Overview
Sarfy ("we", "our", or "the app") is a personal finance management application designed to help you track expenses, manage budgets, and achieve your financial goals. This Privacy Policy explains how we collect, use, and protect your information.
Sarfy is an offline-first application. All your financial data is stored locally on your device and is not transmitted to our servers.
App Website: sarfy.saifullah.ai
Information We Collect
1. Financial Data
The app stores the following data locally on your device:
- Transaction records (amount, date, category, merchant)
- Account information (name, balance, type)
- Budget configurations
- Bill reminders and payment history
- Savings goals
- Zakat and Sadaqah records
- Receipt photos attached to transactions
2. SMS Data (Optional)
If you choose to enable SMS transaction detection:
- The app reads incoming SMS messages from recognized bank senders only
- Parsed transaction data (amount, merchant, type) is stored locally on your device
- SMS content is never transmitted to any server
- You can review, confirm, or reject each detected transaction
- You can delete all parsed SMS data at any time from Settings
- You can disable this feature at any time from Settings
SMS detection is entirely optional and disabled by default. You must explicitly enable it and grant the RECEIVE_SMS permission. No SMS data leaves your device.
3. User Preferences
- Display name (for personalized greetings)
- Preferred currency
- Theme preference (light/dark)
- Notification settings
How We Use Your Information
| Data Type |
Purpose |
Stored |
| Transactions |
Track income and expenses |
Device Only |
| Receipt Photos |
Attach proof of purchase to transactions |
Device Only |
| SMS Data |
Auto-detect bank transactions (opt-in) |
Device Only |
| Budgets |
Help you manage spending |
Device Only |
| Preferences |
Personalize your experience |
Device Only |
Third-Party Services
1. Exchange Rate API
We use exchangerate-api.com to fetch current currency exchange rates. This service:
- Receives only the currency codes being converted
- Does not receive any personal or financial data
- Is used solely for currency conversion features
2. Google Fonts
The app loads the Inter font family from Google Fonts for typography. Google may collect basic usage data as per their privacy policy.
3. Google Drive (Optional)
If you choose to use the backup feature:
- Your data is exported and uploaded to your personal Google Drive
- We do not have access to your Google Drive or backup files
- Backup files are stored in your Drive's app-specific folder
- You can delete backups at any time from Google Drive
4. Android System Backups (Device Setting)
Depending on your device settings, Android may back up app data as part of system backups. You can manage this in your device's backup settings.
Permissions Explained
| Permission |
Why We Need It |
Required? |
| INTERNET |
Fetch currency exchange rates |
Required |
| RECEIVE_SMS |
Detect bank transaction SMS for automatic expense logging (opt-in only) |
Optional |
| POST_NOTIFICATIONS |
Send bill reminders and transaction alerts |
Optional |
| CAMERA |
Take receipt photos for transactions |
Optional |
Data Security
Local Storage
Your financial data is stored in a local SQLite database on your device. This data:
- Is accessible only to the Sarfy app
- Is protected by Android's app sandboxing
- Is not accessible to other apps on your device
SMS Parsed Data
When SMS transaction detection is enabled, parsed data is:
- Processed entirely on your device — no data is sent to any server
- Stored in the local database alongside your other financial data
- Deletable at any time via Settings > Automation > Delete All Parsed Data
- Automatically removed when you uninstall the app or clear app data
Receipt Photos
Receipt images are saved in the app's private storage directory. They are:
- Not accessible to other apps
- Automatically deleted when the associated transaction is deleted
- Never uploaded to any server
Network Security
- All network requests use HTTPS encryption
- No personal or financial data is transmitted over the network unless you choose to back up to Google Drive
- Only currency codes are sent for exchange rate lookups
We recommend enabling device encryption and using a secure lock screen to protect your data.
Data Retention
- Transaction History: Retained indefinitely until you delete it
- Receipt Photos: Retained until you remove them or delete the transaction
- Parsed SMS Data: Retained until you delete it from Settings or uninstall the app
- Backup Files: Stored in your Google Drive until you delete them
Deleting Your Data
You can delete all your data at any time by:
- Deleting parsed SMS data from Settings > Automation > Delete All Parsed Data
- Using Android system settings to clear the app's data
- Uninstalling the app (removes all local data)
- Deleting backup files from Google Drive manually
Children's Privacy
Sarfy is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy in the app
- Updating the "Effective" date at the top of this page
We encourage you to review this Privacy Policy periodically for any changes.
Your Rights
You have the right to:
- Access: View all data stored by the app
- Export: Export your data using the backup feature
- Delete: Delete all your data at any time
- Control: Enable or disable SMS detection, and delete all parsed data from Settings
- Share: Share individual transaction details at your discretion
Contact Us
If you have any questions about this Privacy Policy or our practices, please contact us:
