
Privacy Policy
Effective date: May 8, 2026
This Privacy Policy explains how Zifra ("we," "us," or "our"), a product operated by Muhammad Patel (zifraapp.com), collects, uses, and protects your information when you use the Zifra mobile application and website. By using Zifra, you agree to the practices described in this policy.
About Zifra
Zifra is a product developed and operated by Muhammad Patel, an individual developer based in Panama. The app is published under the Apple Developer Program and Google Play Developer accounts registered to Muhammad Patel.
1. Data Storage
Zifra stores your data securely using Supabase, a cloud infrastructure provider. All data is encrypted in transit (HTTPS/TLS) and at rest (AES-256). Your financial data — expenses, income, budgets, and categories — is stored on Supabase servers and is only accessible to you through your account.
A small amount of data is cached locally on your device for offline use, including recent transactions and your preferences (theme, language, currency).
2. Information We Collect
We collect only what is necessary to provide the service:
- Account information: name and email address
- Financial data: expenses, income, budgets, categories, and merchant names
- Receipt photos: uploaded by you for expense scanning (stored securely)
- Voice input: processed temporarily for expense entry — not stored
- App preferences: language, currency, theme settings
- Device and usage data: device type, OS version, crash reports
When you sign in with Google or Apple, we receive your name, email, and profile photo from that provider.
3. How We Use Your Information
We use your information solely to provide and improve Zifra:
- To create and manage your account
- To provide expense and income tracking features
- To generate budgets, analytics, and financial insights
- To process AI-powered features (voice entry, receipt scanning, auto-categorization)
- To send budget alerts and notifications you have enabled
- To manage your subscription and process payments
- To improve app performance and fix bugs
We do NOT use your data for advertising, and we do NOT sell your data to any third party.
4. AI Features
Zifra uses Google Gemini AI for voice expense entry, receipt scanning, and spending insights. When you use these features:
- Voice recordings are sent to Google Gemini for processing and are not stored after transcription
- Receipt images are processed by Google Gemini and are not retained after analysis
- Only the extracted transaction data (amount, merchant, category) is saved to your account
Our use of Google APIs adheres to the Google API Services User Data Policy, including Limited Use requirements.
5. Third-Party Services
Zifra uses the following third-party services to operate:
- Supabase — secure database, authentication, and file storage
- Google Gemini — AI processing for voice and photo features
- Google OAuth — optional sign-in method
- Apple — optional sign-in method and in-app purchase processing
We do not share your data with any other third parties. We encourage you to review the privacy policies of these providers.
6. Payments
Zifra Pro subscriptions ($2.99/month or $24.99/year) are processed entirely by Apple App Store. Zifra never stores or has access to your payment card information. All billing is managed through your Apple ID. A 3-day free trial is available. You can cancel anytime through your App Store account settings.
7. Data Security
We implement industry-standard security measures:
- All data encrypted in transit using HTTPS/TLS
- All data encrypted at rest using AES-256
- Secure authentication managed by Supabase Auth
- Passwords are hashed and never readable
- No payment card data ever stored by Zifra
While we take every reasonable measure to protect your data, no method of internet transmission is 100% secure.
8. Your Rights
You have full control over your data:
- Access: view all your data within the app at any time
- Export: download your complete transaction history as CSV (Settings → Export)
- Correct: update your profile and data at any time
- Delete: permanently delete your account and all associated data (Settings → Account → Delete Account)
To exercise any of these rights or with any privacy questions, contact us at: support@zifraapp.com
9. Data Retention
We retain your data only as long as your account is active. Upon account deletion, all personal data is permanently removed from our systems within 30 days. Voice recordings are never stored. Receipt images are deleted when you delete the associated expense.
10. Children
Zifra is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us at support@zifraapp.com and we will delete it immediately.
11. Cookies and Local Storage
Zifra uses session cookies for authentication (managed by Supabase) and localStorage for your preferences such as theme and language. We do not use advertising cookies, third-party tracking cookies, or cross-site tracking of any kind.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via email or an in-app notification. Your continued use of Zifra after changes are posted constitutes acceptance of the updated policy.
13. Contact
- Operated by: Muhammad Patel
- Location: Panama
- Email: support@zifraapp.com
- Website: zifraapp.com
- Privacy page: zifraapp.com/privacy