The short version: core financial records stay on your device. Limited data can leave your device only when you choose Sign in with Apple, manually share a file or email, or when a release has technical crash reporting enabled.
Q1
Do you store my personal financial data on your servers?
No. Your data stays on your phone. IntelliCard does not operate a backend that stores your cards, balances, transactions, budgets, utilization plans, interest estimates, or recommendation history.
Core card management, recommendation, interest tracking, card health, budgeting, reminder, and analytics features run locally on your device.
Q2
What profile or sign-in data can IntelliCard store?
No bank login is needed. Depending on how you use the app, IntelliCard may store locally:
- A guest profile created only on your device
- A local email and password profile
- An optional recovery question and salted, hashed recovery answer
- An Apple user identifier and any name or email returned by Sign in with Apple if you choose that option
This profile information is stored locally on your device, not in an IntelliCard cloud account.
Q3
What financial data is stored locally?
Local app data can include:
- Card nicknames, issuers, credit limits, balances, balance-verified timestamps, statement dates, and due dates
- APR values, interest estimates, and card health status
- Transactions, merchants, categories, budgets, and utilization settings
- Balance-nudge history and reminder preferences
- Planner data, recommendation state, and widget payloads needed by the iOS widget on the same device
Q4
Do you collect full card numbers or CVV codes?
No. IntelliCard is not designed to collect full card numbers, CVV codes, or PINs. No bank login needed โ you enter only the details needed for tracking and recommendations.
Q5
How do receipt scanning and statement import work?
Receipt OCR runs locally on supported iPhone builds using Apple Vision. PDF statement import also extracts and parses data locally on-device using native PDF extraction and parser logic.
- Receipt images are not uploaded to an IntelliCard server
- Statement PDFs are not uploaded to an IntelliCard server
- Extracted text is parsed locally into fields such as statement date, due date, balance, and card identity
Q6
How do balance nudges and reminder notifications work?
IntelliCard can prompt you to verify card balances when they become stale (not updated in several days). It can also schedule a weekly local notification to remind you to keep balances fresh.
- Balance-nudge prompts and weekly reminders run entirely on-device
- Balance-nudge timestamps and notification preferences are stored locally
- No balance data is sent to a server as part of the nudge or reminder flow
Q7
How do interest estimates and card health work?
IntelliCard calculates estimated interest charges, card health status (based on utilization), and payment countdowns using the card data you enter. All calculations run locally on your device. No data is sent to external services for these estimates.
Q8
What are free and premium features?
IntelliCard offers both free and premium tiers. Feature-tier status is determined locally on your device.
- Free: Card recommendations, single-card interest tracking, card health, balance nudges, and balance reminders
- Premium: Multi-card interest tracking, utilization analytics, spending details, budget planner, statement import, and receipt scanning
Q9
When can data leave my device?
Data can leave your device only in limited cases:
- Sign in with Apple โ if you choose that sign-in option, Apple participates in the authentication flow.
- Crash reporting โ if a release has Sentry enabled, technical diagnostics may be sent when the app records an error.
- External links โ opening the hosted privacy policy, terms, or support email uses your browser, mail app, or network connection.
- Manual sharing โ if you export an encrypted backup, share crash diagnostics, or send support feedback, the file or message goes only where you choose to send it.
Q10
How does crash reporting work?
Production releases may enable Sentry for technical crash diagnostics. When enabled, Sentry can receive stack traces, app version, build number, device model, OS version, and limited error context that helps reproduce bugs.
IntelliCard configures Sentry with sendDefaultPii: false and removes direct user fields such as name, email, username, and ip_address from event payloads before sending.
IntelliCard does not intentionally attach your card ledger, balances, transactions, receipt images, or statement files to crash reports.
Q11
What permissions does the app request?
Depending on the features you use, IntelliCard may request:
- Camera โ to scan receipts
- Photo Library โ to pick receipt images
- Face ID / biometrics โ to enable app lock
- Notifications โ to deliver local reminders such as due-date alerts, balance reminders, budget, or daily card-coach alerts
You can revoke these permissions at any time in device settings.
Q12
How do widgets use my data?
If you enable the iOS widget, IntelliCard stores a small recommendation payload in a local App Group shared between the app and widget on the same device.
The widget payload can include:
- Suggested card name and bank
- Safe-to-spend amount
- Available credit amount
- Currency code
- Refresh timestamp
The widget payload does not include:
- Full card numbers, CVV codes, or PINs
- Your full transaction history or uploaded files
- Any transmission to an IntelliCard server
Supported widget fields are marked with iOS privacySensitive() so they can be redacted on the lock screen based on your device settings.
Q13
How is local data protected?
Persisted app state is encrypted before storage using AES-256 with a key held in Expo SecureStore on supported devices.
- Passwords and recovery answers are stored as salted hashes, not plaintext
- The encryption key is held in device secure storage when available
- You can enable biometric app lock for local access control
Q14
What about backups, diagnostics, and support?
Backup exports created from Settings are encrypted with a passphrase you choose before the file is shared or saved.
You are responsible for protecting any exported backup file, your backup passphrase, and any destination you choose in the share sheet.
If you manually share crash diagnostics, the exported file includes device and app version details plus recorded crash logs. If you use the feedback email action, the draft email may include device model, OS version, and app version for support purposes.
Q15
Can I delete my data?
Yes. Settings lets you delete the current local profile or wipe local app data from the device.
- Deleting a local profile removes that profile's cards, transactions, budgets, settings, and recommendation data from the device
- Resetting local app data clears the app's stored state for the installation
- Removing the app also removes local data stored by the app
Files or emails you already shared outside the app are not automatically deleted.
Q16
Do you use ads, trackers, or sell data?
No. IntelliCard does not:
- Include ad SDKs
- Track you across apps or websites for advertising
- Sell personal data
Q17
Do you knowingly process children's data?
IntelliCard is intended for adults managing their own credit cards and budgets. It is not directed to children, and we do not knowingly design the app to collect children's personal data.
Q18
How can I contact you about privacy?
For privacy or data-handling questions, contact: