Privacy Policy

1. Introduction

This Privacy Policy explains how Jewekle ("Jewekle", "we", "us") collects, processes, and protects personal information when you use the Jewekle mobile application (the "Service") on iOS, Android, or other supported platforms. By using the Service you agree to the practices described here. We treat this policy as a living document — when material changes happen, we tell you about them.

Jewekle is operated as an independent product based in Taiwan.

2. Information we collect

2.1 Account information

When you create an account, we collect your email address and a hashed password. Passwords are hashed by Supabase Auth using bcrypt with per-user salts — we never see or store your plaintext password.

2.2 Receipt and purchase data

Jewekle reads Uniform Invoice (統一發票) data from the e-invoice provider you choose to connect — Taiwan's Ministry of Finance API, ECPay sandbox, ezPay sandbox, or others. The fields we may receive include:

• Invoice number, date, time
• Seller (merchant) name and tax ID
• Total invoice amount
• Line items: product descriptions, SKUs, quantities, prices

You explicitly choose which provider to connect and can disconnect at any time in Profile → System & Privacy → Provider.

2.3 Corrections and preferences

When you correct a category assignment, define a custom category, or set a spending goal, we store that choice. These corrections make your future classifications more accurate.

2.4 Usage and diagnostic data

We collect anonymous usage events to understand which features are useful — for example, when you open an explain sheet or tap a merchant confidence pill. Events carry your Supabase user ID but no invoice contents.

When the app crashes, we collect a stack trace, device model, and OS version. Crash reports do not capture screen contents, invoice data, or merchant names.

2.5 What we do NOT collect

• Real name, phone number, or physical address
• Contacts, photos, calendar, or other apps' data
• Location (foreground or background)
• Advertising identifiers

3. How we process receipt data

Receipt data is the core of what Jewekle does. We process it in two places:

• On your device. Initial classification, category inference, and merchant normalization happen locally. Your device does the work whenever it can, both for speed and for privacy.
• On our backend (Supabase). Your receipts are stored so the app stays in sync across devices and so we can generate cross-period analytics that require historical data. Every database row is protected by Row-Level Security — a Supabase mechanism that mathematically prevents one user from reading another user's data.

4. Analytics & observations

Jewekle generates several kinds of observations from your data: monthly recaps, recurring-payment detection, spending-style descriptions, category trend lines, and merchant patterns. All of these are computed from your transactions and are visible to you alone.

Each observation is traceable — there's a "Why this?" affordance on most insights that opens the exact transactions and rules that produced the observation. You can disagree with any classification, and your correction propagates back through the engine.

5. AI & machine learning

We use AI in three places, all of which run on data you've already provided:

• Line-item classification — when our deterministic classifier can't confidently map a SKU to a category, we may consult an AI model to disambiguate. We send the line description only, never your identity or the rest of the receipt.
• Merchant name normalization — converting cryptic "seller_name" fields into human-readable merchants. Same scope: seller string only.
• Phrasing observations — picking among prepared sentence variants based on the underlying numbers. The AI does not generate new claims; it selects from pre-validated phrasings.

What we don't use AI for: profiling you for third parties, generating marketing copy aimed at you, making credit/lending decisions, or training external models on your data. AI services we use (where applicable) are configured to not retain our inference requests for training purposes.

6. Third-party services

We use the following processors. Each has its own privacy policy governing how they handle data on our behalf.

6.1 Supabase (backend & auth)

Stores your account, invoices, categories, and preferences. Located in the United States by default. Row-Level Security enforces that you can only access rows you own. supabase.com/privacy.

6.2 Sentry (crash reporting)

Receives stack traces and device info when the app crashes. Does not receive invoice contents, merchant names, or amounts. Retains reports for 90 days. sentry.io/privacy.

6.3 PostHog (product analytics)

Receives anonymous usage events tagged with your Supabase user ID. Does not receive invoice contents or amounts. Retains events for 12 months. posthog.com/privacy.

6.4 E-invoice providers

Whichever provider you connect (MoF, ECPay, ezPay, etc.) governs its own data per the agreement you accepted when registering with them. We act as a client of their APIs; we don't share data with them beyond what's required to authenticate the API requests.

6.5 Apple / Google

If you install Jewekle from the App Store or Google Play, those platforms may collect their own platform-level data per their respective policies. We don't see or control that data.

7. Data retention

We retain your account and receipt data for as long as your account is active. When you delete your account, we file a deletion request that is processed within 30 days, permanently removing your rows from every Jewekle-owned table. See /data-deletion for the full process.

Crash reports: 90 days (Sentry default). Analytics events: 12 months (PostHog default). Backups may retain anonymized aggregates slightly longer for service-reliability purposes.

8. Your rights

You have the right to:

• Access the data we hold about you
• Correct inaccurate data (most data is editable in-app)
• Delete your account and all associated data, within 30 days
• Export your data in a portable format on request
• Withdraw consent for analytics from Profile → System & Privacy

To exercise any of these rights, use the in-app flows or contact us.

9. Security

We use industry-standard practices: TLS in transit, encryption at rest on Supabase, Apple Keychain / Android Keystore for session tokens on your device, and Row-Level Security to enforce per-user data isolation. Read the full security overview for technical detail.

If you believe your account has been compromised, contact us immediately.

10. Children's privacy

Jewekle is not intended for users under 13 (or 16 in jurisdictions where that age applies under data-protection law). We do not knowingly collect data from children. If you believe a child has signed up, email us and we will delete the account.

11. International transfers

Although Jewekle's primary user base is in Taiwan, your data may be transferred to and stored in the United States by our infrastructure providers. By using the Service, you consent to such transfers, which are subject to the data-protection commitments of those providers.

12. Changes to this policy

If we make material changes — adding a new processor, changing what data we collect, expanding how we use AI — we will notify you in-app or by email at least 14 days before the change takes effect. The "Last updated" date at the top of this page always reflects the most recent revision.

13. Contact

Questions, requests, complaints? Reach us at privacy@jewekle.com — we'll do our best to respond as soon as we can.