Privacy Policy

Last updated: 9 May 2026

Mizan stores your financial data on your device. The app itself collects nothing about you. There are no accounts, no analytics, no ads, no third-party trackers, no cookies, no telemetry.

Data we collect

None. The app does not collect, transmit, sell, or share any personal data on its own.

Data stored on your device

• Expense entries (amount, category, optional note, date, optional account, optional receipt photo).
• App preferences (currency, theme, monthly budget, biometric-lock, auto-lock timeout).
• Optional configured AI provider records: display name, base URL, model, and an API key — used only when you actively invoke the AI features.

This data lives in the app's private sandbox. It is excluded from Android cloud backup and device-to-device transfer (see data_extraction_rules.xml). You can delete all expense data from Settings → Delete all expenses, remove configured AI providers from Settings → AI providers, or uninstall the app.

Network access — important

The app uses network access only when you actively use an AI feature (chat, voice quick-entry, or budget suggestions) and have configured an AI provider in Settings → AI providers. In that case:

1. The app makes an HTTPS request to the provider you chose (e.g. OpenAI, Anthropic, OpenRouter, Groq, Google AI Studio, DeepSeek, a self-hosted endpoint, or any custom OpenAI-compatible URL you enter).
2. The request body includes:
   • The currency you have configured (e.g. USD, AED).
   • The total number of expenses on file.
   • The last 30 days total and the last 90 days total.
   • The top 8 categories from the last 30 days, with a per-category total. (If you have fewer than 8 categories used in that window, all of them are sent.)
   • The 15 most recent entries — each one's date, amount, category, and the user-typed note (if any).
   • The text of your question, prompt, or utterance for the operation you triggered.
3. Receipt photos are never sent. Account labels are never sent. The configured API key is sent in the HTTP header to authenticate to your chosen provider — it does not pass through any Mizan infrastructure.
4. The provider's privacy policy and terms govern what happens to that data on their side. Read theirs before configuring.

If you do not configure an AI provider, the app makes no network requests at all. You can verify this with any network monitor or by running the app with airplane mode on; the chat, voice quick-entry, and suggestion features will simply stay disabled.

If you want fully local AI inference today, the supported path is to run a self-hosted server (e.g. Ollama on your own computer) and configure Mizan to talk to it as a Custom OpenAI-compatible provider pointed at your LAN IP. Traffic stays on your local network in that configuration.

Permissions

• INTERNET and ACCESS_NETWORK_STATE (Android) — used only for the AI provider call described above and for In-App Purchase / Restore Purchases (the platform store talks to Apple / Google directly via StoreKit / Play Billing).
• USE_BIOMETRIC (Android) / NSFaceIDUsageDescription (iOS) — used only if you enable App Lock in Settings.
• Camera / photo library — used only when you tap "Attach receipt" on an expense. Photos stay in app-private storage and are never uploaded.
• Microphone / speech recognition — used only for voice quick-entry. Speech transcription happens on-device; the resulting text is then handled the same way as a typed expense.

The app does not access contacts, location, calendar, or any other personal information.

In-app purchases

Mizan offers a Premium tier with three SKUs. Purchases are handled by the platform store (Apple StoreKit / Google Play Billing). Mizan does not operate a payment server; the platform store handles the transaction end-to-end. The app stores only the resulting entitlement state (active / inactive, tier, approximate renewal date) on this device.

Children's privacy

The app does not collect data from any user, regardless of age. It is suitable for users of all ages and complies with COPPA by virtue of collecting no data on its own.

App Store / Play Store disclosures

• Apple App Privacy: "Data Not Linked to You — Financial Info," collected only when the user enables the optional AI assistant. No data is used to track the user. The Mizan app, the developer, and any Mizan infrastructure does not see, log, store, or process AI-provider traffic in any form.
• Google Play Data Safety: App-collected data: none. Data shared with third parties: only when the user enables the optional AI assistant, in which case Financial Info (recent expense summary) goes to the provider the user picked. Encrypted in transit (HTTPS). Users can request deletion via Settings → Delete all expenses or by uninstalling the app.

Contact

Questions: studio@usemizan.app

Have a question, bug report, or feature idea? You can also send feedback — no email address required unless you want a reply.