I'm I'll · Personal finance app

Privacy Policy

Version 1.4 · Effective June 15, 2026 · Updated June 20, 2026

Introduction and Scope
Information We Collect
How We Use Your Information
Legal Bases for Processing (GDPR)
How We Share Your Information
Data Retention
Your Rights and Choices
International Data Transfers
Children’s Privacy
Security
Cookies, Analytics, and Similar Technologies
AI Features and Third-Party AI Processing
Changes to This Policy
Contact Us

1. Introduction and Scope

This Privacy Policy explains how Bit Byte Core (SMC-Private) Limited, a single-member private limited company incorporated in Pakistan (Corporate Unique Identification No. 0294233, registered office at House No 116, Kashmir Colony, GT Road Chanda Qila, Kamonke, Gujranwala, Punjab, Pakistan), hereafter “we,” “us,” or “our”, collects, uses, shares, and protects personal information when you use the I’m I’ll mobile application (also styled “Im Ill” or “iamiwill”) on iOS and Android (the “App”), together with any related services, websites, or features we operate (collectively, the “Service”).

I’m I’ll is a personal finance tracking tool that helps you record transactions, build budgets, set savings goals, split bills with others, and extract data from receipts using artificial intelligence. We take your financial privacy seriously because we know how sensitive this information is.

This policy applies to you if:

You download, install, register for, or use the App.
You interact with us about the App (for example, by emailing support).
You are a resident of any country from which the App is accessible, including the United Arab Emirates, the European Economic Area (EEA), the United Kingdom, the United States, and others.

This policy does not apply to: third-party services you connect to the App (such as the Apple App Store or Google Play), whose own privacy policies govern their handling of your data. We describe those relationships below in Section 5.

If you do not agree with this policy, please do not use the App.

2. Information We Collect

We collect only what we need to run the App and deliver the features you use. We group the information into the categories below.

2.1 Account Information

When you create an account, we collect:

Email address: via Firebase Authentication, used to sign you in and contact you about the Service.
Display name: optional, shown inside the App.
Profile photo: optional, uploaded by you and stored in Firebase Storage.
Authentication credentials: if you sign in with Google or Apple, we receive the identifiers those providers share with us; we never see your password for those providers.

2.2 Financial Data You Enter

The App is a tracker, so almost everything financial is data you choose to enter:

Transactions (amount, date, merchant, notes)
Accounts and balances you configure
Categories, sub-categories, and tags
Budgets and savings goals
Bill splits and shared-expense descriptions
Debts, loans, and repayment schedules
Receipt images you upload or capture

This data is stored in an encrypted local database (Hive) on your device. For signed-in accounts, it is also synced to Firebase Firestore and Firebase Storage so it is available across your devices and backed up.

2.3 Receipt Images

When you scan a receipt:

The image is compressed on your device.
It is sent through our Firebase Cloud Function to Google Gemini for optical character recognition (OCR) and structured extraction.
The image is stored on your device and, for signed-in accounts, uploaded to Firebase Storage so it is available across your devices and backed up.

2.4 Voice Recordings (Voice Entry)

When you use voice entry to log a transaction:

Speech-to-text runs on your device, using the operating system’s built-in speech recognition (speech_to_text plugin). The audio never leaves your phone and is not sent to our servers or any third party.
The resulting transcription text remains on the device. It is parsed locally to pre-fill an entry and, if you confirm, saved as a transaction.
We send a fire-and-forget counter ping to our backend so we can track per-account voice-entry usage against your monthly allowance, but the counter contains only the increment, not the transcript or audio.

2.5 Device and Technical Information

Firebase Cloud Messaging (FCM) token: to send you push notifications (e.g., bill reminders, budget alerts).
Crash diagnostics: captured by Firebase Crashlytics (stack traces, OS version, device model, coarse locale). Crashlytics is configured to avoid collecting personal identifiers where possible.
App version, platform, and locale: used for compatibility and debugging.

2.6 Usage and Rate-Limit Data

To prevent abuse and enforce fair use, we keep per-account counters of:

Number of AI chat messages sent
Number of receipt scans performed
Number of voice entries submitted

These counters use rolling hourly, daily, and monthly windows. They do not contain the content of your requests.

2.7 Subscription and Purchase Information

When you subscribe, Apple App Store or Google Play processes your payment as merchant of record; we never see your full payment-card number.
We receive a purchase receipt or token from Apple or Google, verify it server-side, and store the resulting subscription state: plan (Basic, Pro, or Power), start and expiry dates, platform, and store transaction identifiers — so we can unlock the features your plan covers.

