Privacy Policy

Last updated: March 20, 2026

Overview

Subs ("we", "our", "the app") is a subscription tracking application. We are committed to protecting your privacy and being transparent about how we handle your data.

Data We Collect

• Subscription Data: Names, costs, billing cycles, and renewal dates of subscriptions you add. This is stored in your private Firebase account tied to an anonymous user ID.
• Gmail Data (optional): If you choose to use our Gmail scan feature, we request read-only access to your Gmail inbox to detect subscription-related emails. We only read email subjects, sender addresses, and dates. We do not store, share, or transmit your email content. All processing happens on your device.
• Anonymous Authentication: We use Firebase Anonymous Authentication to create a private account for your data. We do not collect your name, email address, or any personal identifiers.

How We Use Gmail Data

Our use of Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only request the gmail.readonly scope.
• Gmail data is used solely to identify subscription services from your billing/receipt emails.
• Email content is processed locally on your device and is never sent to our servers or any third party.
• We do not use Gmail data for advertising, market research, or any purpose unrelated to the app's subscription tracking functionality.

Third-Party Services

• RevenueCat: In-app purchase and subscription management.
• Google Sign-In: Only used for Gmail scan feature, with read-only access.

Data Protection & Security

We take the security of your data seriously and implement the following measures to protect sensitive information:

• Encryption in Transit: All data transmitted between the app and our backend services is encrypted using TLS/SSL (HTTPS). This includes subscription data synced to the cloud and authentication tokens.
• Encryption at Rest: Any locally stored data on your device is protected by iOS built-in data protection, which uses hardware-level encryption.
• On-Device Processing: Gmail email content is processed entirely on your device. Email data is held in temporary memory only during the scan and is immediately discarded after subscription detection is complete. No email content is ever written to disk or transmitted to any server.
• Anonymous Authentication: We use anonymous user IDs rather than personal identifiers, so your subscription data cannot be traced back to your personal identity.
• Minimal Data Access: We request only the minimum required permissions (gmail.readonly) and do not request write access to your email or any other Google services.
• Access Token Security: Google OAuth tokens are stored securely in the device's keychain and are only used to authenticate Gmail API requests. Tokens can be revoked at any time through your Google Account permissions.
• No Third-Party Sharing: We do not sell, share, or transfer your personal data or email content to any third parties for any purpose, including advertising, analytics, or market research.

Data Retention & Deletion

Your subscription data is stored as long as you use the app. You can delete individual subscriptions at any time from within the app. If you wish to delete all your data, contact us at orhanerba@gmail.com.

Children's Privacy

Our app is not intended for children under 13. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated revision date.

Contact

For questions about this policy, contact us at orhanerba@gmail.com.