Privacy Policy - Stay Steady

Last updated: 15 May 2026

Stay Steady (“the App”) is developed by Data Consulting Services. This Privacy Policy explains how we handle your information when you use our app.

Our Privacy Commitment

Stay Steady is designed with privacy as a core principle. Your financial data stays on your device by default. The only data that ever leaves your device does so for clearly described reasons — optional sign-in for ML categorization contributions, optional iCloud sync (iOS only), optional anonymous analytics, optional crash reporting, and an optional one-time model download for the on-device AI chat (Android only) — and only to processors that are bound by GDPR-compliant data processing agreements.

Stay Steady is free to use. There is no Pro tier, no subscription, and no in-app purchases.

Information We Do NOT Collect

We do not store your transactions, budgets, or savings goals on our servers
We do not sell, rent, or share your data with advertisers or data brokers
We do not use advertising identifiers (IDFA / IDFV)
We do not track your location
We do not run third-party advertising or marketing SDKs
We do not require a marketing profile, name, or phone number
We do not connect to your bank

Information You Provide

Account (Optional)

You can use Stay Steady fully without an account. If you choose to create one (to contribute anonymous category corrections that improve the on-device ML model), we collect:

An opaque user identifier issued by your platform’s sign-in provider (Sign in with Apple on iOS, Google Sign-In on Android)
Your email when the provider passes it through (you may also use a relay address with Apple)

Authentication is handled by Supabase, our backend provider (see Third-Party Services below). We never see your sign-in password.

Data That Stays on Your Device

Financial Transactions

All imported transactions (from CSV, PDF, OFX, CODA, MT940, receipts, or manual entry) are stored locally on your device. On iOS this uses SwiftData with iOS Data Protection encryption; on Android this uses Room on top of Android’s file-based encryption. Your transactions are encrypted whenever your device is locked.

Savings Goals & Budgets

Your savings goals, budget limits, and financial preferences are stored locally on your device. This data never leaves your device unless you enable iCloud sync (iOS only).

Custom Categories & Learned Rules

Categories you create and category rules the app learns from your corrections are stored locally on your device.

App Settings

Your preferences (theme, notifications, alert thresholds, etc.) are stored locally. On iOS, if iCloud sync is enabled, settings sync via iCloud Key-Value Store.

iCloud Sync (Optional, iOS Only)

How It Works

On iOS, if you enable iCloud sync in Settings:

Transactions, goals, budgets, and custom categories sync to your private iCloud account via Apple’s CloudKit private database
Only you can access this data with your Apple ID
Sync is disabled by default — you must explicitly enable it

The Android app does not sync across devices.

What Syncs (iOS Only)

Financial transactions
Savings goals
Budget configurations
Custom categories and rules
App settings (via Key-Value Store)

Your Control

Enable or disable sync anytime in Settings > Data & Sync
Disabling sync keeps existing local data
iCloud data can be deleted via Apple’s iCloud settings

Anonymous Feedback (Opt-In)

Category Corrections

When you correct a transaction’s category, you may choose to share anonymous feedback to improve our ML categorization model.

Data collected (only with your explicit consent):

Merchant name (e.g., “Colruyt”, “Delhaize”)
Original category (ML prediction)
Your corrected category
Anonymous device identifier (randomly generated hash)
App version and ML model version

Data NOT collected:

Transaction amounts
Transaction dates
Account numbers, IBANs, or balances
Personal information (name, email, location)

How it works:

Feedback requests are HMAC-SHA256 signed for security
Sent via HTTPS to our training pipeline (hosted on Supabase, EU region)
Aggregated across all consenting users
Never sold to third parties

Your control:

Opt-in only — we show a consent dialog first
Revoke consent anytime in Settings > Privacy
Previously sent data cannot be traced back to you

Anonymous Usage Analytics (Optional)

If enabled, Stay Steady sends anonymous, aggregated usage events to Aptabase, an open-source, privacy-focused analytics provider hosted in the European Union.

What we collect (only if you opt in)

App launches, screen / feature opens (e.g. settings, savings goals)
High-level events (transaction added, goal created)
App version, OS version, device model, locale

What we never collect

Transaction amounts, merchants, descriptions
Account numbers or IBANs
IP addresses (Aptabase explicitly does not log them)
Advertising identifiers
Persistent device IDs
Any account or contact information

How it works

Analytics is off by default
A rotating session ID (a fresh UUID) is generated locally each time you use the app and resets after one hour of inactivity
Events are sent over HTTPS to https://eu.aptabase.com — Aptabase’s data processing happens entirely within the EU
You can turn analytics off (or back on) at any time in Settings → Privacy

Crash Reporting (Optional)

To improve stability, Stay Steady may send anonymized crash reports and performance traces to Sentry (EU region).