2.8 Biometric Authentication

If you enable biometric unlock (Face ID, Touch ID, fingerprint), the App uses your device’s native biometric API. The biometric template never leaves your device and is never seen by us. We only receive a yes/no signal that authentication succeeded.

2.9 PIN / Passcode

If you set an in-app PIN, it is hashed locally before being stored. We do not store or transmit the cleartext PIN.

2.10 Support Correspondence

If you email admin@bitbytecore.com or contact us through the App, we collect the contents of your message and any attachments so we can help you.

3. How We Use Your Information

We use the information described above to:

Provide the Service: sync your data across devices, render charts, power search, process receipts, generate AI replies.
Authenticate you: verify your identity on sign-in and sensitive operations.
Process purchases: verify your subscription and unlock the features your plan covers.
Communicate with you: send transactional emails (password resets, receipts), push notifications you have enabled, and occasional service announcements.
Protect you and us: detect and prevent fraud, abuse, unauthorized access, and violations of our Terms of Service, including enforcing rate limits.
Improve the App: analyze aggregated, de-identified usage patterns to prioritize features and fix bugs.
Comply with law: respond to lawful requests, keep accounting records where required, and resolve disputes.

We do not sell your personal information. We do not use your financial records, receipts, balances, or the structured data you enter to train or improve any AI model. The one narrow exception is fully optional and off by default: if you choose to opt in to “Help improve AI”, we use a scrubbed copy of your AI chat messages (with names and amounts removed) to improve our assistant’s quality. You can turn this off at any time, and it only ever applies to chats sent after you opt in. See Section 12, including Section 12.8.

If you are in the EEA, the United Kingdom, or another jurisdiction with similar rules, we rely on the following legal bases under Articles 6 and 9 of the GDPR:

Purpose	Legal Basis
Creating and operating your account; syncing and storing the financial data you enter; providing core features	Contract (Art. 6(1)(b)), performance of the Terms of Service you accepted.
Verifying subscriptions and unlocking paid features	Contract (Art. 6(1)(b)).
Voice entry	Consent (Art. 6(1)(a)), you explicitly opt in, and you can withdraw consent at any time.
Analytics and crash reporting	Consent (Art. 6(1)(a)). These are off until you turn them on in Settings → Privacy; you can withdraw consent at any time by turning them back off.
Fraud prevention; rate-limit enforcement; security monitoring	Legitimate interests (Art. 6(1)(f)), to protect the integrity of the Service and other users. We balance these against your rights.
Tax, accounting, and regulatory record-keeping	Legal obligation (Art. 6(1)(c)).

Withdrawing consent does not affect the lawfulness of processing we carried out before withdrawal.

We share your data only with the service providers we need to run the App, and only for the purposes described below.

5.1 Google / Firebase (Infrastructure)

We use Google Firebase as the backbone of the Service:

Firebase Authentication: user sign-in and session management.
Cloud Firestore: sync and storage of your financial records for signed-in accounts.
Firebase Storage: storage of profile photos and receipt images.
Cloud Functions for Firebase: our server logic, including AI calls.
Firebase Crashlytics: crash reporting.
Firebase Cloud Messaging: push notifications.
Firebase Analytics (if enabled), aggregated usage measurement.

Google processes this data as our data processor under the Google Cloud Data Processing Addendum.

5.2 Google Gemini (AI Processing)

We use the Google Gemini API (paid tier) through our Cloud Functions to power receipt OCR and chat features. Voice entry does not use Gemini, speech-to-text runs on your device. Under Google’s published API terms for paid usage, Gemini does not use your prompts or responses to train Google’s models, and Google retains request content only for the minimum period required to deliver the response and run abuse detection. We send Gemini only what is needed for the specific task and discard it after we receive the response.

5.3 Apple App Store and Google Play (Billing)

Subscriptions are sold and billed by Apple or Google as merchant of record; their privacy policies govern payment data. We receive only a purchase receipt or token plus the subscription state needed to unlock features. Apple and Google may also send us automated server-to-server notifications about your subscription status (for example, renewals, cancellations, or refunds) so your plan stays accurate; these contain transaction identifiers and subscription status, not your payment-card details.

