Privacy Policy

Last updated: April 13, 2026

Overview

SubTrackr ("we," "our," or "us") is a subscription management tool that helps you track and manage your recurring expenses. We are committed to protecting your privacy and being transparent about the data we collect. This policy explains what information we gather, how we use it, and your rights regarding that information.

Information We Collect

Account Information

When you create an account through our authentication provider (Manus OAuth), we receive and store your name, email address, and login method (such as Google or GitHub). We also record your account creation date and last sign-in date to maintain your session.

Subscription Data

All subscription information is entered by you manually. This includes service names, costs, currencies, billing cycles, categories, renewal dates, and any optional notes you add. We also store whether a subscription is marked as a free trial and its trial end date. We do not connect to your bank, credit card company, or any financial institution to access this data.

Family Members

If you use the family sharing feature, we store the names and display preferences (emoji avatar, color) of household members you add, along with which subscriptions you assign to them.

Preferences and Settings

We store your app preferences including your home currency, theme choice (light or dark), monthly budget goal, and notification settings (reminder timing, notification types, quiet hours).

Guest Mode

You can use SubTrackr without creating an account. In guest mode, all your data (subscriptions, family members, preferences, and settings) is stored exclusively in your browser's local storage. No data is transmitted to our servers. This data will be lost if you clear your browser storage or switch devices.

Payment Processing

Premium subscriptions are processed through Stripe, a PCI-compliant payment processor. When you upgrade to Premium, you are redirected to Stripe's secure checkout page. We never see, receive, or store your credit card number, CVV, expiration date, or billing address. We only store a Stripe Customer ID and Stripe Subscription ID in our database, which are reference numbers used to look up your subscription status through Stripe's API.

Cookies and Local Storage

We use a single session cookie to keep you logged in after authentication. This cookie expires after one year or when you sign out. We also use your browser's local storage to save your theme preference, currency settings, cached exchange rates, onboarding progress, and PWA install prompt state. We do not use tracking cookies or advertising cookies.

Third-Party Services

We use the following third-party services:

  • Manus OAuth — Handles user authentication. Receives your login credentials during sign-in and provides us with your name, email, and a unique identifier.
  • Stripe — Processes premium subscription payments. Handles all payment card data in their PCI-compliant environment. See Stripe's Privacy Policy.
  • Umami Analytics — Provides privacy-focused, cookie-free website analytics. Collects only anonymous page view data (no personal information, no tracking across sites). See Umami's Privacy Policy.
  • ExchangeRate API — Provides currency conversion rates. No user data is sent to this service; we only request current exchange rates.
  • Google Fonts — Loads typefaces used in the interface. Standard web font requests are made to Google's servers.

What We Do Not Collect

We do not collect or access your bank account information, credit card numbers, Social Security number or government identification, precise location or GPS data, browsing history outside of SubTrackr, or data from other applications on your device.

Data Export and Deletion

You can export all of your subscription data at any time in CSV or JSON format using the export feature in the dashboard. If you wish to delete your account and all associated data, please contact us at the email address listed below and we will process your request promptly.

Data Security

We use industry-standard security measures to protect your data, including encrypted connections (HTTPS), secure session management, and access controls on our database. Payment data is handled entirely by Stripe's PCI-compliant infrastructure and never touches our servers.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected].