Legal

Privacy Policy

Effective Date: May 1, 2026 · Last Updated: May 1, 2026

Welcome to rilio. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the rilio mobile application and any related services (collectively, the “Service”). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

1. Introduction

For any privacy-related questions, requests, or concerns, contact us at .

2. Information We Collect

2.1 Information You Provide Directly

Account Information

Full name (optional)
Email address
Profile picture (optional)
Authentication credentials (managed securely via Convex Auth; passwords are never stored in plaintext)

Financial Data

Transaction records: amount, merchant/payee name, transaction type (debit/credit), date, category, notes
Payment method details: payment method name, type (credit card, debit card, bank account, cash, or digital wallet), last 4 digits of card or account number, bank name
Monthly budget limits per spending category

Preferences & Onboarding

Financial goals and pain points you share during onboarding
Currency preference (chosen from 45+ supported currencies)
Feature preferences: AI features toggle, clipboard detection toggle, notification preferences, privacy level (strict/balanced), auto-categorisation settings

Voice Input

Audio recordings when you use the voice transaction logging feature. Audio is transmitted to our transcription service for processing and is not stored after transcription is complete.

2.2 Information Collected Automatically

Usage & Analytics Data

App interactions (screens viewed, buttons tapped, features used)
Onboarding and authentication events
Transaction logging events (add, edit, delete)
Subscription and paywall interaction events
Error and crash reports
Session timing data

Device & Technical Information

Platform (iOS or Android)
Operating system version
App version and native build number
Device locale and timezone
Anonymous device/installation identifier

Transaction Source Data

When you paste, share, or input SMS/bank messages for AI parsing, the raw text is processed locally to redact sensitive identifiers (full account numbers, phone numbers, email addresses, UPI IDs, reference numbers, balance figures) before any text is transmitted to AI services. The original raw text is deleted immediately after parsing and is never stored.

2.3 Subscription & Billing Data

Subscription purchases and billing are handled entirely by Apple (App Store) or Google (Google Play). We do not receive or store your full payment card details. We receive subscription status events (active, cancelled, expired, trial, billing issue) and related metadata via our subscription management provider, RevenueCat.

3. How We Use Your Information

We use the information we collect to:

Purpose	Data Used
Provide and operate the Service	Account info, financial data, preferences
AI-powered transaction parsing	Redacted transaction text (PII removed)
AI categorisation and insights	Aggregated, anonymised transaction data
Voice-to-text transcription	Audio recordings (deleted after use)
Subscription management	Subscription status, user ID
User authentication and security	Email, auth tokens
Analytics and product improvement	Usage events, device info
Send transactional communications	Email (OTP codes, account notices)
Customer support	Account info, transaction data (on request)
Fraud prevention and rate limiting	User ID, usage timestamps
Legal compliance	Any data required by applicable law

We do not use your financial data for advertising or sell it to third parties.

4. Third-Party Services and Data Sharing

We share limited data with the following third-party providers solely to operate the Service. Each provider is bound by their own privacy policy and data protection agreements.

Provider	Purpose	Data Shared
Convex (convex.dev)	Backend database and authentication	All user and transaction data (stored in Convex cloud)
RevenueCat (revenuecat.com)	Subscription management	User ID, subscription events
PostHog (posthog.com)	Product analytics	Usage events, device info, anonymised user ID
OpenRouter / Google Gemini	AI transaction parsing, categorisation, insights	Redacted transaction text (PII removed)
OpenAI Whisper	Voice-to-text transcription	Audio recordings (not stored)
Resend (resend.com)	Transactional email (OTP delivery)	Email address
Google OAuth	Social sign-in	Google account name, email
Apple App Store / Google Play	Payment processing and subscription billing	Handled directly between you and Apple/Google

We do not sell, rent, or trade your personal information to any third party for marketing purposes. We may disclose your information if required by law, court order, or to protect the rights, property, or safety of rilio, our users, or others.

5. Data Security

We implement industry-standard security measures to protect your information:

Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS/HTTPS.
Server-side security: Our backend (Convex) enforces authentication on all data access.
PII redaction: Sensitive identifiers are stripped from transaction text before transmission to AI services.
No raw credentials stored: Passwords are never stored in plaintext; authentication uses secure token-based systems.
Webhook authentication: External service callbacks are verified using constant-time HMAC comparison to prevent replay attacks.
Rate limiting: AI features are rate-limited per user to prevent abuse.
Minimal data retention: Raw SMS/pasted text is deleted immediately after parsing; audio is deleted after transcription.

