Billnix - Privacy Policy
Introduction
Blue Sparrow ("we", "us", or "our") operates the Billnix mobile application and related supporting services. Blue Sparrow is a solo-developer project operated from India.
Billnix is a recurring bills and subscriptions tracker. It helps users manually track renewals, view upcoming charges, receive reminders, sync across the same signed-in account, and optionally create a user-owned backup in Google Drive.
This Privacy Policy explains what information we collect, how we use it, how it may be shared, how long we keep it, and the choices available to you. It is intended to apply globally, including for users in India, the European Economic Area, the United Kingdom, Switzerland, the United States, and other regions, subject to local law.
Billnix is privacy-conscious and manual-entry-first, but it is not a zero-knowledge product. Some data is stored on your device, some data is stored on the Billnix backend for sync and reminders, and optional backup data may be stored in your Google Drive.
Quick Summary
| Topic | Summary |
|---|---|
| Main purpose | Recurring bills and subscriptions tracking, reminders, sync, and optional backup. |
| Account | Google sign-in is required before app use. |
| Bank linking | No bank linking, card linking, inbox scraping, receipt scanning, or cancellation concierge. |
| Local storage | Subscription data and settings are saved on your device first. |
| Backend storage | Sync, reminders, endpoint state, delivery attempts, and Premium gates may use backend storage. |
| Drive backup | Optional, user-owned, stored in your Google Drive appDataFolder, and not live sync. |
| Sale of data | We do not sell personal data. |
1. Information We Collect
1.1 Account information
Billnix requires Google sign-in before app use. We may collect or receive your Google account email address, display name, profile image URL if provided, Firebase Auth user identifier, account timestamps, onboarding state, and account-status metadata.
1.2 Subscription and bill tracking information
You manually choose what to enter in Billnix. This may include provider or merchant name, plan name, amount, currency, billing frequency, next renewal date, trial end date, access-until date, timezone, status, category, notes, manage URL, payment method label, icon or color preferences, and sync timestamps.
Billnix is not a bank-linking app. We do not ask you to connect bank accounts, payment cards, brokerage accounts, or email inboxes. You should not enter full card numbers, bank account numbers, government identifiers, passwords, or other highly sensitive information into notes or labels.
1.3 Categories, settings, and preferences
We may store custom categories, default currency and timezone, theme preference, reminder presets, push reminder preference, email reminder opt-in, Telegram reminder opt-in, local backup preference, and export or diagnostics preferences.
1.4 Reminder and notification information
To provide reminders, we may process reminder rules and offsets, reminder job status, delivery attempt status, push notification tokens, notification permission state, app version, platform, timezone, device identifier, email reminder target, Telegram link status, and Telegram reconnect-required state.
1.5 Google Drive backup information
Google Drive backup is optional after sign-in. If you connect Drive backup, the app may write backup files into your Google Drive appDataFolder, including encrypted backup indexes, checkpoint manifests, database snapshots, and compatibility metadata.
The Billnix backend does not read or manage your Google Drive backup files. The mobile app communicates with Google Drive directly after you grant permission.
1.6 Billing and Premium information
If you use Premium features, subscription and entitlement information may be processed by Google Play, RevenueCat, Firebase, and the Billnix backend. This may include product identifiers, entitlement identifiers, subscription status, renewal, trial, expiration, cancellation, restore state, and entitlement sync timestamps.
We do not receive your full payment card number from Google Play or RevenueCat.
1.7 Support, feedback, diagnostics, and technical logs
If you contact us or use support features, we may collect your message, contact email if included, feedback category or rating, app version, device and operating system information, and sync, backup, reminder, or push diagnostic fields you choose to send.
To operate and protect the services, we may process request IDs, mutation IDs, job IDs, API route and status information, sync cursor and repair state, redacted endpoint identifiers, error codes, timings, and security or abuse-prevention logs.
2. Information We Do Not Intentionally Collect
Billnix is not designed to collect bank account credentials, full payment card numbers, email inbox contents, receipt scans, precise location history, address book contacts, health data, biometric data, genetic data, religious or political data, union data, government-ID information, or data for third-party advertising profiles.
If you manually type sensitive information into free-text fields, it may be stored as part of your Billnix data. Please avoid entering sensitive information that is not needed for subscription tracking.
3. How We Use Information
We use information to create and manage your account, let you track recurring bills and subscriptions, show upcoming renewals, save changes locally, sync them with the backend, recover data on another signed-in device, create and deliver reminders, support Premium email and Telegram reminders, provide optional Google Drive backup and restore, process Premium entitlement state, provide support, debug issues, secure and maintain the services, and comply with applicable obligations.
4. Legal Bases Where Required
Where laws such as the GDPR or similar frameworks require a processing basis, we rely on contract performance to provide requested app features, consent for optional choices such as Drive backup and reminder channels, legitimate interests for security and reliability, and compliance obligations where applicable.
You may withdraw consent for optional features by disabling the feature, revoking permission, unlinking the service, or contacting us. Some processing may continue where another basis applies or where retention is required.
