Privacy Policy

Last updated: March 11, 2026

1. Introduction

CardSense ("we", "us", "our") is a bank statement management service that helps you organize and understand your spending. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.

2. Information We Collect

We collect the following types of information:

  • Account information: Your Google account email address and display name (via Firebase Authentication).
  • Bank statement data: Transaction details (merchant names, amounts, dates, card numbers) extracted from PDF statements in your Gmail.
  • Usage data: Anonymized category correction feedback (merchant name + category change only, no user ID stored).
  • PDF passwords: If you provide passwords for encrypted bank PDFs, they are stored encrypted using Fernet symmetric encryption.

3. Gmail Access

CardSense requests read-only access to your Gmail to detect and process bank statement emails. Specifically:

  • We only search for emails from known bank sender domains (47 banks in Taiwan and Singapore).
  • We only read PDF attachments from matched bank emails — no other emails are accessed.
  • We do not read, store, or process your email content, contacts, or any non-bank emails.
  • Gmail access can be revoked at any time through your Google Account security settings.

4. How We Process Your Data

PDF statements are processed entirely in memory — raw files are never written to disk or permanently stored. The processing flow: PDF is downloaded from Gmail into server memory → Google Gemini AI extracts structured information (dates, merchants, amounts, last 4 card digits) → only the extracted structured data is saved → the raw PDF is immediately released from memory. We do not store original PDF files, email content, or full card numbers. All processing occurs on Google Cloud servers in the asia-east1 region. Google Drive backup is an opt-in feature (off by default) — only when you enable it will a PDF copy be saved to your personal Google Drive.

5. Data Storage & Security

Your structured transaction data is stored in Google Cloud with authentication-based access controls — each user can only access their own data. Sensitive information (such as PDF passwords) is encrypted at rest using industry-standard encryption, with keys fully isolated from application code. The database is encrypted at rest by Google. All data transmission is encrypted in transit. We do not sell, share, or transfer your financial data to any third parties for marketing or advertising purposes.

6. Third-Party Services

We use the following third-party services to operate CardSense:

  • Google Cloud Platform (Firestore, Cloud Functions, Secret Manager) — data storage and processing.
  • Firebase Authentication — user identity and access control.
  • Google Gemini AI — statement parsing and transaction extraction.
  • Google Drive (opt-in only) — PDF backup storage in your own Drive account.
  • Lemon Squeezy — payment processing for premium subscriptions. Lemon Squeezy acts as Merchant of Record and handles all payment data directly.

7. Google Drive Backup

Google Drive backup is strictly opt-in (disabled by default). When enabled, PDF statements are uploaded to your own Google Drive account in an organized folder structure (CardSense/{region}/{type}/{bank}/). You can disable this feature at any time in Settings. Disabling it stops future uploads but does not delete files already in your Drive.

8. Cookies & Local Storage

CardSense uses essential cookies and browser local storage only for authentication session management (Firebase Auth tokens). We do not use tracking cookies, advertising cookies, or any third-party analytics cookies.

9. Your Rights

You have the following rights regarding your data:

  • Access: View all your stored statements and transactions through the dashboard.
  • Deletion: Request complete deletion of your account and all associated data by contacting us.
  • Portability: Export your transaction data to CSV format at any time.
  • Revoke access: Disconnect Gmail access through your Google Account settings at any time.
  • Opt-out: Disable any optional features (Drive backup, push notifications) in Settings.

10. Children's Privacy

CardSense is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at support@cardsense.app.