ChamLensChamLens

Privacy Policy

Last updated: May 13, 2026

ChamLens ("we", "our", or "the app") is a mobile expense tracking application developed by RENERPDEV. This Privacy Policy explains how we collect, use, and protect your information when you use ChamLens.

Summary

ChamLens is a local-first app with optional cloud sync. When you use the app anonymously or with local-only mode enabled, your data stays on your device. When you sign in (and local-only mode is off), your expenses, line items, categories, exchange rates, and — optionally — receipt images are synchronized to our servers so you can access them across devices. Each user's data is isolated by Row Level Security: no one but you can read it. We do not sell your data and we do not use third-party analytics.

Information We Collect

Account Information

When you create an account, we collect:

  • Name — from your Apple or Google account, or as entered during sign-up
  • Email address — used for authentication
  • Avatar image URL — from your Apple or Google account (if provided)

This information is stored on our authentication provider (Supabase) and used to personalize your experience.

Profile Preferences

We store the following preferences on our server so they persist across device changes:

  • Display name
  • Preferred currency
  • Language preference

Device Information

When you enable push notifications, we collect:

  • Push notification token — a unique identifier for delivering notifications to your device
  • Device platform — iOS or Android

Merchant Data

When you scan a QR invoice, merchant information (business name, tax ID, category) may be shared with our server to help other users automatically recognize the same merchant. This data is not linked to your personal identity.

AI Credits and Usage

When you use cloud-based AI features (such as smart insights), we store:

  • Credit balance — your current and lifetime credit count
  • Renewal and expiration schedule — the dates of your next credit renewal and next credit expiration, if applicable
  • Transaction history — a ledger of credit grants, renewals, consumptions, and expirations, including timestamps and feature used
  • Expense summaries sent to AI — when you request smart insights, a summary of your expenses (category names, merchant names, amounts, currencies, and dates) is sent to a third-party AI provider for processing. This data is not stored by us beyond the request and is subject to the AI provider's data handling policies.

Cloud Sync

When you are signed in and local-only mode is off, the app syncs the following data to our servers (Supabase) so it remains available across your devices:

  • Expense records (amounts, merchants, dates, categories, notes)
  • Line items (per-expense item details)
  • Categories (default and custom)
  • Currencies and exchange rates configured in the app
  • Chat history with the AI assistant
  • Receipt images — only when the "Sync receipt images" toggle is enabled in Settings → Storage

Sync is implemented as a write-through queue: every change is saved to the local database first, then pushed to the server in the background. Soft-deleted records ("tombstones") are propagated so deletions made on one device are reflected on the others.

What never syncs

The following data never leaves your device:

  • Authentication tokens (stored in iOS Keychain / Android Keystore)
  • Push notification preferences and reminder schedules
  • Cached AI usage state (credit balance is read from the server but not cached beyond the current session)

Anonymous mode and local-only mode

You have two ways to keep all expense data on your device:

  1. Anonymous mode — use the app without signing in. Nothing besides anonymous merchant lookups leaves the device.
  2. Local-only mode — in Settings → Storage, toggle "Local-only mode" on. The app pauses every upload and download even while you're signed in.

When you sign in for the first time, the app offers to back up your existing local data to the cloud (a one-time backfill). You can decline.

AI features and summaries

When you use AI-powered features (smart scanning, insights, chat assistant), summaries of your expense data (category names, merchant names, amounts, dates) or OCR-extracted text are sent to a third-party AI provider for processing. This data is used only to complete the request and is not retained by us beyond standard prompt logging used for billing and abuse prevention. See AI Credits and Usage and Third-Party Services.

Data we cannot recover

We can read your synced data only when needed for support or troubleshooting, and only after your request. If you use the app fully offline (anonymous mode or local-only mode), we cannot access, read, or recover your locally stored data. If you uninstall the app or clear its data while in those modes, that information is permanently lost.

How We Use Your Information

We use the information we collect to:

  • Authenticate your account and maintain your session
  • Display your name and avatar in the app
  • Deliver push notifications (if enabled)
  • Synchronize your expenses, line items, categories, exchange rates, chat history and — optionally — receipt images across your devices
  • Share merchant reference data across users for automatic QR recognition
  • Persist your preferences across device changes

We do not use your information to:

  • Display advertisements
  • Build user profiles for marketing
  • Track your behavior or usage patterns
  • Sell or share your data with third parties for commercial purposes

Third-Party Services

ChamLens uses the following third-party services:

ServicePurposeData Shared
SupabaseAuthentication, profile, multi-device sync (expenses, line items, categories, exchange rates, chat history, optional receipt images), merchant syncName, email, avatar, push token, expense/category/receipt data, chat messages, merchant data
Apple Sign-InAccount authenticationName, email (as authorized by you)
Google Sign-InAccount authenticationName, email, avatar (as authorized by you)
Expo Push NotificationsDelivering push notificationsDevice push token
OpenAIAI-powered smart insightsExpense summaries (categories, merchants, amounts, dates)
AnthropicAI-powered smart insights (fallback)Expense summaries (categories, merchants, amounts, dates)
Google GeminiAI-powered smart insights (fallback)Expense summaries (categories, merchants, amounts, dates)

Each of these services has its own privacy policy. We encourage you to review them:

Analytics and Tracking

ChamLens does not use any analytics, crash reporting, or tracking services. We do not collect usage data, session information, or behavioral metrics.

Data Security

  • All communication with our servers uses HTTPS/TLS encryption
  • Authentication tokens are stored in your device's secure storage (iOS Keychain / Android Keystore)
  • Server-side data is protected by Row Level Security — every table enforces that each user can only read and write their own rows
  • Receipt images, when sync is enabled, are stored in a per-user folder in Supabase Storage with restrictive access policies
  • Local data is stored in an SQLite database on your device

Your Rights and Choices

You can:

  • Export your data — export all expenses as a CSV file from Settings → Storage → Export CSV
  • Pause sync — enable Local-only mode from Settings → Storage to stop all uploads and downloads
  • Disable receipt image sync — toggle "Sync receipt images" off from Settings → Storage
  • Delete your local data — permanently delete all expenses, receipts, and line items from Settings → Storage → Clear All Data. While signed in with sync enabled, deletions propagate to the cloud as tombstones.
  • Disable notifications — turn off daily reminders from Settings → Reminders
  • Sign out — clear the signed-in session and return to anonymous mode. Local data is kept by default.
  • Delete your account — request account deletion from Settings → Profile → Delete Account, or contact hello@renerp.dev. Account deletion runs on a 24-hour grace period: during that window you can sign in again to cancel the deletion. After the grace period, all server-side data tied to your account is permanently erased by an automated cleanup job.

Data Retention

  • Account data (name, email, avatar) is retained as long as your account exists
  • Synced data (expenses, categories, line items, exchange rates, chat history, receipt images when enabled) is retained while your account is active. Soft-deleted rows ("tombstones") are kept for a short period to propagate deletions across devices, then purged by a scheduled job.
  • Push tokens are updated on each app launch and removed when you sign out
  • Local data is retained on your device until you delete it or uninstall the app
  • Merchant data is retained indefinitely to benefit all users
  • Deleted accounts enter a 24-hour grace period during which the account can be restored by signing in again. After 24 hours, the account and its data are permanently deleted.

Children's Privacy

ChamLens is not intended for use by children under the age of 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal information, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. Your continued use of the app after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

Email: hello@renerp.dev