5.4 Google Sub-Processors

Firebase itself uses Google sub-processors (for example, for DDoS protection, content delivery, and logging). A current list is maintained by Google at https://firebase.google.com/terms/subprocessors.

We may disclose information when we believe in good faith that it is necessary to:

comply with applicable law, regulation, legal process, or lawful government request;
enforce our Terms of Service, including investigation of suspected abuse;
protect the rights, property, or safety of our users, ourselves, or others; or
complete a business transfer (merger, acquisition, financing, or sale of assets), in which case we will provide notice before your data becomes subject to a different policy.

5.6 With Your Direction

If you explicitly choose to export data, share a bill split via a system share sheet, or connect the App to another service, the receiving party is controlled by you.

We do not sell your personal information, and we do not share it with advertisers or data brokers.

6. Data Retention

We keep your personal information only as long as we need it:

While your account is active: we retain your data so the App keeps working for you.
After you delete your account: we delete your account-level records from our production systems promptly, typically within 7 days. Encrypted backups may retain residual copies for up to 30 days before rotation completes, after which those backups expire.
Support emails: kept for up to 24 months after the ticket is closed.
Tax and accounting records: kept for the period required by applicable tax and accounting law in Pakistan (typically 5–7 years).
Abuse and security logs: kept for up to 12 months to investigate repeated violations.
“Help improve AI” chat messages: chat messages retained under the optional Help improve AI programme are kept for no longer than 24 months and are deleted when you withdraw consent or delete your account, whichever is first. See Section 12.8.

Where law requires longer retention (for example, records of a disputed transaction under review), we keep the minimum necessary until the matter is resolved.

7. Your Rights and Choices

Depending on where you live, you have some or all of the following rights:

Right	What it means
Access	You can request a copy of the personal information we hold about you.
Rectification / Correction	You can ask us to correct inaccurate or incomplete data.
Erasure / Deletion	You can delete your account and your personal data. The App has a built-in Delete My Account function in Settings.
Portability	You can export the data you have created in a structured, commonly used, machine-readable format (JSON). Transaction lists can also be exported as CSV for spreadsheets.
Restriction / Objection	You can ask us to stop or limit certain processing, especially processing based on legitimate interests.
Withdraw Consent	Where we rely on consent (e.g., voice entry, analytics), you can withdraw it at any time in Settings.
Complain to a Regulator	EEA/UK users may lodge a complaint with their local Data Protection Authority. UAE users may contact the UAE Data Office. California users have rights under CCPA/CPRA, including the right to know, delete, correct, and opt out of “sharing” as defined under CCPA.

How to exercise your rights:

In the App: open Settings → Privacy to export data, manage consents, and delete your account.
By email: write to admin@bitbytecore.com. We may need to verify your identity before acting on requests about sensitive data.

To object to or restrict processing we carry out on the basis of legitimate interests (e.g. crash reporting, security monitoring), turn off the relevant setting in Settings → Privacy where available, or email admin@bitbytecore.com and we will assess your objection under Article 21.

We will respond within 30 days (or the shorter period required by your local law). There is no fee for reasonable requests.

7.1 California Residents (CCPA/CPRA)

We do not sell personal information and we do not “share” personal information for cross-context behavioral advertising as defined under the CCPA. You have the right to know, delete, correct, and request a portable copy of your personal information, and the right not to be discriminated against for exercising those rights.

8. International Data Transfers

Firebase stores and processes data primarily in Google Cloud regions in the United States and the European Union. When your data is transferred out of your country (including from the EEA/UK to the US), we rely on:

Standard Contractual Clauses approved by the European Commission (2021 SCCs), incorporated into Google Cloud’s Data Processing Addendum; and
Supplementary technical safeguards such as encryption in transit (TLS 1.2+) and at rest (AES-256) provided by Firebase.

You can request a copy of the relevant transfer safeguards by emailing admin@bitbytecore.com.

9. Children’s Privacy

The App is not directed to children and we do not knowingly collect personal information from them.

In the United States, we do not allow users under 13 (COPPA, 16 C.F.R. Part 312).
In the EEA and the UK, the minimum age is 13; where your EU Member State sets a higher digital-consent age (13–16 under Article 8 GDPR), that higher age applies to consent-based processing.
In the UAE and elsewhere, the minimum age is 13 unless local law sets a higher age.

Core account features rely on our contract with you (Art. 6(1)(b)); separable features such as voice entry and analytics are gated by their own consents.

