Download
Download App

Privacy Policy

Last updated: April 26, 2026

Quick summary: We use your information to provide Notyfi, sync your journal entries across devices, and keep your account secure. We do not sell your personal data or use your financial entries for advertising.

1. Who we are

Notyfi is an iOS personal finance journaling app developed and operated by Dotsokay, based in Norway. If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at [email protected].

2. Information we collect

2.1 Account information

When you create an account, we collect:

  • Email address and basic profile information
  • Sign-in method (Apple Sign-In, Google Sign-In, or email one-time code)
  • Third-party identifiers provided by Apple or Google when you use their authentication services

2.2 Journal entries and financial data

We collect and store:

  • The text journal entries you write in Notyfi
  • AI-parsed data extracted from your entries, including amounts, categories, merchants, and dates
  • Manual edits you make to parsed entries
  • Recurring transaction rules you create
  • Imported data from photos you attach

2.3 App settings and preferences

  • Budget plan, spending caps, savings targets, and category guides
  • Currency preference and tracked categories
  • Reminder settings and dictation language preference
  • Other in-app preferences linked to your account

2.4 Device and usage data

  • Device model, operating system version, and unique device identifiers
  • App version and language preference
  • Crash reports, performance metrics, and error logs
  • Approximate location inferred from IP address (not precise GPS coordinates)

2.5 Push notification token

If you enable daily reminders, we store a device push token to deliver notifications to your device. This token is not used for any other purpose.

2.6 Subscription and billing information

  • Subscription status: plan type, trial status, and renewal dates received from the Apple App Store
  • Transaction identifiers: purchase receipts and transaction IDs
  • We do not directly collect or store credit card details. All payment processing is handled by Apple.

3. How we use your information

3.1 Provide and operate the service

  • Parse and categorise your journal entries using AI
  • Sync your entries and settings securely across devices and reinstalls
  • Display insights, budget progress, and spending summaries
  • Manage recurring transaction rules and materialise due entries
  • Manage subscriptions and verify entitlements

3.2 Notifications and communications

  • Send daily reminder notifications (only if you enable them)
  • Respond to support requests and inquiries
  • Send service updates, security alerts, and administrative messages

3.3 Improve the service

  • Analyse crash reports and performance data to fix bugs and improve stability
  • Understand how features are used to guide product decisions

3.4 Safety and security

  • Detect, prevent, and address fraud, abuse, and security incidents
  • Monitor and enforce our Terms of Service
  • Comply with legal obligations and protect legal rights

We do not sell your personal data. We do not use your financial entries for advertising or share them with advertisers.

4. AI processing

Notyfi uses artificial intelligence to parse the text you write in the journal and extract financial information such as amounts, categories, and merchants. This processing happens automatically and returns structured expense entries.

What this means: AI algorithms, not human reviewers, analyse your journal text. The parsing is purely functional — extracting financial data to populate your expense log. We do not use your journal entries to build advertising profiles or share them with third parties.

Voice dictation: If you use the microphone feature, audio is transcribed using Apple's speech recognition framework on-device or via Apple's servers, subject to Apple's privacy policy. We receive the resulting text transcript, not the raw audio.

Photo import: If you import a photo, the image is sent to our AI parsing service to extract transaction data. Images are processed for this purpose only and are not retained after parsing is complete.

5. How we share your information

We do not sell your personal information. We share information only in the following circumstances:

5.1 Service providers

We work with third-party companies that help us operate Notyfi:

  • Supabase — database hosting, authentication, and storage infrastructure. Supabase Privacy Policy.
  • RevenueCat — subscription management and billing integration. RevenueCat Privacy Policy.
  • Firebase Cloud Messaging — used to deliver push notification reminders to your device. Firebase Privacy Policy.
  • Apple and Google — App Store distribution, in-app purchases, and authentication services.
  • Anthropic — AI model provider used to parse journal entries. Data is processed in accordance with Anthropic's data processing terms.

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal requirements

We may disclose information if required by law or in good-faith belief that such action is necessary to comply with legal obligations, protect our rights or property, prevent fraud or security incidents, or protect the safety of users or the public.

5.3 Business transfers

If Notyfi is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

6. International data transfers

Notyfi is based in Norway but uses service providers located in the United States and other countries. When we transfer your information internationally, we implement appropriate safeguards including standard contractual clauses approved by the European Commission and service providers with certified privacy frameworks.

By using Notyfi, you consent to the transfer of your information to countries outside your residence, which may have different data protection laws.

7. Data retention

We retain your information for as long as necessary to provide the service. Specific retention periods include:

  • Account and entry data: Retained while your account is active and for up to 90 days after deletion
  • Transaction records: Retained for 7 years for accounting and tax compliance
  • Support communications: Retained for 3 years
  • Anonymised analytics: May be retained indefinitely in anonymised form

If you delete your account from within the app (Settings → Delete Account), your personal data is permanently removed from our servers after the retention period expires. This action cannot be undone.

8. Your privacy rights and choices

8.1 General rights (all users)

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate information from within the app or by contacting support
  • Deletion: Delete your account and all associated data from Settings → Delete Account
  • Opt-out of notifications: Disable daily reminders at any time from Settings
  • Data portability: Request your data in a structured, machine-readable format

8.2 European Economic Area, UK, and Swiss users (GDPR)

If you are located in the EEA, UK, or Switzerland, you have additional rights under the GDPR including the right to object to processing, restrict processing, withdraw consent, and lodge a complaint with your local data protection authority.

Legal basis for processing: We process your data based on (1) performance of our contract with you, (2) your consent, (3) compliance with legal obligations, and (4) legitimate interests in operating and improving our service.

8.3 California residents (CCPA/CPRA)

California residents have the right to know what personal information we collect and how it is used, request deletion, request correction of inaccurate data, and opt-out of the sale of personal information. Note: we do not sell personal information. To exercise these rights, contact us at [email protected]. We will respond within 45 days.

8.4 How to exercise your rights

  • In-app: Open Settings, then tap Delete Account to remove your account and data
  • Email: Contact [email protected] with your request

We may ask you to verify your identity before fulfilling your request.

9. Security

We implement commercially reasonable safeguards to protect your information, including encryption of data in transit (HTTPS/TLS), encrypted storage via Supabase's infrastructure with row-level security, access controls, and secure development practices. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Data breach notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law. Notification will be provided via email or through a prominent notice in the app within 72 hours of becoming aware of the breach.

11. Children's privacy

Notyfi is not intended for children under 13 years of age (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you via email or a prominent notice in the app at least 30 days before changes take effect. Your continued use of Notyfi after changes become effective constitutes acceptance of the updated policy.

13. Contact

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us at [email protected]. We will respond within 30 days.