Privacy Policy

Last updated: May 17, 2026

Quick summary: BalakApp is a crypto portfolio tracking app. We only store the minimum data we need for the app to work (email, your tokens, your alerts). We don't sell your data. You can delete your account anytime from Settings → Delete my account.

1. Who we are

BalakApp is a mobile app for crypto portfolio monitoring, operated by an individual based in Montevideo, Uruguay. We are not a registered company nor an exchange. We do not custody user funds.

Contact: balakapp.support@gmail.com

2. Information we collect

Data you give us directly

Email: when you create an account to sign in.
Portfolio: tokens you add manually, their quantities, average buy price, any notes you write, configured alerts, token sets, price targets.
Public wallets: blockchain wallet addresses you choose to track (no private keys required — these are public addresses).
Images: if you use the "photo import" feature, the images you upload are sent to OpenAI for processing. More details in section 4.
Preferences: language, display currency, theme (light/dark), notification settings.

Automatic technical data

Push notification token: anonymous device identifier (provided by Expo) to send you price alerts if you enabled them.
Device type and OS: automatically collected by Supabase Auth, needed for sessions to work correctly.

What we do NOT collect

Passwords (login is by one-time code sent to your email).
Your geographic location.
Your contacts or address book.
Browsing history outside the app.
Bank or credit card details.
Wallet private keys (we never ask for these).

3. How we use your data

Identify your account and let you sign in.
Sync your portfolio across the devices where you have the app.
Show you updated prices for the tokens you track.
Send you push alerts when prices reach the targets you set.
Process images you upload to extract balance information (photo AI feature).
Improve the app by analyzing technical errors that occur.

We do not sell your data to third parties. We don't use your information for advertising. We don't share your information with ad networks.

4. Third-party services

To function, BalakApp sends certain data to external services. Each one has its own privacy policy that we recommend you read.

Service	Data sent	Purpose
Supabase	Email, portfolio, alerts, tracked wallets	Auth and main database
CoinGecko	Token symbols (e.g. "BTC")	Market prices and charts
CryptoCompare	Token symbols	Prices and historical data
DexScreener	Contract addresses / symbols	DEX token prices
Zerion	Wallet addresses you track	Reading balances and DeFi positions of public wallets
OpenAI	Images you upload for photo AI	Balance recognition in screenshots
Expo Push Notifications	Anonymous device token	Sending alert push notifications

Photo AI (important): when you use the photo import feature, the image is sent to OpenAI servers for processing. OpenAI has its own policy and may temporarily retain the image according to their terms. If you don't want your images to pass through OpenAI, simply don't use this feature. Import your tokens manually with the "+ Add token" button.

5. Security

All communications between the app and our services use HTTPS encryption.
The backend (Supabase) uses Row Level Security: technically each user can only access their own data.
Authentication tokens are handled by Supabase Auth, an industry standard.
We never store passwords.

Despite taking reasonable measures, no system is 100% secure. If you discover a vulnerability, write to us at balakapp.support@gmail.com.

6. Your rights

As a user, you have the right to:

Access the data we have about you. Write to us and we'll send you an export.
Correct inaccurate data. You can edit directly in the app or ask us by email.
Delete your account and all your data at any time. Two ways:
- From the app: Settings → Delete my account. The deletion is immediate and permanent.
- By email: write to balakapp.support@gmail.com and we'll process it manually.
Object to the processing of your data. In practice, without that data we can't provide the service: the only option is to delete the account.

7. Data retention

While your account is active, your data is kept stored.
When you delete your account, data is removed immediately from the main database.
Supabase technical backups may retain a copy for up to 30 days, after which they are automatically deleted.
Images processed by OpenAI follow OpenAI's retention policy (consult their site).

8. Minors

BalakApp is not intended for children under 13. We do not knowingly collect information from minors. If you are a parent and discover your child has created an account, write to us and we'll remove it.

In the European Union, this limit is raised to 16 in some countries under GDPR.

9. Changes to this policy

If we update this policy significantly, we'll notify you in two ways:

An in-app notification the next time you open it.
An email to the address you used to register.

For minor changes (wording corrections, adding a new service similar to existing ones), we'll only update the "Last updated" date above.

10. Jurisdiction

This policy is governed by the laws of the Oriental Republic of Uruguay. Any dispute related to this policy or to BalakApp will be submitted to the courts of Montevideo, Uruguay.

11. BalakApp is NOT

An exchange: you cannot buy or sell crypto from the app.
A custodial wallet: we do not hold your cryptocurrencies.
A financial advisor: prices and charts are informational. We don't give investment recommendations.
A banking service: we don't have financial licenses nor do we need them given the type of service we offer.

12. Contact

For any questions about this policy, to exercise your rights, or to report issues, write to us at:

balakapp.support@gmail.com

We respond in Spanish, English, Portuguese, or French. Typical response time: 5 to 7 business days.