Privacy Policy

1. Introduction

This Privacy Policy explains how Jewekle ("Jewekle", "we", "us") collects, processes, and protects personal information when you use the Jewekle mobile application (the "Service") on iOS, Android, or other supported platforms. By using the Service you agree to the practices described here. We treat this policy as a living document — when material changes happen, we tell you about them.

Jewekle is operated as an independent product based in Taiwan.

2. Information we collect

2.1 Account information

When you create an account, we collect your email address and a hashed password. Passwords are hashed by Supabase Auth using bcrypt with per-user salts — we never see or store your plaintext password.

2.2 Receipt and purchase data

Jewekle reads Uniform Invoice (統一發票) data from the e-invoice provider you choose to connect — Taiwan's Ministry of Finance API, ECPay sandbox, ezPay sandbox, or others. The fields we may receive include:

• Invoice number, date, time
• Seller (merchant) name and tax ID
• Total invoice amount
• Line items: product descriptions, SKUs, quantities, prices

You explicitly choose which provider to connect and can disconnect at any time in Profile → System & Privacy → Provider.

2.3 Corrections and preferences

When you correct a category assignment, define a custom category, or set a spending goal, we store that choice. These corrections make your future classifications more accurate.

2.4 Usage and diagnostic data

We collect anonymous usage events to understand which features are useful — for example, when you open an explain sheet or tap a merchant confidence pill. Events carry your Supabase user ID but no invoice contents.

When the app crashes, we collect a stack trace, device model, and OS version. Crash reports do not capture screen contents, invoice data, or merchant names.

2.5 Scope of collection

The app does not request the following at the OS level, so they stay outside Jewekle entirely:

• Real name, phone number, or physical address
• Contacts, photos, calendar, or other apps' data
• Location (foreground or background)
• Advertising identifiers

3. How we process receipt data

Receipt data is the core of what Jewekle does. We process it in two places:

• On your device. Initial classification, category inference, and merchant normalization happen locally. Your device does the work whenever it can, both for speed and for privacy.
• On our backend (Supabase). Your receipts are stored so the app stays in sync across devices and so we can generate cross-period analytics that require historical data. Every database row is protected by Row-Level Security — a Supabase mechanism that mathematically prevents one user from reading another user's data.

4. Analytics & observations

Jewekle generates several kinds of observations from your data: monthly recaps, recurring-payment detection, spending-style descriptions, category trend lines, and merchant patterns. All of these are computed from your transactions and are visible to you alone.

Each observation is traceable — there's a "Why this?" affordance on most insights that opens the exact transactions and rules that produced the observation. You can disagree with any classification, and your correction propagates back through the engine.

5. AI & machine learning

We use AI in three places, all of which run on data you've already provided:

• Line-item classification — when our deterministic classifier can't confidently map a SKU to a category, we may consult an AI model to disambiguate. We send the line description only, never your identity or the rest of the receipt.
• Merchant name normalization — converting cryptic "seller_name" fields into human-readable merchants. Same scope: seller string only.
• Phrasing observations — picking among prepared sentence variants based on the underlying numbers. The AI does not generate new claims; it selects from pre-validated phrasings.

Where Jewekle uses external AI services, those services are configured to not retain our inference requests for training purposes — the scope of AI use stays bounded to the tasks above.

6. Third-party services

We use the following processors. Each has its own privacy policy governing how they handle data on our behalf.

6.1 Supabase (backend & auth)

Stores your account, invoices, categories, and preferences. Row-Level Security enforces that you can only access rows you own. supabase.com/privacy.

6.2 Sentry (crash reporting)

Receives stack traces and device info when the app crashes. Does not receive invoice contents, merchant names, or amounts. Retains reports for 90 days. sentry.io/privacy.

6.3 PostHog (product analytics)

Receives anonymous usage events tagged with your Supabase user ID. Does not receive invoice contents or amounts. Retains events for 12 months. posthog.com/privacy.

6.4 E-invoice providers

Whichever provider you connect (MoF, ECPay, ezPay, etc.) governs its own data per the agreement you accepted when registering with them. We act as a client of their APIs; we don't share data with them beyond what's required to authenticate the API requests.

6.5 Apple / Google

If you install Jewekle from the App Store or Google Play, those platforms may collect their own platform-level data per their respective policies. We don't see or control that data.

7. Data retention

We retain your account and receipt data for as long as your account is active. When you delete your account, we file a deletion request that is processed within 30 days, permanently removing your rows from every Jewekle-owned table. See /data-deletion for the full process.

Crash reports: 90 days (Sentry default). Analytics events: 12 months (PostHog default). Backups may retain anonymized aggregates slightly longer for service-reliability purposes.

8. Your rights

You have the right to:

• Access the data we hold about you
• Correct inaccurate data (most data is editable in-app)
• Delete your account and all associated data, within 30 days
• Export your data in a portable format on request
• Withdraw consent for analytics from Profile → System & Privacy

To exercise any of these rights, use the in-app flows or contact us.

9. Security

We use industry-standard practices: TLS in transit, encryption at rest on Supabase, Apple Keychain / Android Keystore for session tokens on your device, and Row-Level Security to enforce per-user data isolation. Read the full security overview for technical detail.

If you believe your account has been compromised, contact us immediately.

10. Children's privacy

Jewekle is not intended for users under 13 (or 16 in jurisdictions where a higher minimum age applies under applicable data-protection laws). We do not knowingly collect personal information from children.

Because receipts and digital invoice records may occasionally contain purchase activity associated with younger individuals or family households, we take additional care in how receipt-related data is handled, stored, and protected.

If we become aware that a child has provided personal information without appropriate parental or guardian consent, we will take reasonable steps to remove such information and terminate the associated account.

If you are under the age of majority in your jurisdiction, you should only use the Service with the involvement and permission of a parent or legal guardian.

11. Changes to This Policy

We may update this Privacy Policy from time to time in response to evolving legal, regulatory, technical, or business developments. When we make changes, we will take appropriate measures to inform you in a manner consistent with the significance of those changes.

Where required under applicable data protection laws, we will obtain your consent before material changes become effective. Significant updates may also be communicated through the Service or other appropriate channels.

You may review the latest version of this Privacy Policy at any time on this page. The "Last updated" date at the top reflects the most recent revision.

12. Contact

Questions, requests, complaints? Reach us at [email protected] — we'll do our best to respond as soon as we can.