This Privacy Policy explains how ExpenseTracker ("the App") handles user data. ExpenseTracker is a personal finance tracking app that helps users record, organize, and review ledgers, transactions, categories, accounts, currencies, and notes that they enter into the App.

This policy is intended for App Store submission and for the in-app Privacy & Data section. Before release, this document should be hosted at a publicly accessible URL and that URL should be provided in the Privacy Policy URL field in App Store Connect.

1. Data We Handle

The App may handle the following types of data:

• Financial record data: amounts, currencies, income or expense direction, categories, accounts, ledgers, merchants or notes, transaction dates, creation dates, update dates, and deletion markers.
• User configuration data: base display currency, recently used account, this device's iCloud sync setting, and category, account, and ledger names, icons, colors, and ordering.
• Purchase and entitlement data: App Store product information, purchase status, restore results, and the local entitlement snapshot used to determine whether unlimited records are unlocked.
• iCloud status data: whether this device is signed in to iCloud, whether iCloud is restricted or temporarily unavailable, and whether sync is enabled on this device.
• Exchange rate request data: when exchange rates are requested, the App sends currency codes, quote currency codes, and dates to the Frankfurter exchange rate service.
• Automation input: when users choose to use Siri, Shortcuts, or natural-language transaction entry, the App processes the text or parameters provided by the user and creates a transaction draft for confirmation or editing.
• Technical diagnostic data: local error codes, sync phases, and necessary anonymous counts used to display sync or error status. Diagnostic information should not include full amounts, notes, merchants, account names, or raw financial text.

The App does not require users to create a developer-operated account. The App does not require users to provide their name, email address, phone number, contacts, photos, precise location, health data, or advertising identifier to use the core finance tracking features.

2. How Data Is Stored

The App's core financial data is stored by default on the user's device using local SwiftData storage.

If the user enables iCloud sync in Settings and iCloud is available on the device, the App uses Apple CloudKit private database to sync user data across devices signed in to the same Apple ID. The sync scope includes transactions, ledgers, categories, accounts, and settings that affect the cross-device experience. CloudKit private database is provided by Apple and is associated with the user's Apple ID. The developer does not provide a separate server to centrally store this financial data.

If the user disables iCloud sync, or if the device is not signed in to iCloud, iCloud is restricted, or iCloud is temporarily unavailable, the App remains usable locally and this device will not use iCloud to sync the App's user data.

Exchange rate cache data is rebuildable and stored locally to reduce repeated requests and support statistical currency conversion. StoreKit transaction receipts, debug logs, raw Foundation Models input, and temporary UI state are not synced as ordinary business data.

3. How Data Is Used

The App uses data to:

• Provide transaction entry, ledger management, category management, account management, date filtering, and statistics.