What is collected

Stack traces and exception details when the app crashes or hits a recoverable error
App version, OS version, device model
Anonymized session replay (UI-only, with text fields and form inputs masked) — limited to error sessions
Performance traces (e.g., screen load times) — sampled

What is NOT collected

Transaction content, merchant names, amounts, IBANs, or balances
Any text you typed into form fields (always masked in session replays)
Any image content (always blocked in session replays)

Your control

Crash reporting can be disabled in Settings → Privacy
Sentry data is hosted in the EU and is bound by a Data Processing Agreement

On-Device AI Chat (Optional, Android Only)

The Android version of Stay Steady includes an optional in-app chat (“Ask Stay Steady”) powered by a Gemma 4 language model that runs entirely on your phone. To distribute the model file (~3.6 GB), Stay Steady authenticates against Hugging Face using an OAuth flow seeded by your Google Sign-In account. Once the model is downloaded, no further contact with Hugging Face occurs.

What Hugging Face receives

The email address from your Google Sign-In account, forwarded by Hugging Face’s OAuth gate so they can verify you accepted their model license — used only for the duration of the download authorization
A standard HTTPS download request when the model file is fetched

What Hugging Face never receives

Your transactions, merchant names, amounts, account numbers, or any other financial data
Any prompt or question you ask the AI chat
Any answer the AI returns
Anything about how you use Stay Steady after the model is downloaded

How it works

The on-device AI chat is off by default and requires an explicit one-time setup in Settings → Ask Stay Steady
During setup, you’re shown a disclaimer describing the download size and that the model stays on your device
The model file is downloaded once over HTTPS and cached on your device — Hugging Face is not contacted afterwards
Every chat request runs locally on your phone using the LiteRT-LM runtime. No prompt, no answer, and no transaction context ever leaves the device
Hugging Face’s own handling of OAuth metadata is governed by their privacy policy

Your control

You can skip the AI chat entirely and use every other feature of Stay Steady — import, categorization, journal, goals, budgets, insights — without ever signing in to Hugging Face
The downloaded model can be removed at any time via Settings → Ask Stay Steady → Delete model
No account is created on our servers — the Hugging Face authentication is purely client-side and we never see the email address that’s exchanged with Hugging Face

Permissions We Request

Camera Access (Optional)

Stay Steady can use the camera to scan receipts. On-device OCR extracts merchant, amount, and date from receipt photos. All processing happens on-device — no images are sent to servers.

Photo Library Access (Optional)

If you prefer, you can select receipt photos from your library instead of taking new photos.

Biometric / PIN App Lock (Optional)

Stay Steady offers optional biometric or PIN app lock. Your biometric data is never accessed by the app — authentication is handled securely by the operating system.

Notifications (Optional)

Stay Steady can send local notifications (budget alerts, weekly check-ins, payday nudges, savings goal milestones). Notifications are scheduled locally and never reveal personal financial details on the lock screen.

Network Access (Optional)

Network access is used for:

Account sign-in (only when you choose to sign in)
iCloud sync (iOS only, if enabled)
Anonymous feedback submission (if consented)
Anonymous usage analytics (if enabled)
Crash reporting (if enabled)
ML model updates (downloaded from our servers)
AI chat model download (Android only, optional)

The app’s core functionality (manual entry, file import, on-device categorization, budgets, goals) works fully offline.

How Your Data Flows

[Bank statement / receipt / manual entry]
                    ↓
            [Local Storage]      ←─ Optional (iOS only) ─→ [Your Private iCloud]
                    ↓
        [On-device ML categorization]

[Sign in with Apple / Google Sign-In] → [Supabase Auth (EU)]

[Optional: anonymous events]      → [Aptabase EU]
[Optional: crash reports]         → [Sentry EU]
[Optional: ML category feedback]  → [Supabase EU]
[Optional (Android): AI chat]     → [Hugging Face OAuth + one-time model download]
                                    then runs entirely on-device

