Nexpense logo Nexpense Back to home

Nexpense

Privacy Policy

Last updated: May 5, 2026

1. Controller

This Privacy Policy explains how personal data is processed when using Nexpense.

Controller:
sassential OÜ
Sepapaja tn 6, Lasnamäe district
Tallinn city, Harju county 15551
Estonia

Contact: hello[at]nexpense.app

2. Overview

Nexpense is a local-first personal finance app. Most finance data is stored directly on the user’s device and may be synchronized through Apple iCloud, depending on the user’s device and iCloud settings.

Some features require temporary processing on Nexpense servers. This mainly applies to AI features, including parse requests, voice transcription, and to ask questions.

Nexpense uses OpenAI as a third-party AI processor for AI-powered features. Before AI features can be used, Nexpense shows an in-app consent screen that explains what data may be sent, who receives it, and why.

3. Data Stored on the Device

The following data may be stored locally on the user’s device:

  • Expenses, income, recurring transactions, and related financial entries
  • Categories, merchants, descriptions, dates, amounts, currencies, and related metadata
  • Budgets, runway inputs, analytics, spending metrics, and other derived insights
  • App settings and preferences
  • Location information if the user enables location-based features

Local data may be synchronized through Apple iCloud. iCloud is operated by Apple and is subject to Apple’s own terms and privacy practices.

Nexpense does not send location data to Nexpense servers, OpenAI, or any other server. Location data, where used, remains on the user’s device.

4. Data Processed by Nexpense Servers

Nexpense servers process only the data needed to provide app functionality, operate the service, protect against abuse, and process AI requests selected by the user.

This may include:

  • Internal Nexpense user identifier
  • Apple Sign-In identifier used for authentication
  • Authentication sessions and security-related metadata
  • Rate limiting and abuse-prevention data
  • Parse request content
  • Ask question content
  • Voice recordings submitted by the user for transcription
  • Transcripts generated from submitted voice recordings
  • AI request results, errors, and processing status

Nexpense does not sell personal data.

5. AI Processing

Nexpense uses OpenAI as a third-party AI processor for selected AI features. AI processing happens only when the user chooses to use an AI feature and has allowed AI processing in the app.

AI request data may be sent to:

  • Nexpense servers, for request handling, temporary processing, rate limiting, and response delivery
  • OpenAI, for transaction parsing, question responses, and voice transcription

5.1 Parse Requests

When the user creates a parse request, Nexpense may process the information needed to turn natural language into structured transactions.

This may include:

  • Typed input entered by the user
  • Voice recordings submitted by the user for transcription
  • Categories
  • Selected currency
  • Selected country
  • Date context

5.2 Ask Questions

When the user asks a question about their finances, Nexpense may process the question and the financial context needed to answer it.

This may include:

  • The user’s question
  • Selected timeframe
  • Relevant expenses, income, recurring transactions, and spread transactions based on the selected timeframe (including title, description, merchant, and amount)
  • Categories
  • Precomputed spending metrics, such as totals, daily or monthly breakdowns, category totals, and balance-related metrics

Nexpense aims to send only the context needed to answer the user’s question as best as possible.

5.3 Data Not Sent to OpenAI

Nexpense does not send the following to OpenAI:

  • Internal Nexpense user identifier
  • Apple Sign-In identifier
  • Authentication tokens
  • Device push token
  • Location data
  • Location history

OpenAI helps process the request, but it does not receive the user’s Nexpense account identity from Nexpense.

5.4 AI Training

Nexpense uses OpenAI through API-based processing. Nexpense does not permit user AI request data to be used to train AI models, unless such use is explicitly allowed by the user or required by a provider setting chosen by Nexpense in the future.

6. Audio Data

If the user uses voice input, the submitted audio recording may be uploaded to temporary cloud storage and sent for transcription.

Audio data is used only to provide the requested transcription and related AI feature. Audio files are deleted after the temporary retention period described below.

Temporary audio storage is currently hosted using DigitalOcean infrastructure in the Singapore region.

7. Purposes of Processing

Nexpense processes data for the following purposes:

  • Providing the core functionality of the app
  • Authenticating users with Sign in with Apple
  • Processing subscriptions and access rights
  • Parsing transactions from natural language input
  • Transcribing voice input submitted by the user
  • Answering Ask questions about the user’s finance data
  • Generating app insights, summaries, and financial metrics
  • Enforcing rate limits and preventing abuse
  • Maintaining service reliability and resolving failed requests
  • Supporting account deletion and data deletion requests

8. Data Retention

Nexpense keeps server-side data only as long as necessary for the purposes described in this Privacy Policy.