5. Where Data Is Stored
| Location | Typical Data | Purpose |
|---|---|---|
| Your device | Subscriptions, categories, settings, local sync outbox, backup state, entitlement cache. | Local-first performance and offline-friendly behavior. |
| Billnix backend and PostgreSQL | Synced subscription data, reminder rules, devices, notification endpoints, reminder jobs, delivery attempts, change log, entitlement mirror. | Same-account sync, reminders, Premium gates, and diagnostics. |
| Firebase Auth and Firestore | Account identity and limited account/Premium metadata. | Sign-in and entitlement metadata. |
| Google Drive appDataFolder | Encrypted backup index, manifest, and database snapshot if you connect Drive. | Optional user-owned backup and restore. |
| RevenueCat and Google Play | Purchase and entitlement state. | Billing, purchase restore, and Premium access. |
| Email and Telegram providers | Reminder delivery and support communication data where enabled or used. | Optional reminder channels and support workflows. |
6. Service Providers and Sharing
We do not sell your personal data. We do not use Billnix data for cross-context behavioral advertising.
We may share information with service providers that help us operate Billnix, including Google and Firebase, hosting infrastructure, Google Drive, Google Play, RevenueCat, BlueSparrow or BSMail email services, Telegram, and security, diagnostics, or infrastructure tools. We may also disclose limited information where required by applicable law, to protect the services, to prevent abuse, to maintain security, or with your direction.
7. Google Drive Backup Boundary
Google Drive backup is optional. If you decline Drive access, Billnix still opens.
- Drive backup is not live sync.
- Same-account sync is handled through the Billnix backend.
- Drive backup is a separate recovery layer.
- The backend does not store your Drive backup contents.
- The backend does not keep long-lived Google Drive refresh tokens for backup.
- You can revoke Drive access through your Google account settings.
8. Email and Telegram Reminder Channels
Premium email and Telegram reminders are optional. Email reminders are only enabled after opt-in and normally use your signed-in Google email as the recipient. Telegram reminders are only enabled after you explicitly link the Billnix bot.
Reminder messages may include provider name, amount, renewal date, and manage URL if you entered one. If Premium expires, future Premium-only email and Telegram jobs may be paused or cancelled, but saved preferences and link state are intended to be preserved unless you delete or disconnect them.
9. Data Retention
We keep personal data only as long as needed for the purposes described in this policy, unless a longer period is required or permitted by applicable law.
- Active account and subscription data is retained while your account remains active or until deletion is requested.
- Local device data remains until you delete it, sign out, delete account, uninstall, or the app clears it through its normal flows.
- Mutation receipts may be retained for about 7 days.
- Telegram link tokens expire quickly, typically within 15 minutes, and are purged later.
- Sync change logs may be retained for about 90 days.
- Sent, failed, or cancelled reminder jobs may be retained for about 90 days.
- Delivery attempts may be retained for about 180 days.
- Disabled device registrations may be retained for about 30 days.
10. Account Deletion
If you request account deletion from the app or by contacting us, we will delete or schedule deletion of account-scoped server data. We target physical purge of primary account-scoped operational rows within 7 days, while keeping only minimal redacted markers for a short period where needed for security, abuse prevention, or support integrity.
The app should attempt to clear local device data through the account-deletion flow. If Drive backup is connected and the app still has access, the app should attempt Drive-backup deletion. If Drive access was revoked, the app was removed, the account changed, or the device is unavailable, manual cleanup in your Google account may be required for Drive backup files.
11. Your Choices and Rights
You can disable push reminders, email reminders, or Telegram reminders; decline or disconnect Google Drive backup; delete subscriptions locally; export supported local data where available; sign out; request account deletion; manage Google Play subscriptions; and revoke third-party permissions through Google, Telegram, or device settings where supported.
Depending on your location, you may have rights to access, correct, delete, export, object to, restrict, or withdraw consent for certain processing. Users in India, the EEA, UK, Switzerland, and the United States may have additional privacy rights under applicable local laws.
To exercise a privacy request, contact privacy@bluesparrow.dev. We may need to verify your identity and account before acting on a request.
12. Security
We use reasonable administrative, technical, and organizational safeguards designed to protect personal data, including HTTPS/TLS in transit, authenticated access controls, Firebase token verification for app-facing API routes, account scoping, service-level restrictions, redacted operational logging where practical, backup encryption direction for Google Drive checkpoints, and secrets kept outside source control.
No method of transmission or storage is completely secure. We cannot guarantee absolute security.
13. International Processing and Children
Your information may be processed in countries other than your own, including India and locations where our service providers operate. Where required, we use appropriate safeguards for international processing and transfers.
Billnix is not directed to children. You must meet the minimum age required in your location to use the app. We do not knowingly collect personal data from children in a way that requires parental consent.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the Last Updated date. Where appropriate, we may provide notice in the app or through other reasonable means.
15. Contact Us
- Website: https://bluesparrow.dev
- General inquiries: info@bluesparrow.dev
- Privacy inquiries: privacy@bluesparrow.dev
If a translated version of this Privacy Policy is provided, the English version controls where permitted by law.