Data Security

On-Device Protection

Database encrypted by the operating system (iOS Data Protection / Android file-based encryption)
Data encrypted whenever your device is locked
Optional biometric/PIN lock for app access
PIN stored as SHA-256 hash in the platform keychain / keystore

iCloud Security (iOS only)

Uses Apple’s private CloudKit database
End-to-end encrypted in transit
Only accessible with your Apple ID

Network Security

All requests use HTTPS (TLS 1.2+)
HMAC-SHA256 signed requests for ML feedback
No personal identifiers transmitted with anonymous data

Data Retention and Deletion

Your Control

Delete individual transactions anytime
Delete all data in Settings
Data is permanently deleted when you delete it
Uninstalling the app removes all local data

iCloud Data (iOS only)

Managed through Apple’s iCloud settings
Disabling iCloud sync in app does not delete iCloud data
Delete iCloud data via Settings > Apple ID > iCloud > Manage Storage

Account Deletion

If you created an account, you can delete it directly from inside the app (Settings → Account → Delete account). Server-side data — auth record and any ML feedback contributions — is removed within minutes. For an alternative path or questions, see the dedicated Account Deletion page or email apps@dataconsultingservices.net. We action requests within 30 days as required under GDPR.

Children’s Privacy

Stay Steady does not knowingly collect any information from children under 13. The app does not require any personal information to function.

Third-Party Services

Stay Steady relies on a small set of carefully chosen processors. All are bound by Data Processing Agreements; none receive your raw transaction data unless explicitly listed here.

Processor	Purpose	Region	Data shared	Privacy Policy
Apple iCloud (iOS only, optional)	Private CloudKit sync of your data	Apple regions	Your transactions, goals, budgets — only if you enable sync	apple.com/legal/privacy
Supabase	Authentication, ML model distribution, edge function for ML feedback submission	EU (Frankfurt)	Platform user identifier, optional email, ML correction events (if you opt in)	supabase.com/privacy
Hugging Face (Android only, optional)	Distribution of the open-source Gemma 4 chat model when you enable in-app AI chat	EU/US	OAuth-authenticated model download. Hugging Face receives the email address from your Google Sign-In during the download authorization only — see the “On-Device AI Chat” section above for the full flow.	huggingface.co/privacy
Sentry (if crash reporting is enabled)	Crash reports and performance traces	EU	Stack traces, app/OS metadata, masked session replays of error sessions	sentry.io/privacy
Aptabase (if analytics is enabled)	Anonymous usage analytics	EU	Anonymous events, app/OS metadata	aptabase.com/legal/privacy

We do not use Google Analytics, Firebase Analytics, Meta SDK, advertising networks, payment processors, bank-sync providers, or any tracking SDK that builds a cross-app or cross-site profile of you.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Updating the “Last Updated” date at the top
Posting the new policy on this page

For material changes (new processors, expanded data collection), we will also surface an in-app notice on next launch.

Your Rights

Under GDPR (EU/EEA residents) and similar laws, you have the right to:

Access: All your in-app data is accessible within the app. For account or ML feedback data held server-side, email us.
Deletion: Delete all in-app data directly within the app. For account/server deletion, use the in-app Delete account action.
Portability: Export your data as CSV or PDF anytime from within the app.
Rectification: Edit any transaction or goal in the app.
Objection: Disable iCloud sync (iOS), analytics, crash reporting, and ML feedback at any time.
Lodge a complaint: With your local data protection authority. In Belgium, this is the Gegevensbeschermingsautoriteit / Autorité de protection des données.

Contact Us

If you have questions about this Privacy Policy or Stay Steady:

Email: apps@dataconsultingservices.net

Website: https://dataconsultingservices.net/apps/staysteady/

Summary

Question	Answer
Do you collect my personal data?	Only what you provide (optional sign-in, optional opt-ins). No tracking SDKs.
Where is my financial data stored?	On your device. Optionally in your private iCloud (iOS only). Never on our servers.
Is my data encrypted?	Yes — OS-level encryption on device, TLS 1.2+ in transit, EU-hosted processors.
Do you sell my data?	No. We do not have it to sell.
Can I delete my data?	Yes, anytime in the app. Account/server data: in-app Delete account.
Do you use analytics?	Only if you opt in (Aptabase, anonymous, EU).
Do you show ads?	No.
Do you connect to my bank?	No.
Do you sell a Pro subscription?	No — Stay Steady is free.

Stay Steady. Stay in control. Your money, your data, your privacy.