H HomeSum

Privacy Policy

Last updated: 15 June 2026

HomeSum (“we”, “us”) is a personal budgeting app. This policy explains what we collect, how we use it, and the choices you have. Our guiding principle is simple: your financial data stays on your device by default, and we process it first on your device wherever we can. When the on-device step can’t read something accurately, parts of it may be sent to a trusted AI provider to improve accuracy, as described below — and we tell you which features do this.

1. Data stored on your device

Your accounts, transactions, budgets, goals, categories and rules are stored locally on your phone in an encrypted-at-rest database. This data is not sent to us unless you explicitly enable optional cloud sync (see §5).

2. Notification access (auto-capture)

If you turn on auto-capture, HomeSum reads incoming transaction notifications on your device to draft transactions for you. We restrict this strictly to recognised bank, wallet and payment apps — notifications from messaging, social, email, and other apps are ignored at the source and are never read, stored, or uploaded. We try to read each notification on your device first. When the on-device parser can’t confidently understand a message (for example, an ambiguous transfer, or an Arabic message with no card number), the app may send that single message’s text, the currency, and the names and last-4 digits of your own accounts to our server and on to our AI provider, OpenAI, to classify it — so we can still draft the transaction accurately. We do not send your full notification history, account balances, or unrelated app data. This happens only for messages the device couldn’t read on its own; if the AI step fails or is unavailable, we simply keep the best on-device result. See §6a for how OpenAI handles this data. You can disable auto-capture at any time in your device settings or in the app, and the feature is entirely optional — you can add transactions manually, by voice, or by scanning a receipt instead.

2b. SMS auto-tracking (Android, optional)

On Android you may optionally enable SMS auto-tracking so HomeSum can read incoming bank/payment SMS to draft transactions for you. This uses the RECEIVE_SMS and READ_SMS permissions and is off by default — we ask for your explicit permission first, behind a clear in-app explanation. When on, messages are filtered and parsed on your device first: only texts that contain a payment amount and a money-related keyword are considered, and we extract just the amount, merchant/counterparty and reference. Bank SMS go through the same on-device-first pipeline as notifications (§2): when the on-device parser can’t confidently read a qualifying bank message, the app may send that single message’s text, the currency, and the names and last-4 digits of your own accounts to our server and on to our AI provider, OpenAI, to classify it accurately. Messages that don’t match the money filter are never sent anywhere, and we never upload your full SMS history, contacts, or unrelated messages. If the AI step fails or is unavailable, we keep the best on-device result. See §6a for how OpenAI handles this data. You can turn SMS auto-tracking off at any time, skip individual cards, edit the keyword list, or revoke the permission in your device settings. It is entirely optional — you can add transactions manually, by voice, or by scanning a receipt instead.

3. Receipt scanning

When you scan a receipt, HomeSum reads it using AI to get the most accurate result. To do this the photo is sent to our server and on to our AI provider, OpenAI, whose vision model returns the merchant, date, items and total. During the current launch period this AI scan is available to everyone (subject to a monthly limit), so it is the default way receipts are read. If you are over the limit, offline, or the AI scan is unavailable, the app falls back to on-device text recognition, in which case the image is not uploaded. In either case the photo itself stays on your phone unless you choose to share it, and we don’t keep a copy of it on our servers beyond what is needed to process that one scan. See §6a for how OpenAI handles this data.

4. Voice input

If you use voice entry, your microphone is used only while you are actively recording, to turn what you say into a draft expense. For the most accurate result — especially in Arabic — the recorded clip is sent to our server and on to our AI provider, OpenAI, for transcription, and only the resulting text is used to draft the expense. The app may also use your device’s own on-device speech recognition; where it does, the audio is not uploaded. We don’t retain the audio after the entry is transcribed beyond what is needed to process that one request. Voice entry is optional, asks for your consent before the microphone is first used, and the in-app consent screen explains this AI transcription. See §6a for how OpenAI handles this data.

5. Optional cloud sync

If you create an account (email and password) and enable sync, your transaction data is sent to our servers (operated under the home-sum.com domain) over an encrypted connection (HTTPS) so you can access it across your devices. You can disable sync and permanently delete your account and all synced data at any time (see §10).

6. Optional AI assistant

If you use the in-app assistant to ask questions about your money, the specific question and the minimum context needed to answer it are sent to our servers and on to our AI provider, OpenAI, to generate a response. Do not enter information in the assistant that you do not wish to share for this purpose. See §6a for how OpenAI handles this data.

6a. Our AI provider (OpenAI)

Several optional features use OpenAI as a sub-processor to improve accuracy: the AI assistant (§6), the AI fallback for hard-to-read bank notifications and SMS (§2, §2b), receipt scanning (§3) and voice transcription (§4). For each, only the specific content needed for that request is sent — the message text and your account names/last-4 for capture, the receipt image for scanning, the audio clip for transcription, or your question and a short summary of your data for the assistant. This data is sent over an encrypted connection and is processed transiently to return a result for that single request. Under our API configuration with OpenAI, your content is not used to train its models. Every one of these features is optional and falls back to an on-device or rules-based result when the AI step is unavailable, so you can use HomeSum without them.

7. Merchant logos

To show recognisable logos next to bills and subscriptions, the app may request a brand’s public logo from third-party logo services (Clearbit Logo and Google’s public favicon service) using only the merchant or brand name. No personal or financial data is sent in these requests.

8. Payments

HomeSum Pro subscriptions, if and when offered, are processed by Google Play. We never receive or store your card or payment details — Google handles billing. We receive only the subscription status needed to unlock Pro features. To manage subscriptions and entitlements we use RevenueCat as a sub-processor; it is keyed only by an opaque internal account id (not your name or email) and receives the purchase/entitlement information needed to keep your Pro status in sync across your devices.

9. What we do not do

10. Your choices & account deletion

You can delete any record in the app, export your data as CSV, and uninstall to remove all on-device data. If you created an account, you can permanently delete it and all of your server-side data directly in the app: Settings → Delete account. You can also request deletion from our web page at home-sum.com/delete-account. Deletion is immediate and irreversible.

11. Children

HomeSum is not directed to children under 16, and we do not knowingly collect data from them.

12. Changes

We may update this policy; material changes will be reflected here with a new “last updated” date.

13. Contact

Questions or data requests: [email protected].

← Back to HomeSum