Family Budget Tracker

AI Statement Processing Disclosure

Last Updated: January 23, 2026

How We Process Your Bank Statements with AI

🤖 Vision First Technology

We use Google Gemini's advanced AI to "see" your statement like a human would - reading tables, understanding layout, and extracting transactions with 95%+ accuracy.

The 5-Step Process (Manual Upload):

  1. Upload: Your PDF or JPEG statement is securely uploaded to Cloudflare R2 (AES-256 encrypted cloud storage)
  2. AI Processing: The file is sent to Google Gemini AI for transaction extraction
  3. Data Extraction: Gemini returns structured transaction data (dates, descriptions, amounts)
  4. Storage: Extracted transactions are saved to your account
  5. Cleanup: The original PDF is permanently deleted from our servers

The "Magic Drop" Automation (Google Drive):

Magic Drop uses a dedicated Service Account bot to automate your budgeting.

🔒 The "Jailed Bot" Security Concept

Our automation bot is "Jailed" to a single folder. It cannot see anything else in your Google Drive. You are the boss—you can "Unshare" the folder at any time to kill the connection instantly and evict the bot from your Drive.

AI-Powered Trend Analysis

📈 5+1 Pay Cycle Lookback

The AI analyzes your last 5 completed pay cycles plus the current cycle to spot long-term patterns. It looks at aggregated category totals to provide Wealth Gap and Safety Net insights.

Note: Trend insights focus on macro patterns. We do not store raw transaction data globally for trend analysis; it is processed in real-time within your private account context.

Privacy vs Accuracy: Our Honest Approach

Why We Send the Full PDF to Google Gemini

Our "Vision First" AI uses the statement image directly (PDF or JPEG, not extracted text) because:

  • 95%+ accuracy (vs 70% with text-only OCR)
  • ✅ Correctly reads complex tables and layouts
  • ✅ Handles handwritten notes, stamps, and multi-column formats
  • ✅ Faster processing (single AI call vs OCR + AI)
⚠️ What This Means for Your Privacy

Your full statement (including account numbers, card numbers, and balances) is sent to Google Gemini for processing.

Google's Data Protection Guarantee

✅ Your Data is Protected
  • Google does NOT store your statement - Processed and discarded immediately
  • Google does NOT train AI on your data - Paid API guarantee
  • Google does NOT share your data - Enterprise data processing agreement
  • GDPR Compliant - Google's AI API meets EU data protection standards

Reference: Google Cloud AI Services Terms - Section 5.2: "Google will not use Customer Data to train or improve Google's AI models"

🔐 Secure Keys & Password Vault

Many banks password-protect their PDF statements (e.g., using your date of birth or postcode). Our system handles this securely without compromising your privacy.

📂 How it Works:
  • Manual Upload: If you upload an encrypted PDF, the system automatically checks your private Vault for a matching password. If none is found, you'll be prompted to add it.
  • Magic Drop (Automation): Since you aren't present during background syncs, you must pre-save your bank's PDF password in your Magic Drop Settings.
🔒 Encryption & Privacy

Your statement passwords are encrypted at rest in our database using industry-standard AES-256 encryption. They are only used in-memory during the processing cycle to unlock the file for the AI. We never store the decrypted version of your password or your statement.

What Data is Shared with Third Parties?

Service What They Receive Why Do They Store It?
Google Gemini AI Your full statement (PDF or JPEG) Extract transactions ❌ No (immediate processing only)
Cloudflare R2 Encrypted file (temporary) Secure file storage during processing and backups ⏱️ Temporarily (Statements deleted after processing)
Stripe Email, payment info Process subscription payments ✅ Yes (required for billing)

Your Privacy Alternatives

If You Prefer Maximum Privacy:

Option 1: Redact Sensitive Information First (Recommended)

  • ✅ Use Adobe Acrobat Reader (free) to redact account numbers, card numbers, and personal details
  • ✅ Export as JPEG image - our system supports JPEG uploads
  • ✅ Upload the redacted JPEG for AI processing
  • ✅ Same 95%+ accuracy with maximum privacy
  • ❌ Requires manual redaction (5-10 minutes per statement)

Option 2: Manual Transaction Entry

  • ✅ No AI processing
  • ✅ No third-party data sharing
  • ✅ Complete control over your data
  • ❌ Slower (manual entry required)

Option 3: Wait for OCR + PII Redaction (Future)

  • ✅ Card numbers and phone numbers redacted before AI processing
  • ❌ Lower accuracy (~70% vs 95%)
  • ❌ Slower processing
  • ❌ May miss complex transactions
💡 Our Philosophy

We believe transparency and accuracy serve you better than false privacy promises. You deserve to know exactly what happens to your data and make an informed choice.

What We (The App Owner) Can See

Admin Dashboard Access:

✅ What I CAN see:

  • Your email address and subscription status
  • Number of statements you've uploaded
  • System usage statistics (for debugging and improvements)
  • Number of accounts and categories you've created

❌ What I CANNOT see:

  • Your transaction details (descriptions, amounts)
  • Account balances or financial data
  • Statement content or PDFs
  • Personal financial information
🔒 Your Financial Data is Private

The database is encrypted, and I've intentionally designed the admin dashboard to not display sensitive financial information. I can see that you're using the app, but not what you're budgeting for.

Your Rights & Control

  • Delete uploaded statements anytime - AI Upload page → Delete button
  • Export your data - Premium feature (Settings → Export Data)
  • Delete your account - Settings → Delete Account (see below)
  • Opt-out of AI processing - Use manual transaction entry instead
  • Cancel subscription anytime - No questions asked

Account Deletion

When you delete your account, the following data is permanently removed:

  • All transactions and categories
  • All accounts and balances
  • All uploaded statements
  • All savings goals and budgets
  • Your email and personal information

What we keep (anonymized): Usage statistics for service improvement (e.g., "A user uploaded 5 statements in December 2026" - without identifying you).

Delete My Account

Questions or Concerns?

If you have questions about how we process your data, please contact us:

Related Pages:

Back to Dashboard