Privacy Policy

Your privacy is our priority. Learn how Rewards Finder protects your data.

Last updated: January 4, 2026

Overview

Rewards Finder ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our mobile application ("App"). We designed Rewards Finder with a privacy-first approach: we don't have servers, we don't store your data, and we don't track you.

Key Privacy Commitment:

Your bank statements are processed on your device. Before AI analysis, we automatically sanitize your data to remove personal information. The sanitized transaction data is sent to Perplexity's API (which has a zero data retention policy) only to generate rewards recommendations.

Information We Collect

Information We DO NOT Collect

We want to be clear about what we do not collect:

  • Bank Statements: Your uploaded bank statements remain on your device
  • Transaction Data: Individual transaction details, amounts, dates, or merchant names
  • Account Information: Bank account numbers, credit card numbers, or financial institution details
  • Financial History: Your spending patterns, balances, or financial history
  • Personal Financial Data: Any data extracted from your uploaded documents

Information We May Collect

We collect only the bare minimum to provide our services:

  • Subscription Information: Your subscription status, managed securely through Apple's App Store
  • Support Requests: Information you voluntarily provide when contacting our support team

We do not collect usage analytics, device information, or any telemetry data. The app does not phone home or track your behavior.

How Your Data Is Processed

Here's exactly what happens when you use Rewards Finder:

  1. 1
    Upload Your Statement

    You upload a bank statement (PDF, image, CSV, etc.) to the app. The file stays on your device.

  2. 2
    On-Device Text Extraction

    The app uses iOS Vision framework to extract text from your document. This happens entirely on your device.

  3. 3
    On-Device Sanitization

    Before anything leaves your device, the app automatically removes personal information: names, account numbers, phone numbers, Social Security numbers, addresses, emails, and more.

  4. 4
    AI Analysis via Perplexity API

    The sanitized transaction data (merchant names, amounts, dates) is sent to the Perplexity API for AI-powered rewards matching. See below for Perplexity's privacy commitments.

  5. 5
    Results Saved Locally

    Your personalized rewards recommendations are saved locally on your device so you can view them later. Your raw statement is discarded immediately after analysis.

Your Data Stays On Your Device

We have no servers, no database, and no cloud storage. Your raw statements are never stored anywhere. Analysis results (recommended programs only, no personal data) are saved locally on your device so you can view them later. You can delete these anytime from within the app.

Important: Sanitization Limitations

Our automated sanitization removes common personal identifiers (names, account numbers, SSNs, phone numbers, addresses, emails, etc.), but no automated system is perfect. Unusual formats or edge cases may slip through.

For maximum privacy, we recommend uploading de-identified statements where you have manually removed or redacted personal information before uploading.

Perplexity API Privacy:

Perplexity maintains a strict Zero Data Retention Policy for their API. According to their documentation:

"We do not retain any data sent via the Sonar API, and we absolutely do not use any customer data to train our models or for any other purposes beyond processing your immediate request."

For more details, see Perplexity's Privacy & Security documentation.

How We Use Information

The minimal information we have access to is used only for:

  • Provide Services: To deliver rewards recommendations based on your uploaded statement
  • Subscription Management: To verify your subscription status through Apple's App Store
  • Customer Support: To respond to support emails you send us

That's it. We don't track you, we don't analyze your behavior, and we don't build profiles about you.

Data Sharing

We do not sell, trade, or rent your personal information. The only data sharing that occurs:

  • Perplexity API: Sanitized transaction data is sent to Perplexity for AI analysis (see details above)
  • Logo Service: Company names are sent to a logo service to display merchant logos
  • Legal Requirements: If required by law or legal process
What We Don't Share:

Your raw bank statements, account numbers, personal details, and unsanitized data are never shared with anyone. We don't have analytics partners, advertising networks, or data brokers.

Data Security

Your data is protected through:

  • On-Device Processing: Text extraction and sanitization happen on your device before any data is transmitted
  • iOS Security: The app runs in Apple's sandboxed environment with built-in protections
  • No Storage: We have no servers or databases. Nothing is stored anywhere.
  • Encrypted Connections: All API communications use TLS encryption
  • Transient Data: All data is cleared when you close the app or start a new analysis

Third-Party Services

Rewards Finder integrates with the following third-party services:

Perplexity API

We use the Perplexity Sonar API to analyze your sanitized transaction data and identify matching rewards programs. Perplexity maintains a Zero Data Retention Policy—they do not store your data or use it for model training. Only essential billing metrics (token counts, timestamps) are retained, with no content from prompts or responses. For more information, see Perplexity's Privacy & Security documentation and their Privacy Policy.

Apple App Store

Subscription purchases and management are handled through Apple's App Store. Your payment information is processed by Apple and is subject to Apple's Privacy Policy.

External Reward Program Links

When you tap to sign up for a rewards program, you are directed to that company's external website. Your interaction with these websites is governed by their respective privacy policies. We encourage you to review these policies before providing any personal information.

Company Logo Service

We use a third-party service to display company logos in the app. This service receives only the company name to retrieve the appropriate logo; no personal or financial information is transmitted.

Children's Privacy

Rewards Finder is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at mullman@mycallbag.com so we can take appropriate action.

Your Rights and Choices

You have full control over your data:

  • Delete Saved Analyses: You can delete any saved analysis results from the "Previous Analyses" screen in the app by swiping to delete
  • Delete All Data: Uninstalling the app removes all locally stored data
  • Raw Statements: Your bank statements are never stored—only the analysis results (recommended programs)

If you've contacted our support team, you can request deletion of those email communications.

For California Residents: Under the California Consumer Privacy Act (CCPA), you have additional rights including the right to know what personal information we collect and the right to non-discrimination for exercising your privacy rights.

For EU/EEA Residents: Under the General Data Protection Regulation (GDPR), you have rights including access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority.

Data Retention

Here's what's stored and where:

  • Your Statements: Never stored. Processed transiently and discarded immediately after analysis.
  • Analysis Results: Stored locally on your device only. We keep up to 10 recent analyses. You can delete them anytime by swiping in the app.
  • App Preferences: Stored locally on your device (e.g., whether you've seen onboarding). Deleted when you uninstall the app.
  • Subscription Status: Managed by Apple, not us.
  • Support Emails: If you email us, we retain those communications for up to 2 years.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you through the app for significant changes
  • Post the updated policy on our website

We encourage you to review this policy periodically. Your continued use of the app after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: mullman@mycallbag.com

We will respond to your inquiry within 30 days.

Our Commitment: We built Rewards Finder with privacy as a core principle. Your financial data belongs to you and stays with you. We believe you shouldn't have to sacrifice your privacy to save money, and we're committed to maintaining that trust.