If we learn that we have collected personal information from a child in violation of these rules, we will delete it promptly. A parent or guardian can contact admin@bitbytecore.com to request deletion.

10. Security

We follow industry-standard practices to protect your data:

Transport encryption: all traffic between the App and our backend uses TLS 1.2 or higher.
At-rest encryption: Firestore and Firebase Storage encrypt data at rest with AES-256; the local Hive database is encrypted on device.
Authentication: Firebase Authentication with support for Google, Apple, and email sign-in, plus optional biometric and PIN locks.
PIN hashing: your in-app PIN is hashed locally; we never store or transmit it in cleartext.
Access controls: only authorized personnel can access production systems, subject to least-privilege and audit logging.
Monitoring: Firebase security rules restrict Firestore/Storage reads and writes to the owning user.
Crash reporting hygiene: Crashlytics is configured to minimize PII capture.

No system is perfectly secure. If we discover a breach that affects your personal data, we will notify you and, where required, the relevant Data Protection Authority, within the timeframes mandated by applicable law (for GDPR, within 72 hours under Article 33).

11. Cookies, Analytics, and Similar Technologies

The App is a native mobile app and does not use browser cookies. It may use mobile equivalents:

Firebase Analytics: when enabled, captures aggregate events like screen views and feature usage. Analytics is off until you turn it on in Settings → Privacy → Analytics, and you can turn it back off there at any time.
Firebase Crashlytics: captures crash stack traces. Crash reporting is off until you turn it on in the same menu, and you can turn it back off at any time.
Installation identifiers: Firebase assigns an installation ID to your App instance for reliable push delivery and abuse detection.

Our website (if any) may use basic first-party cookies for session and preference management. If we introduce any advertising or cross-site tracking cookies in the future, we will update this policy and ask for consent where required.

12. AI Features and Third-Party AI Processing

The App uses AI to make data entry faster. Here is exactly what happens.

12.1 What we send to Google Gemini

Depending on the feature you use:

Receipt OCR: the compressed receipt image.
AI chat: your typed message plus a compact financial summary needed to answer it — your recent spending totals and top spending categories, a small number of your most-frequent merchant names, your account balances and names, and your budgets, goals and informal debts (IOUs). We do not send your full transaction history, receipt images, email, payment details or device identifiers.

Voice entry is not sent to Gemini at all. Speech-to-text for voice entry runs on your device using the operating system’s built-in speech recognition; the audio never leaves your phone. See Section 2.4.

12.2 Gemini’s treatment of the data

We use Gemini’s paid API tier. Under Google’s published API terms:

Your prompts and Gemini’s responses are not used to train Google’s generative models.
Google retains request content only for the minimum period required to deliver the response and operate abuse/safety systems.

You can review Google’s terms at https://ai.google.dev/gemini-api/terms. If Google materially changes these terms in a way that affects this commitment, we will update this policy and notify you.

12.3 What we keep

The output returned by Gemini (extracted receipt fields, chat reply) is stored as part of your account data, under the same retention rules as other financial data you enter.
Receipt images are stored on your device and, for signed-in accounts, in Firebase Storage under your user ID.
Voice transcripts are produced on-device and only saved if you confirm the entry, they are never sent to our servers.

12.4 AI output is informational only

AI suggestions, including category predictions, extracted receipt fields, and chat replies, are informational and may be inaccurate. Always review them before relying on them. The App is not a licensed financial, investment, tax, or legal advisor. See the Terms of Service for the full disclaimer.

12.5 Opting out

You can turn AI features off entirely in Settings → AI. If you do, the App reverts to fully manual entry. Your account and existing data remain usable.

12.6 On-Device AI Model

The App offers to download a small language model (Gemma) to your phone the first time you tap an AI feature. The download is optional and can be skipped; tapping “Not now” stops the prompt for the rest of the session. You can also start or remove the download at any time from Settings → AI → On-device Model.

Once downloaded:

The model runs entirely on your phone. Categorisation, simple chat about your spending, and short explanations of suggestions are answered locally without sending the question to our servers.
Receipt OCR continues to use cloud Gemini because the on-device model is not built for image processing. The OCR scrubbing rules described in Section 12.1 still apply.
Deeper questions, multi-step research, and other tasks that exceed what a small on-device model can handle still go through Gemini, subject to your monthly usage allowances.
The model file lives in your app’s private storage and is removed when you uninstall the App or tap Remove from device in Settings.

