Privacy Policy
Table of Contents
Direct summary: Controla Gastos AI only collects the data necessary for the app to work — your account, your financial transactions, and, if you use the camera, the receipt image. We never sell your data. We never use it for advertising. You can delete everything at any time.
1 Who we are
Controla Gastos AI is developed and operated by Zion Systems, responsible for the processing of personal data in accordance with this Privacy Policy and Brazil's General Data Protection Law (LGPD — Law No. 13.709/2018).
App identifier: com.controlagastosai.app
Platform: iOS (iPhone)
Responsible: Zion Systems
Contact:privacidade@controlagastos.app
2 What data we collect
2.1 Account data
- Email address — provided by you when creating an account or signing in with Google/Apple.
- Display name (optional) — if you complete your profile.
- User identifier — automatically generated to link your data to your account.
2.2 Financial data
- Transactions — description, amount, date, category, and type (expense or income) of each entry you add manually.
- Category budgets — monthly limits set by you.
- Calculated balance — derived from your transactions, never connected to actual bank accounts.
The app does not access, request, or store bank account data, credit cards, or financial passwords.
2.3 Receipt images (optional)
If you use the "Scan receipt with AI" feature, the receipt photo is temporarily sent for text processing (OCR) via AI. The image is not permanently stored after data extraction.
2.4 In-app purchase data
When you purchase the Controla Gastos AI Premium plan, payment data is processed by the Apple App Store. We only receive subscription status confirmation via RevenueCat — no card or payment data is transmitted to the app.
2.5 Usage and diagnostic data
- Anonymous error and crash logs (no personal identification).
- App version and operating system.
| Type of data | Collected? | Linked to you? | Purpose |
|---|---|---|---|
| Yes | Yes | Authentication | |
| Financial transactions | Yes | Yes | App functionality |
| Receipt image | Temporary | No | Text recognition (AI) |
| Subscription status | Yes | Yes | Premium access control |
| Bank/card data | No | No | — |
| Location | No | No | — |
| Contacts / microphone | No | No | — |
| Advertising identifiers | No | No | — |
3 How we use your data
Your data is used exclusively to:
- Create and authenticate your account securely.
- Sync your transactions between devices (if signed in).
- Generate personalized reports, charts, and financial insights.
- Auto-fill transaction fields from receipt photos (AI).
- Verify and maintain your Premium plan status.
- Send budget alert notifications (only if you authorize).
- Fix errors and improve app stability.
We do not use your data for advertising, behavioral profiling, or any purpose beyond those listed above.
4 Sharing with third parties
We work with the following technical partners to operate the app:
SUPABASE
Function: Secure database and authentication.
Data shared: Email, user identifier, financial transactions.
Server: Cloud infrastructure (AWS).
Policy: supabase.com/privacy
REVENUECAT
Function: Subscription and in-app purchase management.
Data shared: User identifier, subscription status, purchase identifier (Apple).
Policy: revenuecat.com/privacy
APPLE APP STORE
Function: App distribution and payment processing.
Data shared: Purchase data managed directly by Apple.
Policy: apple.com/legal/privacy
AI SERVICE (RECEIPT OCR)
Function: Text recognition in receipt images.
Data shared: Receipt image (temporarily transmitted, not stored).
Processing is anonymous; the image is not associated with your identity.
We do not sell, rent, or share your data with any company other than those listed above.
5 Storage and security
- All data in transit is protected by TLS/HTTPS.
- Data at rest is encrypted in the database (Supabase).
- Database access is restricted by Row Level Security rules, ensuring each user accesses only their own data.
- Passwords are never stored — authentication uses secure tokens managed by Supabase Auth.
- Receipt images are transmitted via encrypted channel and discarded after processing.
We adopt industry best practices, but no system is 100% infallible. In the event of a security incident affecting your data, you will be notified as required by LGPD.
6 Your rights (LGPD)
Under Brazil's General Data Protection Law (Law No. 13.709/2018), you have the following rights:
- Access — request a copy of the data we store about you.
- Correction — correct incomplete, inaccurate, or outdated data.
- Deletion — delete your personal data and close your account.
- Portability — export your data in a machine-readable format.
- Consent withdrawal — withdraw your consent at any time.
- Objection — object to processing carried out without consent.
- Information about sharing — know with whom your data was shared.
Contact: privacidade@controlagastos.app
We will respond within 15 business days.
7 Data retention
- Account and transaction data: maintained while your account is active.
- After account deletion: all personal data is removed within 30 days.
- Receipt images: discarded immediately after processing.
- Diagnostic logs: retained for up to 90 days anonymously.
8 Minors
Controla Gastos AI is intended for users aged 18 and over. We do not intentionally collect data from minors. If you believe a child has provided data to the app, please contact us so we can remove the information immediately.
9 Changes to this policy
We may update this Privacy Policy periodically. When this happens:
- The "last updated" date at the top of this page will be revised.
- Material changes will be communicated via in-app notification or email.
Continued use of the app after notification implies acceptance of the revised policy.
10 Contact
For questions, requests, or complaints related to privacy:
Responsible: Zion Systems
Email:privacidade@controlagastos.app
Terms of Use: View Terms of Use
National authority: You may also contact the ANPD (National Data Protection Authority) in case of violation of your rights.