Privacy Policy
Last updated: February 2026
The Short Version
Chompd keeps your data private. Your subscriptions are stored on your device and optionally synced to a secure cloud database tied to an anonymous account — no email, no name, no tracking. We use AI to scan screenshots and generate money-saving insights. We use minimal, privacy-focused analytics to improve the app — no personal data, no ads, no data sales. That's it.
1. Who We Are
Chompd is developed by Piotr Michaliszyn, a sole trader based in Poland. For the purposes of the EU General Data Protection Regulation (GDPR), UK GDPR, and all applicable data protection laws worldwide, the data controller is Piotr Michaliszyn.
Contact: chompdapp@gmail.com
2. Accounts and Authentication
When you first open Chompd, an anonymous account is automatically created via our cloud provider (Supabase). This account:
- Does not require an email address, name, or password
- Is identified only by a randomly generated unique ID
- Enables optional cloud sync of your subscription data if you choose to turn it on
- Cannot be linked to your real identity by us or any third party
You may optionally link your account to Apple Sign-In in the future for backup and recovery purposes.
3. What Data We Store
Your subscription data (names, amounts, renewal dates, categories, billing cycles) is stored locally on your device in a local database.
You may optionally enable cloud sync, which stores your data in our cloud database hosted by Supabase (servers in the EU), tied to your anonymous account ID. Cloud sync enables backup, cross-device access, and AI-powered features.
This data contains only what you enter about your subscriptions. It is not linked to your name, email, or any other personal identifier.
4. AI Trap Scanner
When you use the AI Trap Scanner, the screenshot or photo you provide is sent to a third-party AI service (Anthropic's Claude API) for analysis. This is necessary to detect subscription traps such as hidden auto-renewals, cancellation barriers, and price increases.
- The image or text is sent directly from your device to Anthropic's API servers
- Anthropic may retain this data for up to 30 days for safety monitoring purposes. This data is not used to train AI models
- No personal identifiers (name, email, device ID) are attached to the request
- Scan results are stored locally on your device and in your cloud account
Anthropic's data handling is governed by their privacy policy at anthropic.com/privacy.
Legal basis (GDPR): Processing is based on your consent. You choose when to use the Trap Scanner.
5. AI-Powered Insights
If you are a Chompd Pro user, we periodically generate personalised money-saving insights using AI (Anthropic's Claude API). To do this:
- Your subscription names, prices, billing cycles, and renewal dates are sent to the AI service
- No personal identifiers are included — only subscription data
- Generated insights are stored in your cloud account and synced to your device
- This processing happens automatically on a regular schedule (approximately every two weeks)
Legal basis (GDPR): Processing is based on legitimate interest (providing the Pro service you purchased) and your implicit consent by purchasing Pro.
6. Service Database
Chompd connects to our cloud database to retrieve information about subscription services, such as names, descriptions, cancellation guides, and pricing tiers. These are read-only lookups. No personal data is sent — only the name of the service you are searching for.
7. Local Notifications
If you enable renewal reminders, Chompd schedules notifications locally on your device using the operating system's built-in notification service. These are not sent through our servers. No data leaves your device.
8. In-App Purchases
Chompd Pro is available as a one-time In-App Purchase through Apple's App Store. All payment processing is handled entirely by Apple. We do not receive, process, or store any payment information. See Apple's privacy policy for details.
9. Analytics & Crash Reporting
To improve the app and fix bugs, Chompd uses two privacy-focused services:
- PostHog — anonymous product analytics. We track feature usage events (e.g. "scan completed", "subscription added") to understand which features are used. No personal identifiers, device IDs, or advertising IDs are collected. PostHog is self-hosted in the EU.
- Sentry — crash reporting. When the app crashes, an error log is sent automatically. All personally identifiable information is scrubbed before transmission. Crash reports help us identify and fix bugs quickly.
Neither service collects your name, email, location, or subscription data. You cannot be personally identified through these services.
Legal basis (GDPR): Legitimate interest in maintaining and improving app quality and stability.
10. What We Do NOT Collect
To be explicit, Chompd does not collect:
- Names, email addresses, or passwords (there is no registration)
- Device identifiers or advertising IDs
- Location data
- Behavioural tracking or ad-related analytics
- Cookies or tracking pixels
- Data from other apps on your device
Chompd does not collect or use Apple's Identifier for Advertisers (IDFA) and does not request App Tracking Transparency permission. We do not track users across apps or websites.
11. Third-Party Services
| Service | Purpose | Data Sent |
|---|---|---|
| Anthropic Claude (Claude API) | AI Trap Scanner & Insights | Image content / subscription data, no personal identifiers. Anthropic may retain data for up to 30 days for safety monitoring; not used for AI training. |
| Supabase | Cloud database & authentication | Anonymous account ID, subscription data |
| Apple App Store | In-App Purchases | Handled entirely by Apple |
| PostHog | Anonymous product analytics | Feature usage events (no personal identifiers). EU-hosted. |
| Sentry | Crash reporting | Error logs with PII scrubbed. No subscription data. |
We do not use any advertising or behavioural tracking services. Analytics data cannot be linked to your identity.
12. Data Retention
Your cloud data is retained as long as your anonymous account exists. You can delete all your data at any time by:
- Deleting individual subscriptions within the app
- Uninstalling the app (removes local data)
- Contacting us at chompdapp@gmail.com to request full account deletion
Cloud data will be deleted within 30 days of your request.
When you use the AI scanner, your image or text is sent to Anthropic (Claude API) for analysis. Anthropic may retain this data for up to 30 days for safety monitoring purposes. This data is not used to train AI models. No personal identifiers are attached to the data sent.
13. International Data Transfers
Our cloud database is hosted by Supabase in the European Union. When you use the AI Trap Scanner or AI Insights features, data is sent to Anthropic's servers in the United States. This transfer is:
- Necessary to provide the AI-powered features
- Limited to subscription data and scan images only — no personal identifiers
- Subject to Anthropic's data protection measures as described in their privacy policy
14. Your Rights
Depending on your location, you may have the following rights:
- Access your data — contact us and we can provide any cloud data associated with your anonymous account ID
- Delete your data — uninstall the app or contact us for full cloud deletion
- Export your data — Chompd offers a CSV export feature
- Restrict processing — you can stop using AI features at any time
- Withdraw consent — stop using the Trap Scanner or contact us to disable AI Insights
- Lodge a complaint with your local data protection authority
For EU residents: find your supervisory authority. Poland: UODO. UK: ICO.
15. Children's Privacy
Chompd is not directed at children under the age of 16. Since the app uses anonymous accounts and does not collect personal information, no age verification is implemented.
16. California Residents (CCPA/CPRA)
Chompd does not sell or share personal information as defined by the California Consumer Privacy Act. California residents have the same rights described in Section 14.
17. Changes to This Policy
If we make changes to this privacy policy, we will update the "Last updated" date at the top. For significant changes, we will notify you through the app.
18. Contact Us
Email: chompdapp@gmail.com
Website: getchompd.com