Legal

Privacy Policy

Last updated: January 1, 2025 · Effective date: January 1, 2025 · Version 1.0

Subsaver is a subscription tracking app that connects to your bank via Plaid to detect recurring charges. Subsaver does not require you to create an account or provide a username and password. This policy explains exactly what data we collect, how we use it, and what rights you have over it.

1. Who We Are

"Subsaver", "we", "our", "us" refers to the team that operates the Subsaver mobile application. Our service helps you identify and manage recurring subscription charges by reading your bank transaction data through Plaid, a regulated third-party financial data platform.

Contact: Spark_Connect@outlook.com

2. No Account Required — What This Means for Your Data

Subsaver operates without a user account system. This means:

We do not collect your name, username, or password for a Subsaver account.
Your bank connection (Plaid access token) is stored locally on your device, not on our servers tied to a user profile.
The subscription data we detect is stored locally on your device and, where applicable, in our backend associated only with an anonymous device identifier — never linked to your name or email.
To remove all your data, simply disconnect your bank within the app and clear the app's local data — no account deletion request required.

Because there is no account, if you delete the Subsaver app without first disconnecting your bank, your Plaid access token will be removed from your device but the underlying Plaid Item may remain active. We recommend disconnecting your bank in-app before uninstalling. You can also manage all Plaid connections at my.plaid.com.

3. Information We Collect

3.1 Financial Data — Accessed Through Plaid

When you connect a bank account, Subsaver receives the following data from Plaid's API on your behalf. This is the complete list:

Data Type	Accessed?	Why	Where Stored
Transaction records Merchant name, amount, date, category	✓ Yes	Core function: identify recurring subscription charges	Subscription metadata stored locally on device only
Account display name & type e.g. "Chase Checking"	✓ Yes	Show which account each subscription is billed to	Locally on device
Account balance	✓ Yes	Show upcoming subscription cost in context of available balance	Not persisted — fetched on demand only
Bank login credentials	✗ Never	You authenticate on Plaid's screen — credentials never reach Subsaver	Never
Full account / routing numbers	✗ Never	Not needed for subscription detection	Never
Investment, loan, or mortgage data	✗ Never	Outside scope of subscription management	Never
SSN, government ID, personal identity	✗ Never	Not required for our service	Never
Data sold to third parties	✗ Never	Your financial data is yours. We do not sell, share, or monetize it.	—

By linking a bank account, you also agree to Plaid's End User Privacy Policy. You can review and revoke all Plaid-connected apps at my.plaid.com.

3.2 Device & App Usage Data

Anonymous device identifier: A randomly generated ID used to associate your locally stored subscription data with our backend. This ID is not linked to any personal identity.
App usage analytics: Features used, screen views, session duration — collected in aggregated, anonymized form only.
Crash reports and error logs: Technical data about app failures, used solely for debugging.
Device type and OS version: Used for compatibility and support purposes.

We do not collect your name, email address, phone number, or any other personally identifying information through the app itself (unless you voluntarily contact us).

3.3 Waitlist & Support Communications

Waitlist: If you joined our pre-launch waitlist, we have your email address, used only to notify you about the Subsaver launch. You can unsubscribe at any time.
Support inquiries: If you email us, we retain your email and the content of your message to resolve your issue.

4. How We Use Your Information

Subscription detection: Analyze transaction data to identify and categorize recurring charges.
Renewal alerts: Send push notifications before upcoming subscription renewals.
Price change detection: Identify when a recurring charge amount changes and alert you.
Spend summaries: Generate breakdowns of your recurring subscription costs.
App stability & improvement: Use crash reports and anonymous usage data to fix bugs and improve features.

We do not use your financial data for advertising, profiling, credit scoring, or any purpose unrelated to providing you with the Subsaver service.

5. Plaid — Third-Party Financial Data Access

Subsaver uses Plaid, Inc. to connect to your bank accounts. When you tap "Connect Bank", you are presented with Plaid Link — Plaid's own secure interface. Your bank credentials are entered directly on Plaid's interface and are never transmitted to or stored by Subsaver.

Plaid exchanges your credentials for a secure access token, which is stored locally on your device. Subsaver uses this token to request only the transaction data described in Section 3.1 above.

In accordance with Plaid's requirements, by using Subsaver you grant Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your financial institution according to Plaid's End User Privacy Policy.

6. Data Sharing

We do not sell, rent, or trade your data. We share data only in the following limited circumstances:

Plaid: To retrieve your transaction data as described above, under Plaid's own privacy policy.
Cloud infrastructure providers: Backend hosting services process data on our behalf under strict data processing agreements and may not use your data for any other purpose.
Analytics providers: Only aggregated, anonymized, non-financial usage statistics.
Legal requirements: If required by law, court order, or to prevent fraud or security threats.
Business transfer: In the event of an acquisition or merger, we will notify you before any transfer of personal data occurs.

7. Data Storage, Retention & Security

Most of your data — including the Plaid access token and detected subscription details — is stored locally on your device. For any data that passes through our backend, we implement:

AES-256 encryption for data at rest
TLS 1.2+ encryption for all data in transit
Access controls limiting data access to authorized personnel only
Regular security monitoring and vulnerability management

We retain backend data (anonymous device identifier and subscription metadata) only as long as you are actively using the app. If the app has not been used for 12 months, we will purge associated backend data. Data you delete in-app is removed immediately.

8. Your Rights & Controls

Disconnect bank account: Tap Settings → Connected Accounts → Disconnect. This immediately revokes the Plaid access token and stops all data collection.
Manage via Plaid Portal: Review and revoke all Plaid-connected apps at my.plaid.com.
Clear all local data: Use Settings → Clear All Data, or uninstall the app after disconnecting your bank.
Request backend data deletion: Email Spark_Connect@outlook.com to request permanent deletion of backend data associated with your anonymous device ID. We will complete this within 30 days.
Opt out of analytics: Toggle off analytics in Settings → Privacy.
Waitlist unsubscribe: Use the unsubscribe link in any email we send.

9. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

The right to know what personal information we collect, use, and disclose
The right to request deletion of your personal information
The right to opt out of the sale of personal information — we do not sell personal information
The right to non-discrimination for exercising your CCPA rights

To exercise any of these rights, email Spark_Connect@outlook.com. Because Subsaver does not maintain user accounts, please include your anonymous device identifier (found in Settings → About) so we can locate your data.

10. Children's Privacy

Subsaver is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided financial data through the app, please contact us at Spark_Connect@outlook.com and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy. We will notify you of material changes via in-app notification or, if you are on our waitlist, by email, at least 30 days before changes take effect. Continued use of the app after the effective date constitutes acceptance.

12. Contact

Privacy inquiries & data requests

For all privacy questions, data requests, or concerns about this policy:

📧 Spark_Connect@outlook.com

We respond to all privacy requests within 30 days.