expendr Privacy Policy

Summary of what matters most

• We collect account details you provide, and activity within the app such as searches, waitlist events, likes, settings, and purchases routed through our affiliate links.
• We do not collect or store your payment card numbers or bank login credentials. Purchases occur on retailer sites.
• We use data to run and improve the product, recommend cheaper equivalents, operate the waitlist, calculate “money not spent,” personalize tips, and measure performance.
• We share data with service providers that help us operate the Services, with analytics and crash reporting tools, and with retailers or affiliate platforms as needed to track commission.
• You can export or delete your account data, toggle AI personalization, adjust notifications, and change waitlist defaults in Settings.
• We do not sell your personal information. We do not show third-party behavioral ads.

1) Information We Collect

A. Information you provide

• Account and profile. Email address, display name or username, authentication provider information if you sign in with Google or Amazon, and optional profile image.
• Preferences and settings. Waitlist durations, nudge settings, categories and budget values, appearance, notification preferences.
• Support communications. Messages you send to support or product teams, and any attachments you choose to share.

B. Information collected when you use the Services

• App activity. Searches, filter selections, product views, likes, items added to and removed from Waitlist, unlock taps, timer start and expiry events, “Saved instead” decisions, and Optimize actions you apply.
• Purchases routed through expendr. When you tap “Buy on [Store]” we route you to the retailer using an affiliate link. We receive limited confirmation data from retailers or affiliate platforms such as order identifier, timestamp, and purchase amount for commission tracking. We do not receive your full order contents in all cases and we do not receive your payment card number.
• Savings signals. Data used to compute “money not spent,” such as the price of a skipped item or the difference between a chosen equivalent and a higher priced option you viewed.
• Device and usage. Device model, operating system version, app version, language, time zone, basic diagnostics, and interactions needed for analytics and crash reporting.
• Cookies and similar. If you visit our website or use a browser extension in the future, we may use cookies or local storage to operate core features and remember preferences.

C. Information from third parties

• Authentication providers. If you choose “Sign in with Google” or “Sign in with Amazon,” we receive your account identifier and basic profile information those providers share with us.
• Retailers and affiliate platforms. Commission tracking events and limited purchase confirmations.
• Service providers. Aggregated or de-identified analytics and performance metrics.

We do not knowingly collect sensitive personal information such as government IDs, precise geolocation, or financial account credentials.

2) How We Use Information

• Provide and maintain the Services. Account creation, authentication, core shopping and waitlist features, timers, notifications, and navigation.
• Compare prices and suggest equivalents. Show cross-store context, highlight lower cost alternatives, and surface options that fit your filters.
• Operate the Waitlist. Start and manage timers, enable three-tap unlock, and move items to Ready to Buy.
• Compute summaries and savings. Generate the spending sentence, charts, budgets, and “Total Saved.”
• Optimize and personalize. Generate three tailored tips on the Optimize page, and update suggestions when you change the command box parameters. You can turn the AI Optimizer off in Settings.
• Measure performance and fix issues. Analytics, crash logs, debugging, and quality assurance.
• Communicate with you. Service messages such as changes to terms or important product updates. You may manage marketing emails, if any, via unsubscribe links.
• Prevent misuse and comply with law. Detect abuse, enforce terms, and meet legal or regulatory obligations.

Where required by law, we rely on one or more legal bases to process your information, including performance of a contract, legitimate interests such as product improvement and fraud prevention, compliance with legal obligations, and your consent where applicable.

3) AI and Personalization Features

Certain features use third-party machine learning or AI services to classify items, rank equivalents, and generate tips. To provide these features we may send limited inputs such as product titles, category labels, your selected filters, and de-identified behavior signals. We do not send payment card numbers or bank credentials. Providers act as our processors and must handle data according to our instructions. You can disable AI personalization in Settings, which limits processing for that purpose.

