 2026

The short version

  • MoneyLens does not hold funds, move money, or connect to your bank account.
  • Your transactions, budgets, categories, accounts, and subscriptions are stored on your device.
  • SMS parsing uses models on your device. Raw SMS text is not sent to MoneyLens servers.
  • You can optionally use private iCloud sync, read-only Gmail import, and merchant enrichment services.
  • We do not sell your financial data or use your spending records for advertising.

1. Scope and who controls your data

This policy applies to the MoneyLens iOS app, moneylens.app, and support messages you send us. In this policy, “MoneyLens,” “we,” and “us” refer to the provider of the MoneyLens app.

MoneyLens is a notebook for recording and understanding expenses. It is not a bank, neobank, money transmitter, investment adviser, or financial institution. The app does not take custody of money or initiate transactions.

2. What the app stores

Data Where it is stored Why it is used
Transactions, amounts, merchants, dates, categories, notes, accounts, budgets, and subscriptions On your device; also in your private iCloud database if you enable iCloud sync Expense tracking, reports, budgets, and reminders
Imported CSV or PDF content and bank SMS text Processed and stored locally as needed to create and review expense records Importing and parsing transactions
Gmail OAuth tokens and imported receipt or subscription records Tokens are stored in the iOS Keychain; imported records are stored with your app data Optional Gmail receipt and subscription import
App settings, merchant corrections, caches, and local diagnostic summaries On your device Remembering your choices, improving matching, and diagnosing problems

3. On-device SMS and document processing

MoneyLens uses on-device rules and language models to turn bank SMS messages and imported documents into structured expense records. The raw SMS body is not uploaded to a MoneyLens server for parsing.

Merchant enrichment is a separate, optional step. If enabled, it sends only the limited merchant or place information described below. It does not send the full SMS, amount, account number, card number, or balance to Brandfetch or Tavily.

4. Optional services and their payloads

Provider When it is used Data sent
Apple iCloud Only when iCloud sync is enabled Your MoneyLens records are synced through the private database tied to your Apple Account
Google Gmail Only after you connect Gmail OAuth requests and read-only Gmail API queries for receipt-shaped, billing, and subscription messages; MoneyLens cannot modify or send mail
Brandfetch When merchant enrichment is enabled and a lookup is needed A merchant transaction label and two-letter country code
Tavily When merchant enrichment and Tavily lookup are enabled A sanitized merchant name, with optional city and country context
Apple Maps When Apple Maps categories or place-aware shortcuts are enabled A cleaned merchant or place query and search region; purchase coordinates may be used for nearby matching when location is available
Apple StoreKit When you view, buy, restore, or manage a subscription Product, eligibility, purchase, and entitlement information handled by Apple. MoneyLens does not receive your card number
Apple MetricKit When iOS provides performance or diagnostic reports MoneyLens stores a limited summary in local app logs. Logs leave the device only when you choose to export or share them

These providers process data under their own terms and privacy policies. Optional merchant providers can be disabled individually in MoneyLens settings.

5. Gmail access and disconnection

MoneyLens requests only the gmail.readonly scope. The app searches for receipt-shaped messages, subscription notices, renewals, cancellations, trials, and billing issues. It cannot alter, delete, or send email.

Choose Settings > Gmail Import > Disconnect Gmail to stop future access. MoneyLens attempts to revoke the Google token and then clears the local token. Disconnecting does not delete records already imported into MoneyLens; use Clear All Data if you also want those removed.

6. Website and support data

When you visit moneylens.app, Cloudflare processes ordinary web-request data such as your IP address, user agent, requested page, and time of access to deliver and protect the site. The marketing site loads DataFast, Yandex Metrica, and Google Analytics scripts, plus GPT Engineer site tooling. Depending on browser and tracker settings, these services may process IP address, browser and device information, country, page activity, referrer, cookies or similar identifiers, and interaction or session data. Website services do not receive your MoneyLens app database.

If you submit your email address through the marketing site's sign-up form, the site sends it to Supabase to store the mailing-list request. Supabase also serves public site images. You can ask us to remove the submitted email address.

If you email support, we receive your email address and the information you include. Do not send raw bank SMS messages, complete statements, card numbers, passwords, or other data that is not needed to answer your question.

7. Legal bases for EU and EEA users

Where the GDPR applies, we use these legal bases:

8. Retention

9. Delete your data

  1. In MoneyLens, open Settings > Danger Zone > Clear All Data and confirm. This removes the app database, local settings, caches, backups owned by the app, local diagnostic exports, and Gmail credentials, and it disconnects Gmail.
  2. If you used iCloud sync, keep the device online long enough for the deletion to sync. To remove any remaining cloud copy, open Apple system Settings, go to your Apple Account's iCloud storage management, find MoneyLens, and delete its iCloud data. Apple may rename these menu items between iOS versions.
  3. Delete the app to remove the installed app and remaining local container from that device. Deleting the app alone may not remove data already stored in iCloud.
  4. Email support@moneylens.app to request deletion of support correspondence or website analytics data that we can identify.

10. Withdraw consent and change optional access

Withdrawing consent does not make earlier lawful processing unlawful. Turning off an optional service stops future use of that service but may not delete app records already created from it.

11. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing of personal data, and to receive portable data. Most financial records are under your direct control in the app. You can export transactions from MoneyLens and use the deletion steps above.

EU and EEA users may complain to their local data protection authority. Contact us first if you want us to help with a request.

12. Security

MoneyLens uses Apple's device protection, Keychain for Gmail tokens, and private iCloud storage when enabled. No storage or transmission system is risk-free. Protect your device, Apple Account, Google Account, and backups with strong authentication.

13. Children

MoneyLens is not directed to children who cannot legally consent to data processing in their country. A parent or guardian should supervise use by a minor where required by law.

14. Changes to this policy

We may update this policy when the app, providers, or law changes. We will change the effective date and provide additional notice in the app or on the site when a change materially affects your choices.

Contact

Questions, requests, or complaints: support@moneylens.app

You can also open MoneyLens and go to Settings > Help & Support.