Privacy Policy

Effective date: July 15, 2026

This Privacy Policy explains how Auraleth Lab, LLC ("Auraleth," "we," "us"), the company that operates SpendSentry (the "Service"), collects, uses, and shares your personal information. SpendSentry is offered only to users in the United States.

Who we are

The Service is provided by Auraleth Lab, LLC, a Delaware limited liability company. For privacy questions or to exercise your rights, contact us at privacy@spendsentry.app or by mail at:

Auraleth Lab, LLC 1111B S Governors Ave, Suite 53365, Dover, DE 19904

Information we collect

Account information. Your email address and authentication details when you create an account.

Billing information. When you subscribe, our payment processor (Stripe) handles your card details. We do not store full card numbers. We receive and store limited billing data such as your Stripe customer ID, plan, and payment status.

Subscription data you provide. The subscriptions you add manually, including provider name, amount, and billing cadence.

Email-scan data (if you connect an email account). With your permission, we connect to Gmail or Outlook using read-only access scoped to find subscription-related messages. We extract structured details (sender, subject, date, amount, and cadence) and do not store the full contents of your emails. The access tokens that let us connect are encrypted.

Statement-scan data (if you upload a statement). When you upload a bank or card statement, we process it to detect subscriptions. The file is stored only transiently in a private, encrypted bucket between upload and processing, then deleted; for PDF statements we send the extracted text to our AI sub-processor to read the transactions. We derive structured details (merchant, amount, cadence) into your subscription list and never store the raw statement file durably — its contents never enter our database.

Usage and device data. How you interact with the Service (screen views, taps, and similar events), and basic device information. The SpendSentry mobile app does not collect advertising identifiers and does not track you across other companies' apps or websites.

Funnel and marketing data. Answers you give in our pre-purchase quiz (anonymous until you purchase), and marketing attribution data such as UTM parameters and ad-platform click identifiers.

How we use your information

How we share your information

We do not sell your personal information for money. We share information with service providers who process it on our behalf, including:

We may also disclose information to comply with law, enforce our Terms, or protect our rights and users.

Business transfers. If Auraleth Lab is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of some or all of its assets, your information may be transferred as part of that transaction. Any successor will be bound by commitments at least as protective as this Privacy Policy, and we will notify you (for example, by email or in the app) of any transaction that changes who is responsible for your information.

Aggregated and de-identified data. We may create aggregated or de-identified information (for example, statistics about average subscription spending) that can no longer reasonably be linked to you. We may use and retain such information for any lawful purpose, including after you delete your account, and we commit to maintaining it in de-identified form and not attempting to re-identify it.

Under U.S. state privacy laws, sharing identifiers with advertising platforms for cross-context behavioral advertising may be considered "sharing." You can opt out — see "Your choices" below.

Google and Microsoft email data — Limited Use

When you connect a Gmail or Outlook account, we access your messages using read-only scopes (Google gmail.readonly; Microsoft Graph Mail.Read) solely to detect the subscriptions you are paying for. Our handling of that data is governed by these additional commitments:

SpendSentry's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Your choices and rights

Depending on your state of residence (for example, California, Colorado, Connecticut, Texas, Virginia, and others), you may have the right to:

To make a request, email privacy@spendsentry.app, or use the "Do Not Sell or Share My Personal Information" control where provided. We will verify your request before acting on it. If we decline to act on your request, you may appeal our decision by replying to our response with the word "Appeal," and we will respond within the period your state's law requires.

Do Not Track and opt-out preference signals. There is no settled industry standard for browser "Do Not Track" signals, and we do not respond to them. Where required by law, we treat recognized opt-out preference signals, such as Global Privacy Control (GPC), as a request to opt out of the "sale" or "sharing" of your information.

Data retention

You can delete your account and data from the app (Settings → Account → Delete account) or by request. See How to delete your account for the full process.

Security

We protect your information with encryption in transit and at rest, encrypted storage of email access tokens, access controls on our databases, and rate limiting on our interfaces. No method of transmission or storage is completely secure, but we work to protect your information.

Third-party links and services

The Service may link to third-party websites and services we do not operate — for example, a subscription provider's cancellation or account page. This Privacy Policy does not cover those services, and we are not responsible for their privacy practices. Review the privacy policy of any third-party service you visit.

Children's privacy

SpendSentry is for adults 18 and older. We do not knowingly collect information from anyone under 18. If we learn we have, we delete it.

Users outside the United States

SpendSentry is intended only for users in the United States. We do not offer the Service to, or knowingly collect information from, individuals in the European Union, the United Kingdom, or other regions outside the U.S. Please do not use the Service if you are located outside the United States.

Changes to this policy

We may update this Privacy Policy. The "Effective date" above reflects the latest version, and we will notify you of material changes (for example, by email or in the app).

Contact us

Auraleth Lab, LLC 1111B S Governors Ave, Suite 53365, Dover, DE 19904 Email: privacy@spendsentry.app