12.7 Chat Memory Summary

To make the assistant remember relevant context across chat sessions without storing or sending thousands of historical messages with every reply, a scheduled Cloud Function periodically distils your recent chat history (roughly the last 30 days) into a short paragraph of no more than 1,500 characters. The paragraph is stored at users/{your-uid}/metadata/agent_memory.summary inside your private Firestore namespace and is included in the system prompt of subsequent chat replies so the assistant can speak to your situation specifically.

You can clear it at any time by tapping Clear conversation in the chat overflow menu (this empties the underlying chat history, so the next summary job has nothing to summarise).

12.8 Helping Improve Our AI (Optional)

We offer an optional way for you to help make our AI assistant better. This is a separate, affirmative choice, it is off by default, and the App works fully without it.

What this is. If you turn on “Help improve AI” (in Settings → AI, or via the one-time invitation we show inside the AI area), you allow us to keep a copy of your AI chat messages so we can study them and improve the quality, accuracy, and helpfulness of the assistant.

What is included. Only the messages in your AI chat are used. Before any message is stored for this purpose, we automatically scrub content that looks sensitive, including anything resembling a card number or bank/account number (IBAN). The same scrubbing the assistant already applies is repeated here as a safeguard.

What is never included. We do not use your receipt images, account balances, transactions, budgets, goals, contacts, email address, payment information, or device identifiers to improve our AI. This option covers your chat messages only.

It is opt-in and time-limited. We only keep chat messages that you send after you opt in. We never go back and use chats from before you turned the option on. Turning the option on does not retroactively expose your earlier conversations.

It is revocable at any time. You can turn “Help improve AI” off whenever you like in Settings → AI. When you turn it off, we stop keeping new chat messages for this purpose from that point forward.

How long we keep it. Chat messages retained under the optional Help improve AI programme are kept for no longer than 24 months and are deleted when you withdraw consent or delete your account, whichever is first.

Legal basis (GDPR). Where GDPR applies, we rely on your consent (Art. 6(1)(a)) for this processing. Withdrawing consent does not affect the lawfulness of processing carried out before you withdrew it. See Section 4.

You can see what we kept. The messages stored under this option, together with the record of your consent (whether it is on, and when you turned it on or off), are included in the data you can download with the App’s data export (see Section 7), so you can review exactly what you agreed to and what has been retained.

Purpose limit. Data kept under this option is used only to improve and evaluate our own AI assistant. It is not sold, not used for advertising, and not shared with data brokers. As noted in Section 12.2, Google does not use your prompts or responses to train Google’s models; this option is solely about our own quality improvement work.

13. Changes to This Policy

We may update this policy from time to time. When we do:

We will change the Effective Date and Version at the top.
We will post the updated policy in the App and at https://iamiwillapp.web.app/privacy.
For material changes (such as new categories of data or new sharing practices), we will notify you in the App and, where practical, by email, and ask you to re-consent before continuing to use affected features.
For material changes we will give you at least 30 days notice before they take effect. If you do not agree, you may stop using the Service and, if you have a paid subscription, cancel it without penalty through your app store. We will not apply a price increase to your current paid period without your consent.

Continuing to use the App after a non-material change means you accept the revised policy.

14. Contact Us

If you have questions, concerns, or requests about this policy or your personal data, contact us:

Email: admin@bitbytecore.com
Entity: Bit Byte Core (SMC-Private) Limited
Registration: Incorporated under the Companies Act, 2017 (Pakistan). Corporate Unique Identification No. 0294233, issued by the Securities and Exchange Commission of Pakistan (SECP) on 12 May 2025. Verify at https://leap.secp.gov.pk/#/verify-company-info/0294233.
Registered Office: House No 116, Kashmir Colony, GT Road Chanda Qila, Kamonke, Gujranwala, Punjab, Pakistan
Jurisdiction: Islamabad, Pakistan
Canonical URL: https://iamiwillapp.web.app/privacy

If you are in the EEA or the UK and believe we have not resolved your concern, you may contact your national Data Protection Authority. A list is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

15. California Residents Shortcut

Do not sell or share my personal information: see Section 7.1 California Residents (CCPA/CPRA) for your full rights.

We do not sell personal information and we do not share it for cross-context behavioral advertising as defined under the CCPA. The linked section explains your CCPA / CPRA rights (right to know, delete, correct, port, and opt out of “sharing”) and how to exercise them.

Thank you for trusting I’m I’ll with your financial life. We take that seriously.

Table of Contents