Privacy Policy

1. Data we collect

None. Masareefi does not collect personal data. The app does not contain analytics SDKs, telemetry, crash reporters, advertising identifiers, or third-party tracking of any kind. There is no account system: you are not asked to sign up, sign in, or provide an email address.

The developer operates no servers and has no database of user records. There is nothing for us to lose, sell, or share, because there is nothing to begin with.

2. Data stored on your device

When you use Masareefi, the app saves your financial records in a local database on your iPhone or iPad using Apple's SwiftData framework. This includes:

• Transactions and their categories
• Wallets and balances
• Budgets and budget alerts
• Bills and recurring rules
• Goals and debts
• App settings and preferences

This data lives on your device. The developer has no remote access to it and cannot read, copy, or recover it. If you uninstall the app and have not enabled iCloud sync, this data is permanently deleted.

3. iCloud sync

If you are signed into iCloud and choose to enable sync, Masareefi uses Apple's CloudKit framework to mirror your local database to your private iCloud container. This is your personal iCloud storage, scoped to your Apple Account.

The sync process is handled entirely by Apple: data is encrypted in transit and at rest, and only your own signed-in Apple devices can read it. The developer of Masareefi has no access to your private container and cannot view, export, or recover its contents.

For details on how Apple handles iCloud data, see Apple's iCloud Privacy page and Apple's Privacy overview.

4. Receipt OCR

When you scan a receipt, Masareefi processes the image entirely on your device using Apple's Vision framework. Receipt images and the text extracted from them never leave your device — they are not uploaded to any server, including Apple's. The captured text is saved into the local database described above, alongside the rest of your records.

5. Currency exchange rates

Masareefi can display values in different currencies. To do that, the app needs exchange rates. When you tap the "Refresh rates" action, the app makes an anonymous outbound HTTPS request to the public free rates service open.er-api.com.

This request contains no personal information: no identifiers, no cookies, no account, no transaction data — just a generic request for the latest rates. The response is cached locally so the app does not have to ask again until you choose to refresh.

6. Third-party services

Masareefi does not integrate with any third-party analytics, advertising, or data broker services. The only "third parties" involved are Apple platform services used as ordinary iOS primitives:

These are governed by Apple's privacy policy and your Apple Account terms, not by the developer of Masareefi.

Siri Shortcuts

If you use voice commands or Shortcuts to interact with Masareefi, the audio and speech recognition are handled by Apple's Siri infrastructure under your Apple Account terms. The developer never receives audio or transcripts.

Biometric lock

If you enable Face ID or Touch ID to unlock the app, authentication is performed by iOS. Masareefi only receives a success or failure result — your biometric data never leaves the Secure Enclave on your device.

Advertising

Masareefi contains no advertising, no ad networks, no tracking pixels, and does not access the IDFA (advertising identifier).

7. Children's privacy

Masareefi is rated 4+ in the App Store but is a general-purpose finance tool. It is not directed at children under 13, and the developer does not knowingly collect personal information from anyone, of any age, because the app collects no personal information at all (see Section 1). This is consistent with the U.S. Children's Online Privacy Protection Act (COPPA).

8. GDPR & CCPA notes

Because Masareefi collects no personal data, the developer does not act as a data controller or data processor for users in the EU/EEA, the United Kingdom, or California. Your financial records exist only on your device and (optionally) in your private iCloud, where Apple is the data processor and you are the data controller.

Your rights under the GDPR (access, rectification, erasure, portability, restriction, objection) and the CCPA / CPRA (know, delete, correct, opt out, non-discrimination) therefore apply to data on your own device and in your own iCloud:

• Access & portability: Use the in-app CSV export to retrieve your transactions in an open, machine-readable format.
• Erasure: Delete records inside the app, or remove the app from your device (see Section 9).
• Sale or sharing of personal information: The developer does not sell or share personal information with anyone, because no personal information is collected.

9. Data retention

Your data is retained on your device for as long as you keep the app installed. You control retention entirely:

• Delete individual records inside the app at any time.
• Remove the app via iOS Settings → General → iPhone Storage → Masareefi → Delete App, or by long-pressing the app icon on the Home Screen and choosing Delete.
• If iCloud sync is enabled and you want to remove synced data, sign in to iCloud.com or use iOS Settings → your name → iCloud to manage app data, then delete the Masareefi container.

The developer does not retain any of your data because the developer never receives any of your data.

10. iOS permissions Masareefi may request

Each permission is requested only when needed for a specific feature, and you can revoke any of them at any time in iOS Settings.

11. Changes to this policy

If this privacy policy changes, the updated version will be posted at this same URL and the effective date at the top of the page will be updated. Material changes will also be noted in the app's release notes on the App Store.

12. Contact

Questions about this policy or how Masareefi handles data? Email [email protected].