  • AI request data, including parse requests, Ask questions, transcripts, responses, and related processing data, is stored temporarily and deleted within 72 hours.
  • Audio files submitted for transcription are deleted within 72 hours.
  • Authentication sessions are retained while needed to keep the user signed in and operate the service securely.
  • Rate limiting and abuse-prevention data is retained only as long as necessary for security and service stability.
  • Local app data remains on the user’s device until deleted by the user or removed through the app’s deletion flow.

9. Authentication

Nexpense uses Sign in with Apple for authentication.

For authentication, Nexpense may store:

  • Apple Sign-In identifier
  • Internal Nexpense user identifier
  • Authentication session data

This data is used to operate the user’s Nexpense account, manage access to the service, protect against abuse, and support account deletion.

10. Payments and Subscriptions

Payments and subscriptions are processed through Apple In-App Purchases.

Nexpense does not process or store payment card details. Apple manages payment information, billing, renewal, cancellation, and subscription settings.

Nexpense may process subscription status information to determine whether the user has access to subscription features.

11. Infrastructure and Service Providers

Nexpense uses service providers to operate the app and provide requested functionality.

These may include:

  • Apple, for Sign in with Apple, iCloud sync, App Store distribution, and In-App Purchases
  • OpenAI, for AI processing, transaction parsing, Ask question responses, and voice transcription
  • DigitalOcean, for cloud infrastructure, database hosting, and temporary audio storage
  • Analytics or diagnostics providers, if enabled, to improve reliability and usability

Nexpense requires service providers to protect personal data with appropriate safeguards and to process data only for the purposes described in this Privacy Policy or otherwise permitted by law.

12. Analytics and Diagnostics

Nexpense may collect limited analytics, diagnostics, crash, or performance data to improve reliability, usability, and product quality.

Where possible, this data is minimized, aggregated, or anonymized.

Nexpense does not use analytics data to sell personal data.

Before AI features can be used, Nexpense presents a dedicated consent screen in the app.

The consent screen explains:

  • That AI features use Nexpense servers and OpenAI
  • What data may be sent for parse requests
  • What data may be sent for Ask questions
  • That submitted audio may be sent for transcription
  • That OpenAI acts as a third-party AI processor
  • That Nexpense does not send the user’s Nexpense account identity or location data to OpenAI

If the user does not allow AI processing, AI features remain unavailable.

14. Account Deletion and Data Deletion

Nexpense provides an in-app option to delete the user’s account and associated data.

When the user deletes their account, Nexpense deletes server-side account data associated with that user, including authentication sessions, temporary AI request data, uploaded audio data, and related processing records.

The app may also delete local data on the device as part of the deletion flow. If iCloud sync is enabled, deletion of synced Nexpense data may take time to propagate across the user’s devices through Apple’s iCloud systems.

Deleting a Nexpense account does not automatically cancel an App Store subscription. Subscriptions are managed by Apple and can be canceled in the user’s Apple ID subscription settings.

15. User Rights

Depending on applicable law, including the General Data Protection Regulation (GDPR), users may have the right to:

  • Access their personal data
  • Request correction of inaccurate data
  • Request deletion of personal data
  • Restrict or object to certain processing
  • Request data portability
  • Withdraw consent where processing is based on consent

Users can exercise these rights by using the in-app deletion functionality or by contacting Nexpense at hello[at]nexpense.app.

Because Nexpense is local-first, much of the user’s finance data is stored on the user’s own device and can be deleted directly in the app.

16. Security

Nexpense uses appropriate technical and organizational measures to protect personal data, including:

  • Encrypted data transmission using HTTPS
  • Access controls
  • Limited retention periods
  • Separation of processing systems where appropriate
  • Measures to reduce unnecessary data collection

No method of transmission or storage is completely secure. Nexpense works to protect personal data, but cannot guarantee absolute security.

17. International Data Transfers

Nexpense is operated by an Estonian company and may process data outside the European Economic Area, including in Singapore and through service providers that may operate internationally.

Where required, Nexpense applies appropriate safeguards for international data transfers.

18. Changes to this Privacy Policy

Nexpense may update this Privacy Policy from time to time. If material changes are made, Nexpense may notify users through the app or other appropriate means.

Continued use of Nexpense after an updated Privacy Policy becomes effective means that the user accepts the updated policy.