← Back

Wallit — Privacy Policy

Last updated: April 23, 2026

This Privacy Policy explains how the mobile application Wallit ("the App") handles your information. The App is developed by Patrik (independent developer based in Italy).

1. Who we are

2. Core principle: nothing leaves your phone

The App does not collect, transmit, or store any personal data on our servers.

All your expense data — amounts, currencies, dates, merchants, notes, categories, tags, trips — is stored exclusively on your device using a local database (Isar) and Android SharedPreferences.

Receipt photos you take or import are stored as files on your device's private storage and never uploaded.

OCR (text extraction from receipts) runs entirely on-device using Google ML Kit. The image content is processed locally and never sent to any server.

3. What goes over the network

Two things require an internet connection:

3.1 Currency exchange rates

When you record an expense in a currency different from your main currency, the App fetches the historical exchange rate for that day from frankfurter.dev (a free public service backed by European Central Bank data). Only the date and currency codes (e.g. GBP→EUR) are sent. No personal information, no expense amount, no device identifier.

3.2 Advertising

The App displays ads through Google AdMob. AdMob may collect:

3.3 GDPR / ePrivacy consent

For users in the EU, EEA, UK, and Switzerland, a consent dialog appears on first launch (Google User Messaging Platform). You can accept personalized ads or choose non-personalized ads. You can change your choice anytime in Settings → Privacy options.

3.4 Rewarded "Remove ads for today"

Tapping "Remove ads for today" plays a short rewarded video. On completion, ads are hidden until local midnight. This preference is stored locally only.

4. Permissions requested

PermissionWhy
INTERNETFetch FX rates and load ads
ACCESS_NETWORK_STATEDetect connectivity for ads/FX retry
CAMERATake photos of receipts (only when you tap the camera button)
READ_EXTERNAL_STORAGE (Android 12 and earlier only)Pick existing receipt photos. On Android 13+ we use the system Photo Picker instead — no permission needed.

The App never accesses your location, contacts, calendar, microphone, or other personal data.

5. Sharing your data (export & share)

When you export an expense report (PDF, Excel, ZIP) and tap Share or Send via email, the file is generated locally on your device and handed to the destination app you choose (Gmail, Drive, etc.). The Wallit developer does not receive a copy.

6. Children

The App is not directed at children under 13. AdMob is configured to comply with COPPA where applicable.

7. Data security

Because we don't collect personal data on our servers, there is no breach risk on our side. The data on your device is protected by Android's built-in security (app sandboxing, file encryption when device-encryption is enabled).

8. Your rights (GDPR)

Since we don't process personal data on our servers, GDPR data subject rights (access, rectification, erasure, portability) do not apply to us. You can:

9. Third-party policies

10. Changes to this policy

This policy may be updated over time. Material changes will be communicated through an in-app notice or app store update notes.

11. Contact

Privacy questions: patrik.appdeveloper@gmail.com