Privacy Policy

Effective date: 2026-04-18 · Publisher: CompilerZ · Contact: outflow@compilerz.net

TL;DR — Outflow has no backend. Your expenses, budgets, receipts, and voice notes are processed on your device and stored locally in an encrypted database. Nothing goes to our servers because we don't run any.

1. Data we collect

None on our servers. Outflow has no backend that stores user data. All expenses, budgets, categories, receipts, and settings you enter are stored locally on your device in an encrypted Room database.

2. Data processed on your device

Expense records, budgets, categories — stored locally only.
Receipt images (Premium OCR) — processed on-device with ML Kit; images are never uploaded. Temporary processing files are deleted immediately.
Voice recordings (Premium) — transcribed on-device; audio is not uploaded or stored.
Biometric data (Premium Vault) — handled by the Android Keystore. The app never sees the biometric itself.

3. Optional features that transmit data

Google Drive backup (optional, off by default) — when you enable it, an encrypted backup of your database is uploaded to your own Google Drive. Only you have access. We do not receive a copy.
Google Play Billing — purchases are handled by Google Play. We receive only a receipt token to verify entitlement; no payment details.
Firebase Crashlytics (crash reports) — anonymous crash stack traces are sent to help us fix bugs. No personal data is included. You can opt out in Settings.

4. Data we never collect

No name, email, phone number, or account creation required.
No bank accounts, card numbers, or login credentials.
No location, contacts, photos (except the one you point the receipt scanner at), microphone (except active voice logging).
No advertising ID. No third-party advertising SDKs.
No analytics of your financial data.

5. Permissions and why we request them

Camera — receipt scanning (only when you open the scanner).
Microphone — voice logging (only when you tap record).
Biometric / Fingerprint — unlock the Secure Vault.
Internet — only used by optional Google Drive backup, Google Play Billing, and crash reporting.
Notifications — recurring expense reminders you set up.

6. Children

Outflow is not directed at children under 13. We do not knowingly collect data from anyone.

7. Your rights

Because your data never leaves your device (except encrypted backups you choose), you already have full control.

Export — Settings → Export to JSON at any time.
Delete — uninstall the app to delete all local data, or use Settings → Clear all data.
Drive backup — delete the Outflow folder in your Google Drive to remove cloud copies.

8. Security

Room database with encryption.
Optional biometric lock for premium features.
Backups to Drive are encrypted client-side before upload.

9. Third-party services

Google Play Billing — Google Privacy Policy
Google Drive (optional) — Google Privacy Policy
Firebase Crashlytics — Firebase Privacy

10. Changes

We will update this policy when features change. The effective date above will be bumped and the change summarized in the app's release notes.

11. Contact

Questions or data requests: outflow@compilerz.net