Privacy Policy

Last updated: 2 May 2026

Mizan stores your financial data on your device. The app itself collects nothing about you. There are no accounts, no analytics, no ads, no third-party trackers, no cookies, no telemetry.

Data we collect

None. The app does not collect, transmit, sell, or share any personal data on its own.

Data stored on your device

• Expense entries (amount, category, optional note, date, optional account, optional receipt photo).
• App preferences (currency, theme, monthly budget, biometric-lock, auto-lock timeout).
• Optional configured AI provider records: display name, base URL, model, and an API key — used only when you actively invoke the AI features.

This data lives in the app's private sandbox. It is excluded from Android cloud backup and device-to-device transfer (see data_extraction_rules.xml). You can delete all expense data from Settings → Delete all expenses, remove configured AI providers from Settings → AI providers, or uninstall the app.

Network access — important

The app uses network access only when you actively use an AI feature (chat, voice quick-entry, or budget suggestions) and have configured an AI provider in Settings → AI providers. In that case:

1. The app makes an HTTPS request to the provider you chose (e.g. OpenAI, Anthropic, OpenRouter, Groq, Google AI Studio, DeepSeek, a self-hosted endpoint, or any custom OpenAI-compatible URL you enter).
2. The request body includes a summary of your recent expenses: the last 30/90 days totals, per-category breakdown for the last 30 days, and the 15 most recent entries (date, amount, category, note).
3. Receipt photos are never sent.
4. The provider's privacy policy and terms govern what happens to that data on their side. Read theirs before configuring.

If you do not configure an AI provider, the app makes no network requests at all. You can verify this with any network monitor or by running the app with airplane mode on; the chat, voice quick-entry, and suggestion features will simply stay disabled.

Permissions

• INTERNET and ACCESS_NETWORK_STATE (Android) — used only for the AI provider call described above.
• USE_BIOMETRIC (Android) / NSFaceIDUsageDescription (iOS) — used only if you enable App Lock in Settings.
• Camera / photo library — used only when you tap "Attach receipt" on an expense. Photos stay in app-private storage and are never uploaded.

The app does not access contacts, location, calendar, or any other personal information.

Children's privacy

The app does not collect data from any user, regardless of age. It is suitable for users of all ages and complies with COPPA by virtue of collecting no data on its own.

App Store / Play Store disclosures

• Apple App Privacy: "Data Not Collected." (The app does not collect data; the optional AI provider call sends user-controlled data to a destination the user picks.)
• Google Play Data Safety: No data collected. The app accesses the network only to call the AI provider that the user explicitly configures.

Contact

Questions: zaki.kizilbash@gmail.com