Privacy Policy
Last updated: April 8, 2026
The short version: SubSweep processes your emails entirely on your device. We never see, store, or transmit your email content to our servers.
1. Who We Are
SubSweep is a mobile application developed to help users discover and manage their paid subscriptions by scanning email accounts. This Privacy Policy explains how we handle your information when you use SubSweep.
2. Information We Collect
Account Information: When you sign in with Google or Microsoft, we receive your name, email address, and profile photo. This information is stored locally on your device to manage your connected accounts.
Subscription Data: SubSweep extracts subscription-related metadata (service name, amount, billing cycle, renewal date) from your emails. This data is stored in a local database on your device only.
Purchase Information: If you subscribe to SubSweep Premium, payment processing is handled entirely by Apple through the App Store. We do not collect or store your payment details.
Crash Reports: If the app crashes, anonymized diagnostic data may be sent to our crash reporting service (Sentry) to help us fix bugs. This data contains no personal information or email content.
3. Information We Do NOT Collect
- We do not read, store, or transmit your email content
- We do not store email attachments
- We do not track your location
- We do not sell or share your data with third parties
- We do not use your data for advertising
- We do not build profiles about you
4. How Email Processing Works
When you connect an email account, SubSweep:
- Uses OAuth 2.0 to obtain read-only access to your emails
- Fetches email headers and body content directly to your device
- Processes emails using on-device filtering and AI-based detection
- Extracts only subscription metadata (service name, price, dates)
- Discards all raw email content immediately after processing
5. Third-Party Services
SubSweep uses the following third-party services:
- Google Gmail API — to fetch emails from Gmail accounts (read-only access)
- Microsoft Graph API — to fetch emails from Outlook accounts (read-only access)
- Google Gemini API — to identify subscriptions from email content. Email snippets (sender, subject, and a truncated body) are sent to Google's Gemini API for subscription detection. No full email content is stored by Google beyond the API request processing. See Google AI Terms.
- RevenueCat — to manage premium subscriptions. RevenueCat receives only your anonymous user ID and purchase status.
- Sentry — for anonymized crash reporting only
- Frankfurter API — for currency exchange rates (no personal data sent)
6. Data Storage
All subscription data and account information are stored locally on your device using an encrypted SQLite database. OAuth tokens are stored in your device's secure keychain (iOS Keychain / Android Keystore).
We do not operate any servers that store your personal data.
7. Data Retention
Your data exists only on your device. When you sign out of SubSweep, all local data — including subscription records, account information, and cached tokens — is permanently deleted from your device.
Uninstalling the app removes all stored data.
8. Your Rights
Because your data is stored locally, you have full control:
- Access: View all your data directly in the app
- Delete: Sign out to delete all data, or uninstall the app
- Revoke Access: Remove SubSweep's email access anytime through your Google or Microsoft account settings
- Export: Your subscription data is visible in the app at all times
9. Children's Privacy
SubSweep is not intended for children under 13. We do not knowingly collect information from children.
10. Security
We protect your data through:
- OAuth 2.0 with PKCE for secure authentication
- Secure token storage in device keychain
- Read-only email access (we cannot modify or delete your emails)
- No server-side data storage
- HTTPS for all network communications
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of SubSweep after changes constitutes acceptance of the updated policy.
12. Contact
If you have questions about this Privacy Policy, contact us at: