Privacy Policy
Last updated: May 2026
1. Our approach
Kakei is designed to work without an account, fully offline. All your financial data (transactions, income, expenses, subscriptions, savings) is stored locally on your device. You can optionally enable a cloud backup or sync your data across devices. This page lists exactly what leaves your phone, when, and what you can control.
2. Local storage
By default, all your data is stored locally via AsyncStorage (your device's standard storage system). On iOS, this data is protected by the iPhone's Data Protection encryption while your device is locked with a passcode. On Android, it is protected by the device's encryption.
No data leaves your phone unless you explicitly enable backup or sync.
3. Data transmitted only with your consent
3.1 iCloud backup (iOS) or Google Drive backup (Android)
If you enable backup in Settings, a JSON file containing your data (transactions, subscriptions, income, expenses, savings, settings) is written to your own iCloud Documents (iOS) or Google Drive appDataFolder (Android). The file stays in your personal Apple or Google account. Kakei never accesses it, and no one else can read it.
Transfers use HTTPS. Files are encrypted at rest by Apple or Google according to their own policies.
3.2 Multi-device sync (Supabase)
If you enable Sync in Settings and sign in with Apple or Google, your data is copied to our servers (hosted on Supabase, infrastructure in Europe) so you can use it across multiple devices.
What is transferred and stored on Supabase: transactions, subscriptions, fixed income, fixed expenses, savings, settings, closed-month snapshots, your email address (as provided by Apple or Google, which may be a Hide my email alias), a unique user identifier, and a support ID (KAKEI-XXXX-XXXX).
Access is partitioned per user via Row Level Security: no other user, and no third party, can read your data.
3.3 Welcome email
The first time you enable Sync, a single welcome email is sent to the address provided by Apple or Google. Delivery is routed through Hostinger (Kakei email host). No marketing emails or newsletters are sent afterward.
4. Data collected automatically
4.1 Crash reports (Sentry)
To identify and fix bugs, Kakei sends technical reports to Sentry (Europe-hosted) when an error or crash occurs. These reports contain: the error type, the technical stack trace, the app version, the device model, the operating system, and your Kakei support ID ("KAKEI-XXXX-XXXX", generated locally, with no email or name).
Protections in place:
- Send Default PII is disabled
- Session Replay is triggered only on errors, with all text and images automatically masked
- No name, no email, no password is automatically sent to Sentry
- Your transactions, amounts, and category names are not transmitted
- The support ID is a local UUID. It is used only to match a crash report with a help request you voluntarily send us
You can send feedback or report a bug from Settings, under "About", "Help and links", "Report a problem". The form invites you to leave an email so we can reply: this field is optional. The message you write, and the email if you provide one, are transmitted to Sentry and associated with your support ID.
4.2 Purchase validation (RevenueCat)
To validate the Premium purchase, Kakei uses RevenueCat. This service receives an anonymous device identifier, the purchase status, and your Kakei support ID. No banking data is accessible to Kakei. Payment is processed directly by Apple (App Store) or Google (Play Store).
5. Identifiers and authentication
When you enable Sync, you sign in with Apple or Google. Kakei then receives:
- Your email address (provided by Apple or Google, possibly a Hide my email alias from Apple)
- Your full name (only if you choose to share it)
- A unique stable identifier tied to your Apple or Google account
This information is used solely to identify your sync account. It is not shared with any third party.
6. Your rights (GDPR)
You have the following rights regarding your data:
- Access: you can export all your data as JSON at any time from Settings, Data, Export my data
- Rectification: you can edit or delete each entry directly in the app
- Erasure: you can delete all your data from Settings, Data, Delete my data. If you use Sync, server-side deletion happens at the next sync. You may also email us to request a complete server-side wipe
- Portability: the JSON export covers all your data in an open format
- Withdraw consent: you can disable Sync or backup at any time in Settings
- Lodge a complaint: you may file a complaint with your national data protection authority (in France, the CNIL: cnil.fr)
7. Retention periods
- Local data: kept until manual deletion or app uninstall
- iCloud or Drive backup: kept until you delete it from your Apple or Google account
- Supabase Sync: kept while your account is active. Disabling Sync does not automatically wipe server data, email us to request full deletion
- Sentry reports: 90 days maximum (Sentry's default retention)
- RevenueCat data: for the duration of the purchase
- Welcome email: no detailed log retained after delivery
8. Security
All communications with our services and partners use HTTPS. iCloud and Google Drive backups are encrypted at rest by Apple and Google respectively. Supabase Sync uses Row Level Security to ensure only the authenticated user can access their own data.
9. Third parties used
Kakei relies on the following services, listed here for transparency:
- Apple App Store and Google Play Store: app distribution, purchase handling
- Apple iCloud: personal backup (iOS, optional)
- Google Drive: personal backup (Android, optional)
- Supabase (Europe): multi-device sync (optional)
- Sentry (Europe): anonymized error reports
- RevenueCat: Premium purchase validation
- Hostinger: welcome email delivery
- Apple Sign-In and Google Sign-In: Sync authentication
10. Changes
This policy may evolve to reflect new features or legal requirements. The last updated date is shown at the top of this page. Significant changes will be notified directly inside the app.
11. Contact
For any question, access, rectification, or deletion request, email us at contact@kakei.app. We respond within 30 days at most.