Despite these measures, no security system is impenetrable. We encourage you to use a strong, unique password and to contact us immediately at if you suspect unauthorised access to your account.

6. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the Service.

Account data: Retained until you delete your account.
Transaction data: Retained until you delete individual transactions or delete your account.
Analytics events: Retained per PostHog's standard retention policy (up to 2 years).
AI parse logs and rate-limiting records: Retained for up to 90 days.
Subscription event logs: Retained for up to 2 years for billing dispute resolution.
Voice recordings: Deleted immediately after transcription. Not stored.
Raw transaction text (SMS/clipboard): Deleted immediately after parsing. Not stored.

When you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required by law to retain it longer.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

7.1 Access and Portability

You may request a copy of the personal data we hold about you.

7.2 Correction

You may update or correct your account information directly within the app settings or by contacting us.

7.3 Deletion (Right to be Forgotten)

You may delete your account at any time from within the app (Settings → Account → Delete Account). This will permanently delete your profile, transactions, payment methods, and all associated data.

7.4 Objection and Restriction

You may object to or request restriction of processing your data for certain purposes (e.g., analytics). To opt out of analytics tracking, contact us at .

7.5 Withdraw Consent

Where we rely on your consent to process data, you may withdraw it at any time without affecting the lawfulness of prior processing.

7.6 Data Portability

You may request an export of your transaction and account data in a portable format.

7.7 Do Not Sell or Share (California Residents, CCPA)

We do not sell your personal information. California residents may submit a request to limit the use or disclosure of sensitive personal information by contacting us at .

To exercise any of these rights, contact us at . We will respond within 30 days (or within the timeframe required by applicable law).

8. EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area, the following additional terms apply.

Legal Bases for Processing:

Processing Activity	Legal Basis
Account creation and authentication	Contract performance
Transaction storage and features	Contract performance
AI features (parsing, categorisation)	Contract performance / Legitimate interest
Analytics (PostHog)	Legitimate interest
Subscription management	Contract performance
Legal compliance	Legal obligation

Data Controller: rilio. Contact us at .

Data Transfers: Your data may be transferred to and processed in countries outside the EEA (including the United States). Where this occurs, we rely on Standard Contractual Clauses or other appropriate transfer mechanisms as required by GDPR.

Data Protection Officer: For GDPR-related inquiries, contact us at .

Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority.

9. California Residents (CCPA/CPRA)

If you are a California resident, in addition to the rights listed in Section 7, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collection, and the categories of third parties with whom we share it.
Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
Right to Correct: You may request correction of inaccurate personal information.
Right to Limit Use of Sensitive Information: You may limit our use of sensitive personal information (which includes financial data) to that which is necessary to provide the Service.
Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
No Sale or Sharing: We do not sell or share personal information for cross-context behavioural advertising.

To submit a CCPA request, contact us at . We will verify your identity before processing requests.

10. Children's Privacy

The Service is not directed to children under the age of 13 (or under 16 for users in the EU/EEA). We do not knowingly collect personal information from children. If you believe a child under 13 has provided us with personal information, please contact us immediately at and we will delete such information.

11. Permissions We Request

Permission	Platform	Purpose
Microphone	iOS & Android	Voice transaction input
Speech Recognition	iOS	On-device voice-to-text for transaction logging
Foreground Service	Android	Maintains audio recording session in the foreground

We do not request access to your contacts, location, camera, or photo library.

12. Cookies and Tracking Technologies

The rilio mobile app does not use browser cookies. We use software development kits (SDKs) from PostHog and RevenueCat that may collect anonymous analytics data and installation identifiers to operate their services. These SDKs do not track you across unrelated apps or websites for advertising purposes.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the “Last Updated” date at the top of this policy and, where required by law, by sending you an in-app notification or email. Your continued use of the Service after such changes constitutes your acceptance of the updated policy.

14. Contact Us

For privacy-related questions, requests, or concerns, contact us at .

← Back to rilio