What makes Pebbles different from other budget apps?

Pebbles combines three AI input methods — voice, photo, and natural-language text — with 160+ currency support, on-device privacy, and shared accounts. No bank login or Plaid connection required.

Does Pebbles require a bank login?

No. Pebbles never asks for bank credentials and does not use Plaid. You add transactions by speaking, snapping a photo, or typing a short note. This is a deliberate privacy-first design decision.

How does AI transaction entry work?

On Premium, you speak, snap, or type — and AI extracts the amount, merchant, category, and date. You review every suggestion before it is saved. Free users enter transactions manually and keep full access to statistics and multi-currency.

Is my financial data safe with Pebbles?

Your data stays on your device by default. Premium users can opt into encrypted cloud backup with row-level security — so only you can read it. We never sell data, never ask for bank credentials, and do not use Plaid. AI features process data securely and are never used to train models.

Can I share with family?

Yes, with Premium. Invite family members to a shared account with role-based access and a full invite lifecycle. Everyone can track and manage money together.

What platforms is Pebbles on?

Pebbles is available on iOS today. Android is on the way.

Privacy Policy | Pebbles

Pebbles is designed with privacy at its core. Your financial data stays on your device — we only collect the minimum information needed to provide authentication and cloud services.

1. Information we collect

1.1 Information you provide

When you create an account, we collect:

Email address — for account creation and communication
Display name — your chosen name for the account
Profile photo — optional, if provided via Google or Apple Sign-In
Password — encrypted and stored securely (for email/password accounts)

1.2 Information stored locally

The following data is stored only on your device and never transmitted to our servers (except for Premium users who opt into cloud sync):

Financial transactions and amounts
Account balances and details
Budget and goal information
Categories, subscriptions, and tags
Receipt images and attachments
All personal financial data

1.3 Automatically collected information

We collect device metadata when you submit support requests or feedback:

Device information — app version, build number, platform, OS version, device model, locale
Plan status — whether you are on the Free or Premium plan
Usage analytics — feature usage patterns (no financial data is collected)
Error logs — technical diagnostics for app improvement

1.4 Device permissions

Pebbles requests the following device permissions. All data accessed through these permissions is stored locally and never transmitted to third parties:

Camera — for capturing receipt photos. Images are compressed (max 500 KB) and stored on-device only.
Photos & Media — for selecting existing receipt images. We only access images you explicitly choose.
Microphone — for voice transaction input. Audio is processed for speech recognition and is never recorded or stored.
Storage — for saving receipts and exporting financial data locally.
Internet — required for authentication, AI features, and exchange rate updates. Financial transaction data is never sent over the internet except via opt-in cloud sync (Premium).

2. How we use your information

Provide and maintain authentication services
Enable cloud sync and backup (Premium)
Process AI-powered features (transaction parsing, categorization, receipt scanning)
Facilitate shared account invitations and notifications
Send service-related communications (email verification, password reset)
Improve app functionality and user experience
Enforce usage limits and prevent abuse
Comply with legal obligations

3. Data storage and security

3.1 Local storage (all users)

Financial data is stored locally on your device using encrypted storage. Free users' data exists only on-device — signing out permanently deletes all local data.

3.2 Cloud storage (Premium)

Premium users who opt into cloud sync have their data backed up via Supabase with:

Encryption in transit (TLS) and at rest
Row-level security (RLS) ensuring users can only access their own data
Regular security audits and updates

3.3 Security measures

End-to-end encryption for data in transit
Secure password hashing (for email/password accounts)
OAuth 2.0 for Google and Apple Sign-In
Row-level security on all database tables
Regular security updates and patches

4. Third-party services

We use the following third-party services:

Supabase — authentication, cloud storage, and real-time sync (Premium)
Google Sign-In — optional OAuth authentication
Apple Sign-In — optional OAuth authentication (iOS)
RevenueCat — subscription and in-app purchase management
AI providers — transaction parsing, categorization, and receipt scanning (Premium). Data is processed securely and is not permanently stored by AI providers.
Firebase Crashlytics — crash reporting and technical diagnostics

5. AI features and data processing

When you use AI-powered features (Premium):

Text, voice transcripts, or receipt images are sent to AI providers for processing
AI extracts transaction details (amount, merchant, category, date) from your input
You review and approve every AI-suggested transaction before it is saved
AI interactions are rate-limited to prevent abuse
We do not use your data to train AI models
Processing data is not permanently stored by AI providers

We do not sell, trade, or rent your personal information. We may share information only in these cases:

With your consent — when you explicitly agree to share
Shared accounts — when you invite others to shared accounts, they can see transactions and balances for that specific account only
Legal requirements — when required by law or legal process
Service providers — third-party services listed in Section 4 that help operate the app
Business transfers — in case of merger, acquisition, or sale of assets

7. Your rights and choices

Access — request a copy of your personal data
Correction — update or correct your information
Deletion — request deletion of your account and cloud data
Export — export your local financial data to CSV at any time
Opt-out — use the app without creating an account (limited features)
Notification control — customize or disable daily reminders and notifications

8. Children's privacy

Pebbles is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

9. Data retention

We retain your personal information for as long as your account is active:

Authentication data is deleted from our servers when you delete your account
Local data remains on your device until you uninstall the app or sign out
Premium cloud data is retained during subscription and available for re-sync if you re-subscribe
Logs and analytics may be retained for up to 90 days

10. International data transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data.

11. Changes to this policy

We will notify you of material changes by:

Updating the “Last updated” date
Sending an email notification (for significant changes)
Displaying an in-app notice

12. California privacy rights (CCPA)

California residents have the right to:

Know what personal information is collected
Delete personal information
Opt-out of sale of personal information (we don't sell data)
Non-discrimination for exercising privacy rights

EEA residents have rights under GDPR including:

Right to access your personal data
Right to rectification of inaccurate data
Right to erasure (“right to be forgotten”)
Right to restrict processing
Right to data portability
Right to object to processing

Questions?

Email [email protected] — we respond within 48 business hours.

← Back to home

Privacy Policy