4) How We Share Information

• Service providers. Hosting, data storage, authentication, analytics, crash reporting, email delivery, and customer support tools. Providers may access personal information only to perform services for us and must protect it.
• Retailers and affiliate platforms. To attribute commission and validate purchases when you choose to buy through expendr links.
• Compliance and safety. To respond to lawful requests, protect our rights and users, or investigate fraud and security issues.
• Business transfers. If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to confidentiality commitments.
• With your direction. When you connect a feature or share content intentionally.

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

5) Data Retention

We keep personal information for as long as needed to operate the Services, resolve disputes, enforce agreements, and comply with legal obligations. When data is no longer required, we will delete or de-identify it. You can request deletion of your account in Settings or by emailing support@expendr.app.

6) Your Rights and Choices

• Access, correction, deletion. You can request a copy of your data, ask us to correct inaccurate data, or ask us to delete data. Use Settings where available or email support@expendr.app.
• Portability. You may request an export of your account data in a portable format.
• Opt out of AI personalization. Toggle AI Optimizer off in Settings.
• Budgets and nudges. Change or remove budgets and nudges at any time in Settings.
• Notifications. Control push notifications in the app and in your device settings.
• Marketing emails. Unsubscribe using the link in any email.

California residents

You may have rights to know, correct, delete, and limit use or disclosure of personal information under the California Consumer Privacy Act. We do not sell or share personal information as those terms are defined in California law. Submit requests via support@expendr.app.

EEA and UK residents

Where GDPR or UK GDPR applies, you have rights to access, correct, delete, restrict, or object to processing, and to data portability. You may also lodge a complaint with your local supervisory authority. We rely on legitimate interests, performance of a contract, legal obligations, and consent where required. If data is transferred outside the EEA or UK, we use appropriate safeguards such as Standard Contractual Clauses.

7) Children’s Privacy

The Services are not directed to children under 13 and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will take appropriate steps. For users in the EEA or UK, the minimum age may be higher under local law.

8) Security

We use administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and monitoring. No method of transmission or storage is perfectly secure. If we learn of a security incident that affects your information, we will notify you and any regulators as required by law.

9) International Data Transfers

We are based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, or processed in the United States or other countries that may have different data protection laws. We implement safeguards required by applicable law.

10) Third-Party Sites and Services

When you tap “Buy on [Store]” you leave our Services and go to a retailer site. That site’s privacy policy governs the collection and use of your information there. We do not control third-party sites.

11) Changes to This Policy

We may update this Policy to reflect changes to the Services or the law. We will post the updated Policy with a new effective date, and we may notify you in the app or by email for material changes. Your continued use of the Services means you accept the updated Policy.

12) Contact Us

• Email: support@expendr.app
• Mailing address: [Insert legal entity name and mailing address]

If you are an EEA or UK resident and wish to contact a representative or our data protection contact, email support@expendr.app and include “GDPR request” in the subject.

13) Additional Disclosures

• Do Not Track. The Services do not respond to Do Not Track signals.
• Automated decision making. We use automated systems to classify impulse risk and suggest equivalents. You can always proceed to purchase, use the three-tap unlock, or disable personalization.
• Open requests. If you submit a privacy request, we will verify your identity using account email and device information and respond within the time required by applicable law.

Appendix A: Data Categories and Purposes Map

• Identifiers
  Email address, authentication provider ID, device identifiers.
  Purpose: account creation, authentication, security, support.
  Sharing: service providers, authentication providers.
• Commercial or transaction information
  Affiliate purchase confirmations, order identifiers, prices.
  Purpose: commission tracking, savings calculations, analytics.
  Sharing: affiliate platforms, service providers.
• Internet or device activity
  Search terms, filter selections, views, taps, crash logs, diagnostics, IP address.
  Purpose: product functionality, analytics, troubleshooting, security.
  Sharing: analytics and crash reporting providers.
• In-app preference data
  Budgets, categories, waitlist settings, nudges, AI Optimizer toggle.
  Purpose: personalization, user-directed features.
  Sharing: service providers that power core features.
• Inference data
  Item impulse classification, recommended equivalents, Optimize tips.
  Purpose: personalization and product improvement.
  Sharing: AI service providers acting as processors.