Privacy Policy

1. Overview

HeyKit is committed to protecting your privacy. This policy explains what data we collect, how we use it, and how we keep it safe. We comply with the Protection of Personal Information Act (POPIA) of South Africa.

In short: your data is yours, we don't sell it, and we only use it to run the app for you.

2. What We Collect

From Google Sign-In

When you sign in with Google, we receive and store:

• Email address — to identify your account
• Display name — shown in the app
• Profile photo URL — shown as your avatar

We do not access your Google contacts, calendar, Drive files, or any other Google data.

Data you enter

• Expenses (description, amount, category, date)
• Budget amounts per category
• Family member names and colours
• Children's names, birthdays, and schedules
• Shopping and to-do list items
• Receipt images (photos of receipts you upload)
• Documents you upload (stored securely)
• Loyalty card barcodes and names
• Electricity meter readings
• Vehicle records (make, model, license plate, VIN, license/insurance expiry dates) — household admin use only

Staff employment records (optional)

If you add domestic staff to your family account, we store:

• Name, role, phone number, and pay rate
• Nationality and ID/passport number (for UIF and legal employment records)
• Uploaded ID/permit document copies
• Work permit expiry date (for foreign nationals)
• Emergency contact details
• Bank account details (for salary payment and UIF)
• Clock-in/out timestamps and GPS coordinates at the moment of clock-in

Staff employment data is stored because employers are legally required to keep these records under the Basic Conditions of Employment Act and UIF Act. This data is only accessible to family admins, is not shared with third parties, and GPS coordinates are only captured at the moment of clock-in — ongoing location is never tracked.

Telegram (optional)

If you connect Telegram, we store your Telegram chat ID to send notifications. We do not access your Telegram messages, contacts, or any other Telegram data.

3. How We Use Your Data

We use your data exclusively to:

• Display your expenses, budgets, and schedules in the app
• Send you Telegram notifications (if connected)
• Process receipt images through AI for text extraction
• Generate spending reports and budget summaries

We do not:

• Sell your data to third parties
• Share your data with advertisers
• Use your data for profiling or marketing
• Display any advertisements in the app

4. Where Your Data Is Stored

• Database — MySQL database hosted on a secure server. All expense, budget, and family data is stored here.
• File storage — Receipt images and uploaded documents are stored on DigitalOcean Spaces (S3-compatible cloud storage) in a private bucket.
• Session data — Authentication sessions are managed by NextAuth.js using secure HTTP-only cookies.

All data is transmitted over HTTPS (encrypted in transit). The database and file storage are access-restricted to the application only.

5. Third-Party Services

We use the following third-party services:

• Google OAuth — for authentication only. We receive your name, email, and profile photo URL. We do not request access to Drive, Calendar, Contacts, Gmail, or any other Google service.
• Anthropic (Claude) or OpenAI — for receipt text extraction. Receipt images are sent for processing and are not retained by these providers beyond the request, per their respective data-handling policies.
• Telegram Bot API — for sending notifications to connected users. We never read incoming messages other than the optional /start handshake used during account linking.
• Mailgun — for transactional email delivery (welcome emails, weekly summaries, budget alerts, renewal reminders). Recipient email and message body are processed by Mailgun under their privacy policy.
• Apple Wallet pass generation — when you tap "Add to Apple Wallet" on a loyalty card, the pass is generated server-side and signed with our Apple Developer certificate. No personal data is sent to Apple as part of pass generation. The pass itself contains only the card name, owner name (if assigned), barcode, and expiry date — the same information already in the app.
• DigitalOcean Spaces — for secure file storage of receipt images, uploaded documents, and database backups in a private bucket.

6. Cookies

We use only essential cookies required for authentication (session cookies). We do not use tracking cookies, analytics cookies, or any third-party cookies. There are no cookie banners because we don't use non-essential cookies.

7. Family Data Sharing

HeyKit is designed for families. When you join or create a family:

• All family members can see and edit shared expenses, budgets, schedules, and documents
• Personal expenses are visible to all family members (they are categorised by person, not private)
• Family members are added by invitation only (via a secure invite link)

Be mindful of who you invite to your family group, as they will have access to all family data.

8. Your Rights (POPIA)

Under the Protection of Personal Information Act (POPIA) of South Africa, you have the right to:

• Access — request a copy of all personal data we hold about you
• Correction — request correction of inaccurate personal data
• Deletion — request deletion of your account and all associated data
• Object — object to the processing of your personal data

To exercise any of these rights, contact us using the details below.

9. Data Retention

We retain your data for as long as your account is active. If you request account deletion, all personal data is permanently removed within 30 days.

We do not create backups that retain deleted user data beyond the deletion period.

10. Children's Privacy

HeyKit is intended for use by adults managing household finances. We do not knowingly collect data from children under 18. Children's names and schedules entered by parents are considered household management data under the parent's account.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify active users of significant changes via the app or Telegram notifications.