Last updated: March 2026
The data controller for your personal data is HomePot App. Email: homepotapp@gmail.com. You can contact us at any time to exercise your rights or resolve any privacy-related inquiries.
This Privacy Policy describes how HomePot collects, uses, and protects your information. We are committed to protecting your privacy and comply with GDPR (EU), CCPA (California), LGPD (Brazil), and other applicable privacy laws worldwide. By using HomePot, you agree to the practices described in this policy.
To provide the service, we collect: email address (authentication), name (group identification), expense data (amounts, descriptions, categories, dates), group data (name, invite code, members, roles), recurring expenses, monthly closings, and optionally profile photos, group images, and receipt photos. When using the AI Receipt Scanner, images are temporarily sent to Anthropic Claude for processing but are not stored by the AI service. All information is voluntarily provided by you.
We do NOT collect: location data, contacts or calendar, advertising identifiers, usage data with third-party analytics, financial information (bank accounts, cards), social media information, or device identifiers for tracking. The App accesses your camera and gallery only when you choose to upload images or use the AI Scanner.
Your data is securely stored on Supabase (AWS infrastructure). Data is encrypted in transit (TLS/SSL) and at rest. Authentication uses secure JWT tokens. Passwords are stored with bcrypt hashing. Row-level security (RLS) policies ensure you can only access data from your groups. Receipt images sent to the AI scanner are transmitted over encrypted connections.
Your data is only shared with members of your groups. Your name, email, profile photo, and expenses are visible to group members. We do NOT sell, rent, or share your data with third parties for advertising, marketing, or other commercial purposes.
Your data is retained as long as you have an active account. You can delete your account from Settings, delete your profile photo, leave groups, or delete groups you own. When you delete your account, all your data is immediately erased. Accounts inactive for more than 2 years may be automatically deleted with 30 days prior notice. You can also request deletion at homepotapp@gmail.com.
HomePot uses: Supabase (authentication, database, storage on AWS), Expo (development framework), Apple App Store / Google Play Store (distribution and payments), Anthropic Claude AI (receipt scanning), and RevenueCat (subscription management). Subscription payments are processed entirely by Apple or Google. We do not use analytics, advertising, or tracking services.
HomePot is not intended for children under 16. We do not knowingly collect information from children. If you believe a child has provided us with personal information, contact us and we will delete it immediately.
EU residents have the right to: access a copy of their data, rectify inaccurate data, request erasure, data portability, object to processing, and restrict processing. Contact us to exercise these rights.
California residents have the right to know what data we collect, request deletion, and not be discriminated against for exercising privacy rights. We do NOT sell personal information.
HomePot is available worldwide. Your data may be stored on servers in the EU or US. By using the App, you consent to this transfer with appropriate safeguards under applicable laws.
We implement robust security measures: data encryption, secure JWT authentication, row-level security policies, bcrypt password hashing, and secure device sessions. No method of transmission is 100% secure, but we take every reasonable precaution.
Processing is based on: contract performance (providing the service), consent (creating your account), and legitimate interest (security, service operation, and monitoring aggregate usage patterns to enforce limits and prevent abuse). You can withdraw consent at any time by deleting your account.
We may update this policy from time to time. Changes will be reflected in the "Last updated" date. For significant changes, we will notify you within the App.
For questions about this Privacy Policy, contact us at homepotapp@gmail.com or through the app store listing. EU residents can also file a complaint with their local data protection authority.
HomePot collects only the data necessary to function: your email, name, expenses, and optionally photos. When using the AI Scanner, images are temporarily processed by Anthropic Claude but not stored. Your data is securely stored, shared only with your group members, and never sold. You have full control and can delete your data at any time.