StashApp — Privacy Policy

Last updated: May 15, 2026

The short version. StashApp is a personal credit-card tracker for Android. It runs entirely on your device. There is no StashApp server, no account to sign up for, no analytics, no advertising, and no sale of your data. The only times your phone talks to anyone else are when you explicitly choose to use a feature that requires it (linking a bank, finding nearby merchants, etc.), and those requests go straight from your device to that provider.

1. Who runs StashApp

StashApp is a personal project maintained by an independent developer (Harman Birring). It is distributed as an Android app and as open source on GitHub. There is no company behind it, no employees, and no marketing pipeline.

Source: github.com/hbirring01/CreditCardApp. Questions or deletion requests: open an issue on the repository.

2. What data StashApp handles

The app processes the following categories of information only when you enter them or enable the feature that creates them:

Card details — issuer / brand, last four digits of the account number, cardholder name, balance, credit limit, expiry month and year, and an optional nickname.
Transactions — date, amount, merchant, category, and an optional note, either entered manually or fetched from a linked account (see section 4).
Rewards data — per-card reward multipliers, point balances, rotating quarterly bonuses, annual fee, signup-bonus progress.
Preferences — your theme choice and other UI flags.
Location — only while you are actively using the Rewards Map screen, and only when you grant the runtime permission. The coordinates are sent to the merchant lookup providers in section 4 and are not retained by StashApp.
Authentication state — a local PIN (hashed) and your biometric registration with the Android system. The biometric data itself never leaves the Android Keystore; StashApp only asks the system whether you authenticated.

3. Where data lives

All app data is stored locally on your device in an encrypted SQLite database (SQLCipher / AES-256). The database passphrase is generated on first launch and stored in the Android Keystore. Secrets you supply in Settings (Plaid client_id / secret, Foursquare API key) are kept in EncryptedSharedPreferences with a master key in the Android Keystore.

There is no remote backend operated by StashApp. Your data is never uploaded to a StashApp server, because no such server exists. Backups follow your device's normal Android backup rules; the encrypted database is opaque without the on-device Keystore key.

4. Third-party services

Some optional features require talking to other services. Each request is initiated by your device and goes directly to that provider. StashApp does not proxy these calls.

4.1 Plaid (bank account linking)

When you tap Connect a bank, the Plaid Link SDK opens. Plaid Inc. handles bank authentication and returns an access token to your device. That token, plus the resulting account and transaction data, is stored locally as described in section 3. Plaid's handling of your bank credentials is governed by their own policy: plaid.com/legal. To disconnect, remove the linked Item from within StashApp; you may also revoke access from my.plaid.com.

4.2 Foursquare Places (Rewards Map)

When you open the Rewards Map or run a business name search, your approximate latitude and longitude and your query string are sent to the Foursquare Places API for venue lookup. See foursquare.com/legal/privacy.

4.3 OpenStreetMap / Overpass (Rewards Map)

Map tiles and venue data may be fetched from the OpenStreetMap project and the Overpass API. These requests include the area being viewed and standard HTTP headers. See OpenStreetMap's privacy policy.

4.4 Android system services

Standard Android components (Fused Location Provider, biometric prompt, file picker, etc.) are governed by Google's platform policies, not by StashApp.

5. What StashApp does not do

No accounts, no sign-up, no email collection.
No advertising and no ad SDKs.
No analytics, no crash reporting, no telemetry of any kind.
No selling, renting, or sharing of personal data with third parties for marketing purposes.
No tracking across apps or websites.

6. Permissions

Biometric / Use Fingerprint — to unlock the app.
Fine / Coarse Location — only while you use the Rewards Map; never in the background.
Internet — to reach Plaid, Foursquare, and the map providers when you use those features.
Post Notifications — only used for optional statement / reward reminders if you enable them.

7. Children

StashApp is not directed at children under 13. It deals with credit-card accounts that minors generally cannot hold. No knowing collection of data from children occurs.

8. Your rights

Because StashApp stores everything on your device, you control all of it:

Access: all data is visible within the app.
Delete: remove individual items in the UI, clear saved keys in Settings, or uninstall the app to wipe everything.
Portability: exports (CSV, etc.) can be triggered from within the app where supported.

For data that has flowed to a third-party provider (Plaid, Foursquare), contact that provider directly to exercise your rights with them.

9. Security

StashApp encrypts the local database with SQLCipher (AES-256) and stores third-party API keys with EncryptedSharedPreferences backed by the Android Keystore. The app requires PIN and/or biometric authentication to open. No software is bug-free; if you believe you've found a security issue, please open a private security advisory on the GitHub repository.

10. Changes to this policy

Material changes will be reflected by updating the "Last updated" date at the top of this page and, where appropriate, surfaced in the app's release notes. The current version is always at hbirring01.github.io/CreditCardApp/privacy.html .

11. Contact

The best way to reach the maintainer is to open an issue on the project repository: github.com/hbirring01/CreditCardApp/issues.