IncomePilot
Sign In

Privacy Policy

How we collect, use, and protect your information.

Last updated: April 2025

1. About this Policy

IncomePilot ("we", "us", or "our") operates the IncomePilot mobile application and website (together, the "Services"). This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights in relation to that information.

By using IncomePilot you agree to the practices described in this policy. If you do not agree, please do not use the Services.

2. How IncomePilot Handles Your Data

IncomePilot is local-first by design. The earnings, shift logs, expenses, and work data you enter are stored on your device by default. This data does not leave your device unless you use features that require it to do so.

Premium cloud-backed features. When you use premium cloud-backed features — such as cloud backup, cross-device restore, or connected premium experiences — eligible data may be securely transmitted to and stored on our infrastructure to support those features. This is done to protect your progress and enable restore and continuity. It is part of the premium experience, not a silent background process.

In either case, your data belongs to you.

3. Information We Collect

3.1 Account Information

When you create an account we collect your email address and any optional profile details you provide. Your password is hashed and never stored in plain text. Account information is stored on our authentication infrastructure regardless of your plan, as it is required to operate your account.

3.2 Work and Earnings Data

Shift logs, gig records, freelance entries, expenses, goals, and any other income data you enter are stored locally on your device by default.

If you activate premium cloud-backed features, eligible earnings data may be securely backed up and synced to our cloud infrastructure to support backup, restore, and connected premium features. This is described in your in-app settings when those features are active.

3.3 Usage and Diagnostics

We collect anonymous usage events (such as which features are used) and crash reports to help us improve the app. These do not include the content of your earnings entries. We use industry-standard analytics and crash reporting tools for this purpose.

3.4 Device Information

We collect limited device information — such as device type and operating system version — to help diagnose compatibility issues and improve the app experience.

3.5 Communications

If you contact us for support, we retain the contents of that communication to help resolve your issue and improve our service.

4. How We Use Your Information

  • To provide, operate, and improve the Services
  • To authenticate your account and keep it secure
  • To deliver premium cloud-backed features where active, including backup, restore, and connected experiences
  • To send transactional emails (e.g. email verification, password reset)
  • To respond to support enquiries
  • To detect and prevent fraud or abuse
  • To comply with applicable legal obligations

We do not sell your personal information. We do not use your earnings data for advertising.

5. Data Storage and Security

Local data lives on your device and is subject to your device's own security controls.

Where data is transmitted to or stored on our infrastructure (for account authentication or premium cloud-backed features), it is processed using infrastructure provided by Supabase, hosted in Australia and/or the United States. Data in transit is protected by TLS encryption. Access to production systems is restricted to authorised personnel.

No transmission or storage system is completely free of risk. We encourage you to use a strong, unique password and keep your device secure.

6. Data Retention

6.1 Local data

Data stored locally on your device remains there until you delete the app or clear the app's data. Deleting the app does not delete your account or any cloud-backed data associated with it.

6.2 Account and cloud-backed data

We retain your account and any cloud-backed data for as long as your account is active. When you delete your account, we will delete or anonymise your personal data and any associated cloud-backed data within 30 days, except where we are required by law to retain it (for example, for fraud prevention or accounting obligations).

6.3 Communications data

Support communications are retained for a reasonable period to allow us to assist you and improve our service.

7. Sharing of Information

We share your information only to the extent necessary to provide the Services:

  • Infrastructure providers — cloud hosting, authentication, and database services (including Supabase and Vercel) that process data on our behalf under data processing agreements.
  • Subscription billing — subscription management is handled via the App Store (Apple), Google Play (Google), or RevenueCat. These providers process payment data under their own privacy policies. We do not receive or store full payment card details.
  • Analytics providers — anonymous usage data only; no personal identifiers or earnings data are shared.
  • Legal authorities — where required by law, court order, or to protect our rights or the safety of others.

8. Your Rights and Choices

Depending on your location, you may have rights regarding your personal information, including the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and associated data
  • Object to or restrict certain processing
  • Request a portable export of your data

In-app deletion: You can delete your account directly from the app's settings. This initiates deletion of your account and cloud-backed data within 30 days.

Web requests: To exercise any of the above rights, contact us at privacy@incomepilot.app. We will respond within 30 days.

9. Children's Privacy

IncomePilot is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes we will notify you via the app or by email. Continued use of the Services after changes take effect constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your information: