PiggyLedger

Privacy Policy

Last updated: July 8, 2026 · Applies to the PiggyLedger mobile app (listed on the Play Store as "Scan, Sync, Receipts on Drive")

PiggyLedger ("the App") is developed by an independent developer ("we", "us"). This policy explains what data the App collects, why, and how you can control it.

In short: we ourselves do not read, store, or analyze your email address, your Google account details, or the contents of your receipts. Google sign-in exists only so your phone can talk directly to your Google Drive — that connection never passes through us. If you use the optional AI-enhance feature, the text extracted from a receipt (never the photo itself) is sent directly from your device to Google's Gemini API to auto-fill fields — this only happens when you choose to use it, and it's a direct device-to-Google exchange we don't see or store a copy of either. The only thing we see about your sync setup is a yes/no ("is sync turned on") and which option you picked ("Wi-Fi" vs "Manual") — never who you are or what's in your data.

1. Data we collect

Category A — needed to run a feature you turn on. This data is exchanged directly between your device and Google; we never store a copy or analyze it.

ServiceWhat it touchesWhy
Google Sign-InGoogle's own sign-in handshake identifies your account so the App can be authorized to access your Drive — we do not store your email or profileRequired only if you turn on Drive backup; skip sign-in and this never happens
Google Drive & SheetsYour receipt photos and expense data, written directly from your device to a folder the App creates in your own Google DriveCloud backup and optional spreadsheet export — this data belongs to you, stays in your Drive account, and we never see or host a copy
Google Gemini APIThe text extracted from a scanned receipt via on-device OCR (merchant name, date, amounts) — sent directly from your device to Google's Gemini API. The receipt photo itself is never sent, only this extracted textOptional AI-assisted field detection, only when you choose to use it — this exchange is between your device and Google directly; we don't see or store a copy

Category B — data we actually look at, to run and improve the App. Anonymous, aggregate only — never your email, name, or receipt content.

ServiceWhat it collectsWhy
Google AdMobAdvertising ID and ad interaction dataTo display in-app ads (some may be personalized, per your device's ad settings)
Firebase CrashlyticsCrash logs, device model, OS version, app version — not linked to your identityTo detect and fix bugs/crashes across different devices
Firebase AnalyticsAnonymous product signals only — e.g. whether sync is turned on (yes/no), which sync mode you picked (Wi-Fi/Manual), which screens/settings get used. Never your email, account details, or receipt contentTo see which features are actually used so we can improve or retire ones nobody touches

2. Data storage & sharing

3. Data retention

Crash and usage logs are retained per Firebase's default policy (currently around 90 days) and then deleted automatically. Your receipt/backup data in Google Drive is retained until you delete it yourself — we never delete your Drive files on your behalf.

4. Your choices

5. Children's privacy

PiggyLedger is not directed at children under 13, and we do not knowingly collect personal information from children.

6. Changes to this policy

If this policy changes, we'll update the "Last updated" date above. Continued use of the App after a change means you accept the updated policy.

7. Contact us

Questions about this policy or your data? Email piggyledger@gmail.com.