Echo Spend Logo
Echo Spend
Home
Effective Date: June 5, 2026

Privacy Policy

Learn how Echo Spend secures your budget data, processes alerts offline, and guarantees complete device ownership over your personal finances.

1. Introduction

Welcome to Echo Spend. We respect your privacy and are committed to protecting it. Echo Spend is designed from the ground up on a “Privacy First” principle. Unlike typical personal finance applications that upload your bank statements and income data to cloud database hubs, Echo Spend runs almost entirely offline, utilizing local computing capabilities to keep your sensitive financial profiles private and under your direct physical control.

This Privacy Policy outlines the specific permissions our mobile application requests, what data is processed, how we process it, and the control mechanisms you retain over your information. By installing and using Echo Spend, you consent to the operations described in this policy.

2. Data Collection & Use

Echo Spend acts as a manager and organizer for your transaction logs. Below is a comprehensive breakdown of the types of data collected and processed locally by the app:

Transaction & Budget Entries

All bank accounts, cash balances, credit card limits, transactions (amounts, categories, merchants, notes), subscription schedules, goals, and budgets you register in the app are stored exclusively on your device in a private SQLite database. The developers of Echo Spend do not collect, view, or store this data on any server.

Biometric Authentication

If you enable app protection via biometrics (Fingerprint or Face ID), authentication is handled natively by your device's operating system. Echo Spend never accesses, collects, or stores your biometric credentials.

Camera & Photos

If you choose to attach receipt images to your transactions, the app requests camera and photo library access. Receipts captured are saved locally in the app's sandboxed directory and are not shared with any external parties.

3. Local SMS & AI Processing

Echo Spend features a smart notification reader that scans incoming transaction alerts to build draft records, removing the friction of manual bookkeeping. To provide this utility, the app requests the READ_SMS permission on Android.

Zero-Cloud AI Architecture 100% Private SMS Parsing

Unlike financial apps that upload your text alerts to external web servers, Echo Spend performs SMS classification and information extraction entirely on your physical device. We do not transmit your SMS text strings, phone numbers, or account details to our servers.

  • Local AI Model: The app utilizes a local, on-device Large Language Model (Llama 3.2 1B Instruct via the llama.rnlibrary) compiled to run locally. Once you download the model file within the app settings, all text parsing runs directly in your device's RAM and CPU/DSP.
  • Local Heuristics: If you choose not to download the local AI model, or if the model file is not initialized, the app falls back onto a strict on-device pattern-matching regex script to parse SMS content locally.
  • AI Insights: The app generates weekly averages, category warnings, and savings suggestions. This engine operates purely on deterministic local math heuristics without external API requests.

4. Google Drive Backup

To prevent data loss in the event of device failure or migration, Echo Spend provides an optional cloud backup feature. This feature requires Google Sign-In authentication.

Strict Sandbox Isolation: The app requests permission to connect to your Google Drive via the restricted appDataFolder scope. This means:

  • Your database backup is uploaded to a hidden, application-specific directory inside your personal Google Drive storage.
  • Echo Spend has zero access to your standard Google Drive folders, files, photos, or documents.
  • Other apps, users, and the developers of Echo Spend cannot view or read the database file stored in this hidden folder.
  • All data sync occurs directly between the Echo Spend app on your device and Google's secure APIs. No intermediate developer-hosted servers are utilized.

5. Third-Party Disclosures & Tracking

We believe that personal financial tracking must be free of surveillance. To guarantee this, Echo Spend implements the following policies:

  • No Advertising: The app contains no third-party advertisements or trackers.
  • No Analytics SDKs: We do not integrate telemetry software, analytics hooks (such as Google Analytics or Firebase Analytics), or user behavior trackers. We do not monitor how you click, scroll, or budget.
  • No Crash Reporting Telemetry: We do not automatically send stack traces, system logs, or device info to external servers.
  • No Data Brokering: We do not sell, trade, or share your financial data, SMS records, or Google account details with data brokers, advertisers, or insurance firms.

6. Data Security

Your local database file is protected by the default sandboxing protections of the Android and iOS operating systems, preventing unauthorized applications on your device from accessing Echo Spend's folders. Sensitive keys, such as OAuth tokens and local security configurations, are stored in the device's secure keychain or hardware-backed store via expo-secure-store.

While we implement native operating system isolation, the absolute security of your offline database depends on you securing your physical device. We strongly recommend setting up device passwords, biometric locks, and enabling remote erase features in case of theft.

7. Your Rights & Control

Because your data is strictly yours and remains local, you possess absolute authority over it:

  • Data Portability: You can export your entire transaction list at any time into a standard Comma-Separated Values (CSV) file directly from the Settings screen.
  • Data Deletion:You can purge all transaction drafts, accounts, and budgets from your phone by clicking “Clear All Data” in the Settings menu, or by performing a standard “Clear Storage” inside Android/iOS Settings.
  • Cloud Backup Management:You can delete your Google Drive backup database file directly by resetting the backup settings in the app or removing Echo Spend's authorization from your Google Account settings page.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our app's capabilities, SDK integrations, or legal compliance. Any changes will be posted on this page with an updated “Effective Date”. We encourage you to review this policy periodically to stay informed about how we safeguard your financial privacy.

9. Contact Us

If you have any questions, security concerns, or feedback regarding our privacy practices, please contact us at:

Email: info@adkdev.in