Last updated: April 2, 2026

Introduction

Ruply ("we," "our," or "the app") is a personal expense tracking application designed with privacy at its core. This Privacy Policy explains what data Ruply collects, how it is used, and how it is protected. By using Ruply, you agree to this policy.

Data We Collect

2.1 Data You Provide

- Name and profile image — used for display within the app

- Monthly budget, income, and category budgets — used for budgeting features

- Expenses — amount, date, category, payment method, notes, merchant name

- Recurring expenses — details of expenses that repeat on a schedule

- EMIs — loan/EMI tracking details

- Split expenses — friend names, emojis, UPI IDs, group names, split amounts, settlements

- UPI ID — your own UPI ID (if provided) for generating payment QR codes and payment request links

2.2 Data Collected Automatically

- App usage data — streaks, onboarding completion status, and quick action preferences (stored locally)

2.3 Data We Do NOT Collect

- Location data

- Contacts or address book access

- Browsing history

- Device identifiers or advertising IDs

- Analytics or crash reporting data sent to third parties

- We do not use any third-party analytics SDKs

How Your Data Is Stored

3.1 On-Device Storage

All your expense data, budgets, settings, and split information are stored **locally on your device** using Apple's SwiftData framework. The app does not operate its own servers or databases.

3.2 iCloud Sync

If you are signed in to iCloud, your data is synced across your Apple devices using **Apple CloudKit**. This sync is managed entirely by Apple and is subject to [Apple's Privacy Policy](https://www.apple.com/legal/privacy/). We do not have access to your iCloud data.

3.3 No Server-Side Storage

Ruply does not maintain any server-side database of user data. There is no user account system beyond Sign in with Apple (used solely for identity verification during onboarding).

AI-Powered Features

Ruply offers optional AI-powered features that require explicit user consent before activation:

4.1 Features Using AI

- Smart Quick Add — natural language expense entry

- Receipt Scanning — extracting expense data from photos of receipts

- Bank Statement Import — parsing uploaded bank statement PDFs

- Money Story — generating monthly spending narrative summaries

- AI Chat — conversational insights about your spending

4.2 How AI Processing Works

- AI features use the Anthropic Claude API, accessed through a secure Cloudflare Worker proxy

- When you use an AI feature, the minimum necessary data (e.g., the text of your expense description, a receipt image, or bank statement text) is sent to the AI service for processing

- Data is transmitted over HTTPS (encrypted in transit)

- Data is processed in real-time and is not stored by Anthropic after the API response is returned. Anthropic does not use API inputs/outputs for model training when accessed via their API.

- The Cloudflare Worker proxy forwards requests — it does not log or store your data

4.3 Consent Requirement

- AI features are disabled by default

- You must explicitly consent to AI data processing before any data is sent to the AI service

- You can revoke consent at any time in Settings > Privacy > AI Data Processing

- If you do not consent, AI-powered features will either fall back to on-device processing (e.g., receipt scanning uses Apple's Vision framework) or be unavailable

4.4 Receipt Scanning Without AI

If you have not consented to AI processing, receipt scanning uses Apple's on-device Vision framework for text recognition. No data leaves your device in this mode.

Sign in with Apple

Ruply uses Sign in with Apple for user authentication during onboarding. This provides:

- A unique, anonymous user identifier

- Your name (if you choose to share it)

- Your email (if you choose to share it — you may use Apple's email relay)

We use this solely to identify returning users and personalize your experience. We do not send marketing emails or share your identity with third parties.

UPI Payments

6.1 UPI ID Storage

If you or your friends provide UPI IDs for split payment features, these are stored locally on your device and in your iCloud (via CloudKit sync). They are never sent to any external server.

6.2 UPI Payment Processing

When you initiate a UPI payment, Ruply constructs a standard `upi://pay` deep link and hands it off to the UPI app installed on your device (e.g., your bank's app). Ruply does not process, intercept, or have access to the actual payment transaction. All payment processing occurs entirely within the third-party UPI app.

Camera & Photo Library Access

Ruply requests camera access for:

- Receipt scanning — capturing photos of receipts

- QR code scanning — scanning UPI QR codes for payments

Camera access is requested only when you use these features. Photos captured for receipt scanning are processed locally (or via AI with your consent) and are not stored by the app beyond the immediate processing session.

Notifications

Ruply may request permission to send local notifications for:

- Daily expense logging reminders (configurable in Settings)

- Budget alerts and savings milestones

- Morning briefings

All notifications are generated and scheduled locally on your device. We do not use push notification servers.

Data Sharing

We do not sell, rent, or share your personal data with any third parties, except:

- Apple (iCloud sync) — if you have iCloud enabled, as described in Section 3.2

- Anthropic (AI features) — only with your explicit consent, as described in Section 4

Data Retention & Deletion

- All data is stored on your device and in your iCloud account

- You can delete individual expenses, friends, groups, or settlements at any time within the app

- You can delete all app data by deleting the app from your device

- To remove iCloud data, you can manage storage in your device's **Settings > Apple Account > iCloud > Manage Storage**

- Revoking AI consent stops all future data transmission to AI services; previously processed data was not retained by the AI service

Children's Privacy

Ruply is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

Security

- All data in transit uses HTTPS/TLS encryption

- On-device data is protected by Apple's device encryption and your device passcode/biometrics

- iCloud data is encrypted by Apple both in transit and at rest

- The app supports App Lock (biometric authentication) as an additional layer of protection

- The Anthropic API key is stored server-side (on the Cloudflare Worker) and never embedded in the app binary

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

Your Rights

You have the right to:

- Access all your data (it's on your device)

- Delete any or all of your data at any time

- Opt out of AI processing at any time

- Request information about how your data is handled

Contact

For questions, contact: mebhargava02@gmail.com