SpendCaddie Logo
SpendCaddie
LoginGet Started

Cookie Policy

Version: 2.0Effective Date: May 21, 2026Last Updated: May 21, 2026

This Cookie Policy explains how Bobby Built Ventures, LLC d/b/a SpendCaddie ("SpendCaddie," "we," "us," or "our") uses cookies, local storage, software development kits, analytics, and similar technologies when you use the SpendCaddie website, web application, iOS application, and related services.

This policy should be read with our Privacy Policy and Consent & Communication Preferences.

1. What are cookies and similar technologies?

Cookies are small text files stored by a website or browser. Similar technologies include localStorage, sessionStorage, mobile app storage, SDKs, device identifiers, pixels, analytics scripts, and push-notification tokens.

SpendCaddie uses these technologies to authenticate users, maintain sessions, protect accounts, remember preferences, operate the app, improve performance, honor consent choices, and provide analytics where you have allowed it.

2. Categories of technologies we use

2.1 Essential technologies

Essential technologies are necessary to operate the Service. They may be used without optional analytics or marketing consent.

Examples include:

  • authentication and session technologies;
  • Supabase auth/session storage;
  • security cookies or local storage;
  • CSRF, origin, fraud-prevention, and abuse-prevention controls;
  • rate-limiting and operational metadata;
  • billing or account-session technologies needed to complete a requested flow;
  • local app storage needed for iOS app functionality;
  • mobile SecureStore for certain authentication or PIN-related data; and
  • basic hosting, logging, and performance records needed to deliver and secure the Service.

If you disable essential cookies or storage, parts of the Service may not work.

2.2 Preference technologies

Preference technologies remember choices you make, such as:

  • cookie preferences;
  • consent settings;
  • notification preferences;
  • display or app preferences;
  • device/app state; and
  • authenticated-user preference records.

For anonymous users, some preferences may be stored locally in the browser. For authenticated users, some preferences may also be stored in SpendCaddie's database.

2.3 Analytics and performance technologies

SpendCaddie uses Vercel Analytics and Vercel Speed Insights to understand product usage and performance. In SpendCaddie-controlled code, these analytics/performance technologies are gated by your analytics consent.

If analytics consent is not enabled, SpendCaddie-controlled analytics events are suppressed or not rendered. Essential hosting, security, operational, fraud-prevention, debugging, and provider logs may still occur even if analytics is disabled.

2.4 Notification technologies

If you enable push notifications, we may process push-notification tokens, device/app metadata, browser push endpoints, and encrypted notification payloads through Expo, browser push providers, or platform providers. You can disable push notifications in SpendCaddie settings where available and in your device or browser settings.

2.5 Advertising technologies

SpendCaddie does not currently use advertising cookies, ad pixels, retargeting pixels, or cross-context behavioral advertising technologies. We do not sell personal information or share personal information for cross-context behavioral advertising.

If we introduce advertising cookies or targeted advertising in the future, we will update this policy and provide any legally required consent or opt-out controls before enabling them.

3. Third-party technologies

Third-party providers may use cookies, SDKs, device data, or similar technologies when they help provide the Service. These may include:

  • Supabase for authentication, database, and session functionality;
  • Vercel for hosting, performance, and consented analytics;
  • Stripe for web checkout, billing, customer portal, and fraud-prevention flows;
  • Plaid for financial account connection flows;
  • Apple for iOS app, App Store, and In-App Purchase flows;
  • RevenueCat for entitlement and subscription status;
  • Resend for email delivery;
  • Anthropic for AI explanation generation;
  • Upstash for rate limiting and infrastructure jobs;
  • Expo or browser push providers for push notifications where enabled.

These providers may process information according to their own terms and privacy policies. SpendCaddie controls only the technologies it implements and configures.

4. Global Privacy Control and universal opt-out signals

When we detect Global Privacy Control or a similar universal opt-out signal, we apply it to SpendCaddie-controlled cookie and preference settings where applicable and technically feasible. Because SpendCaddie does not currently sell personal information or share personal information for cross-context behavioral advertising, the main practical effect is to disable or limit optional categories that could be subject to opt-out rights, including advertising categories if they are ever introduced.

Universal opt-out signals may not control essential technologies or third-party technologies that are necessary to provide services you request, such as authentication, security, Plaid, Stripe, Apple, RevenueCat, or provider-hosted flows.

5. Your choices

You can manage cookie and consent preferences through SpendCaddie cookie controls where available. You can also manage cookies and local storage through your browser or device settings.

Your choices may include:

  • accepting all optional cookies;
  • rejecting optional analytics;
  • allowing analytics and performance measurement;
  • disabling push notifications;
  • changing browser cookie settings;
  • clearing browser localStorage/sessionStorage; and
  • using Global Privacy Control or similar browser signals.

If you clear cookies or local storage, your preferences may need to be reset. If you use multiple browsers or devices, you may need to set preferences on each one.

6. Local storage and mobile app storage

SpendCaddie may use browser localStorage/sessionStorage and mobile app storage for authentication, preferences, app state, performance, caching, and functionality.

The iOS app may use SecureStore for certain authentication or PIN-related data. The app may also use local app caches for account, debt, financial, or app-state information needed for functionality and performance. Not every local cache is necessarily encrypted by SpendCaddie, so you should protect your device with device-level security features such as passcode, biometric lock, operating system updates, and device encryption where available.

7. Changes to this Cookie Policy

We may update this Cookie Policy from time to time. If we make material changes, we will provide notice through the Service, by updating the policy date, by email, or through another reasonable method.

8. Contact

Privacy Inquiries: privacy@spendcaddie.com
General Support: support@spendcaddie.com