the short version: wimm has no servers, no accounts, and no analytics. your financial data lives on your iphone and — if you keep icloud sync on — in your own private icloud. it is never sent to us. we couldn't read it if we wanted to, and we never want to.
who we are
wimm ("where is my money?") is an expense tracker for iphone, published by jonathan taveras. for anything in this policy, write to hello@whereismymoneyapp.com.
what the app stores, and where
your expenses, profiles, categories, accounts, and settings are stored in a local database on your device. the app has no sign-up, no login, and no wimm-operated backend — there is no server of ours for your data to travel to.
icloud sync and backup
wimm can sync your profiles, settings, categories, accounts, bank connections, and subscription confirmations across your iphones, and keep an incremental backup of your expenses. this uses your own apple account:
- synced data and backups live in the private icloud database attached to your apple account. only your apple account can access it — wimm cannot.
- the api keys for your connection services travel through icloud keychain, which apple end-to-end encrypts.
- one settings toggle governs all of it. turned off, everything stays on your device only and your connection keys are pulled back to that device.
icloud is an apple service, governed by apple's own terms and privacy policy.
bank connections — your own keys
if you connect a bank, you do it with your own api keys for a service you choose and set up yourself: plaid, bridge, or simplefin. your transactions flow directly from that service to your device. wimm never sits in the middle, and your banking data never touches any infrastructure of ours. your bank username and password are entered with the provider — wimm never sees or stores them. those services have their own privacy policies, and your use of them is between you and them.
the merchant dataset
to turn messy bank descriptions into readable names, the app downloads a public, open-source dataset (merchant-studio). this download contains no personal data — it is a plain fetch of public files, like loading a web page. all matching against your transactions happens on your device.
notifications
reminders (like "netflix is expected tomorrow") are local notifications, scheduled and delivered entirely on your device. nothing about them leaves your phone.
analytics and tracking
the app contains no analytics, no ads, no trackers, and no crash reporters. there is nothing to opt out of, because nothing is collected.
sharing and selling
we do not share, sell, rent, or trade any of your data with anyone — because we never have it in the first place.
deleting your data
- delete any profile (and everything in it) from settings, or wipe everything with "start fresh".
- turn off icloud sync to keep new data on-device only.
- deleting the app removes all local data from your device.
- icloud data can be managed and removed through your device's icloud settings.
children
wimm is not directed at children under 13, and we do not knowingly collect data from them.
the website
this policy is about the app. our website (whereismymoneyapp.com) uses posthog to measure aggregate visits — pages viewed, where visitors come from — using cookies. the website never sees any of your financial data; the app sends nothing to the website or to posthog.
changes
if the app's data practices ever change, this policy changes with them, and the date at the top tells you when. meaningful changes will be called out in the app's release notes.