Privacy Policy

Sumptus is an expense tracking app operated by Sumptus (sumptus.app). Contact: support@sumptus.app.

Almost nothing. We store an opaque OAuth subject identifier (a random string from Apple or Google). No name, email, phone, address, or device fingerprint. DB-level triggers null out any email or metadata the OAuth provider leaks before the row commits.

Name · Email · Phone number · Ad identifiers (IDFA/GAID) · Contacts · Third-party analytics SDKs · Device fingerprints.

Apple (Sign In) · Google (Sign In) · Supabase (Auth + Postgres DB) · Sentry (crash & error reporting, EU region — Frankfurt; stack traces + opaque user ID only, no PII).

Your expenses, settings, and profile are stored in our Postgres database scoped to your opaque user ID. Row-level security prevents any cross-account access. Only you can read your own data.

You may request export or deletion of your data at any time via Settings → Account. Export is a Premium feature that generates a downloadable report. Deletion cascades all database rows and signs you out. Deletion is soft (account deactivated) — contact us to request a hard delete.

Sumptus is not directed at children under 13. We do not knowingly collect data from children.

We will update this policy as needed. The effective date is shown at the top. Continued use after changes constitutes acceptance.

support@sumptus.app