Nomu Privacy Policy
Last Updated: January 24, 2026 | Effective: January 24, 2026
Privacy First: Nomu is designed with privacy as a core principle. Your financial data stays on your device and is never uploaded to our servers.
1. Information We Collect
1.1 Data Stored Locally on Your Device
Nomu stores the following information locally on your iPhone only:
- Expense records: Transaction amounts, dates, merchant names, categories, and notes you enter
- Budget settings: Your monthly budget amount and preferences
- Learned patterns: Merchant categorization preferences to improve auto-categorization
- App preferences: Display settings, notification preferences, and theme choices
This data never leaves your device unless you explicitly choose to export it.
1.2 Data Shared with Third-Party Services
When you use the AI Financial Advisor feature, your query and relevant spending context are sent to OpenAI's API to generate personalized responses. This includes:
- Your question or prompt
- Summarized spending patterns (categories and amounts, not individual transactions)
- No personally identifiable information (name, email, phone, location) is ever shared
1.3 Data We Do NOT Collect
We do not collect, store, or have access to:
- Your name, email address, or phone number
- Your location data
- Your contacts or photos
- Bank account numbers or financial credentials
- Transaction details from your bank (we don't connect to banks)
- Any data that could identify you personally
2. How We Use Information
2.1 Local Data Usage
Data stored on your device is used to:
- Display your expense history and budget progress
- Automatically categorize merchants based on your preferences
- Calculate spending insights and trends
- Provide personalized AI advice based on your spending patterns
2.2 AI Advisor Usage
When you ask the AI Advisor a question:
- Your question and anonymized spending summary are sent to OpenAI
- OpenAI generates a response based on your query
- The response is displayed in the app
- Neither we nor OpenAI retain this conversation data beyond the session
3. Data Security
3.1 On-Device Security
Your data is protected by:
- Device encryption: All data is encrypted using iOS's built-in encryption
- Biometric authentication: Optional Face ID or Touch ID protection
- No cloud sync: Data remains on your device only
- Secure storage: We use iOS Keychain and encrypted UserDefaults
3.2 Network Security
When communicating with the AI service:
- All connections use HTTPS/TLS encryption
- API keys are stored securely and never exposed
- No sensitive financial data is transmitted
4. Data Retention and Deletion
4.1 Local Data
Your data remains on your device until you:
- Delete individual expenses within the app
- Use the "Delete All Data" option in Settings
- Uninstall the Nomu app
4.2 Your Rights
You have the right to:
- Access: View all your data within the app at any time
- Delete: Remove any or all data using in-app controls
- Export: Export your data (feature coming soon)
- Opt-out: Use the app without the AI Advisor feature
5. Children's Privacy
Nomu is not intended for children under 13 years of age. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal information, please contact us.
6. UAE PDPL Compliance
Nomu is designed to comply with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021). Specifically:
- Data minimization: We collect only data necessary for app functionality
- Purpose limitation: Data is used only for stated purposes
- Storage limitation: Data is stored locally and can be deleted anytime
- Security: Appropriate technical measures protect your data
- Transparency: This policy clearly explains our data practices
- User rights: You can access, correct, and delete your data
7. International Data Transfers
When you use the AI Advisor feature, your query may be processed by OpenAI's servers, which may be located outside the UAE. This transfer is:
- Necessary to provide the AI advice feature
- Protected by encryption in transit
- Limited to anonymized spending summaries (no personal data)
You can avoid international data transfer by not using the AI Advisor feature.
8. Third-Party Services
8.1 OpenAI
We use OpenAI's GPT-4 API to power the AI Financial Advisor. OpenAI:
- Processes queries to generate responses
- Does not use API data to train their models (per their API terms)
- Has their own Privacy Policy
8.2 Apple Services
The app uses standard Apple frameworks:
- App Store: For app distribution and updates
- StoreKit: For in-app purchases (if applicable)
- iOS Security: For encryption and biometric authentication
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Updating the "Last Updated" date at the top
- Displaying a notice within the app for significant changes
Your continued use of the app after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Privacy Inquiries: privacy@nomu-fintech.com
General Support: support@nomu-fintech.com
We aim to respond to all inquiries within 7 business days.
11. Summary
| What | How It's Handled |
|---|---|
| Your expense data | Stored locally on your device only |
| Your personal info | We don't collect any |
| AI Advisor queries | Sent to OpenAI (anonymized) |
| Data security | iOS encryption + optional biometrics |
| Your rights | Full access, deletion, and export |
| UAE compliance | PDPL compliant |
Bottom line: Your financial data is yours. It stays on your device, protected by iOS security, and we never see it.