Privacy Policy

Last updated: May 23, 2026

Draft: This is a placeholder draft. Have legal counsel review before production. The substance below reflects Daily Spend's actual data practices and Teller's required disclosures.

Summary

Daily Spend is a single-purpose iOS app that shows the total you have spent today on a lock-screen widget. To do that we read your bank transactions in real time. We do not store your bank credentials, we do not sell your data, and we do not have the ability to move money.

What we collect

Account identifiers. Your email and a unique user ID so we can authenticate you and tie your bank connection to your subscription.
Bank connection metadata. The Teller enrollment IDs for your connected institutions, the names and last-four digits of your accounts, and which accounts you have chosen to include in your daily spend.
Transactions. A cache of your recent transactions (amount, date, merchant string, pending flag) used to compute today's total. We do not retain transactions longer than necessary for the product to function.
Subscription status. Whether you are on trial, monthly, or yearly, and renewal dates. Payment itself is handled by Apple; we never see your card.
Device timezone. So "today" means the same thing to you and to us.

What we do NOT collect

Your bank username or password. You enter those directly into Teller's secure flow; we never see them.
Your full bank account or card numbers.
Your location.
Your contacts, photos, or anything else outside the data needed to compute a daily spend total.

Teller data disclosure

Daily Spend uses Teller to connect to your bank. When you connect an account, Teller authenticates you directly with your bank, returns a read-only access token to Daily Spend, and exposes your transactions to us via Teller's API. Teller's own privacy policy governs that connection.

Our access is strictly read-only. We cannot initiate payments, transfers, or any other money movement.

How we use your data

To compute and display your daily spend on the lock-screen widget.
To keep your bank connection working (refreshing tokens, prompting reconnection if it expires).
To deliver, restore, and renew your subscription.
To investigate fraud or abuse of the service.

We do not use your data for advertising. We do not sell or rent your data to third parties. We do not train AI models on it.

Service providers we use

Teller — bank API connectivity
Supabase — database and authentication
Fly.io — application hosting
Apple — app distribution, in-app purchase, and push delivery

These providers process your data only as needed to operate the service on our behalf.

Data retention and deletion

You can delete your account from inside the app: Settings → Delete account. When you do, we revoke your Teller enrollment, delete your cached transactions, and remove your account from our database.

If you cancel your subscription but do not delete your account, we retain your account information for a short grace period in case you re-subscribe, then delete it.

Security

All data in transit is encrypted with TLS. Tokens and other secrets are stored encrypted at rest. Access to production systems is restricted to a small number of authorized engineers.

Children

Daily Spend is not directed at children under 13 and we do not knowingly collect data from them.

Changes

We will post any material changes to this policy on this page. The "Last updated" date at the top of this page reflects the most recent revision.

Contact

Questions or requests: privacy@dailyspend.ai.