Your financial data, your privacy.
Pockyt stores your financial data — transactions, cards, budgets, goals, recurring entries, subscriptions, and bill splits — locally on your device. Pro and Power subscribers may enable optional cloud sync, which stores your data in Google Firebase Firestore to enable cross-device access. In mainland China, where Google services are not directly reachable, sync requests are relayed through a Pockyt-operated proxy hosted on Tencent Cloud (Hong Kong) to the same Firebase storage; the proxy does not retain your data. We do not sell or share your personal financial data with third parties.
Pockyt's AI features — the conversational AI assistant, receipt scanning (OCR), voice logging, and credit-card benefit auto-detect — are powered by Google Gemini (or, if you choose to supply your own API key in Settings, OpenAI/ChatGPT or Anthropic/Claude). No API key is required from you by default — the Gemini integration is managed by Pockyt.
We ask for your explicit permission the first time you use any AI feature, and no data is sent to the AI provider until you agree. If you decline, the AI features stay off (receipt scanning falls back to fully manual entry). Depending on the feature, the data sent is: a summary of your financial data (transactions, budgets, cards, and goals) for the AI assistant; receipt images or their extracted text for scanning; card names and benefit descriptions for benefit auto-detect; and voice recordings for voice logging.
Outside mainland China, requests are sent via Firebase AI Logic; in mainland China, requests are relayed through the Tencent Cloud (Hong Kong) proxy to Gemini, so your device never contacts Google directly. Data sent is subject to the AI provider's privacy policy (for Gemini, Google's Privacy Policy) and is used only to generate your result — never for advertising or to track you. These providers are contractually bound by their agreements and privacy policies to protect your data with safeguards equivalent to those described in this policy. Pockyt does not permanently store or log your AI conversations or inputs on its own servers.
Pockyt uses Firebase Authentication. You may use the app entirely without signing in — all core features work offline with local storage. Outside mainland China, you are assigned an anonymous account by default and may optionally sign in with Google, Apple, or email/password to enable cloud sync. In mainland China, sign-in is handled through the Tencent Cloud (Hong Kong) proxy and supports Apple or email/password (Google sign-in is unavailable in the region).
Pockyt requests camera and photo library access solely for receipt capture. Receipt images are processed on-device or sent to Google Gemini for OCR; they are not stored by Pockyt's servers. You may attach receipt photos to transactions; these are stored locally on your device.
With your permission, Pockyt uses your device's location to auto-fill the location of a transaction and to suggest region-relevant card benefits. The location is converted to a place name on your device. Location is optional — the app works fully without it — and is never used to determine your data-routing region; that is decided by a network connectivity check, not your location. Location data is not shared with third parties.
Free-tier users may see banner ads served by Google AdMob. On iOS, Pockyt asks for permission (App Tracking Transparency) before using your advertising identifier (IDFA, or the equivalent on Android) to personalize these ads; if you decline, only non-personalized ads are shown. Ads are not shown to paid subscribers and are not shown in mainland China. You may change this at any time through your device's privacy settings (on iOS: Settings → Privacy & Security → Tracking).
Pockyt may send local push notifications to remind you of upcoming credit card payment due dates and recurring transaction reminders. These notifications are scheduled entirely on-device and no notification content is transmitted to any server.
The following features compute everything on your device and send no data externally:
Cloud-synced data is protected by Firebase security rules that ensure only you can access your account. In mainland China, the proxy verifies your authentication token server-side and enforces the same per-user rules before relaying any data. You can delete all your cloud data at any time from Settings. Local data can be cleared by deleting the app.
Pockyt operates globally. The app automatically checks whether it can reach Google's servers — not your location — and, when it cannot (for example in mainland China), routes sync, authentication, and AI through the Tencent Cloud (Hong Kong) proxy so cloud features keep working. Advertising is not shown in mainland China. Your local data is preserved when you travel between regions.
A future update will allow you to securely link bank accounts for automatic transaction import via a regulated open banking API with read-only access. Pockyt will never store your banking credentials. A full privacy policy update will be provided before this feature launches.
For questions, feedback, or data deletion requests, please contact us at wksunshine@gmail.com.
Last updated: July 2026
您的財務資料,由您掌控。
Pockyt 將您的財務資料(包括交易紀錄、信用卡、預算、儲蓄目標、定期項目、訂閱及帳單分攤)儲存於您的本機裝置。Pro 及 Power 訂閱用戶可選擇啟用雲端同步功能,將資料安全儲存於 Google Firebase Firestore,以實現跨裝置存取。在中國大陸,由於無法直接連線 Google 服務,同步請求會透過 Pockyt 營運、部署於騰訊雲(香港)的代理伺服器轉發至相同的 Firebase 儲存;該代理不會保留您的資料。我們不會向第三方出售或分享您的個人財務資料。
Pockyt 的 AI 功能——對話式 AI 助手、收據掃描(OCR)、語音記帳,以及信用卡權益自動偵測——均由 Google Gemini 提供支援(若您選擇在「設定」中提供自己的 API 金鑰,也可使用 OpenAI/ChatGPT 或 Anthropic/Claude)。預設情況下無需您自行提供 API 金鑰,Gemini 整合由 Pockyt 統一管理。
首次使用任何 AI 功能時,我們都會徵求您的明確同意;在您同意之前,不會向 AI 提供商發送任何資料。若您拒絕,AI 功能將保持關閉(收據掃描會改為完全手動輸入)。視功能而定,傳送的資料為:用於 AI 助手的財務資料摘要(交易、預算、卡片和目標)、用於掃描的收據圖片或其擷取文字、用於權益偵測的卡片名稱和權益說明,以及用於語音記帳的語音錄音。
在中國大陸以外,請求透過 Firebase AI Logic 發送;在中國大陸,請求透過騰訊雲(香港)代理轉發至 Gemini,您的裝置不會直接連線 Google。傳送的資料受該 AI 提供商的隱私政策約束(Gemini 為 Google 隱私政策),且僅用於產生您的結果——絕不用於廣告或追蹤您。這些提供商依其協議及隱私政策,須以與本政策所述同等的保護措施保護您的資料。Pockyt 不會在自身伺服器上永久儲存或記錄您的 AI 對話或輸入內容。
Pockyt 使用 Firebase Authentication 進行身份驗證。您無需登入即可使用所有核心功能,資料完全離線儲存於本機。在中國大陸以外,系統預設為您分配匿名帳戶,您也可以選擇透過 Google、Apple 或電子郵件/密碼登入以啟用雲端同步。在中國大陸,登入透過騰訊雲(香港)代理處理,支援 Apple 或電子郵件/密碼(Google 登入在該地區無法使用)。
Pockyt 僅為拍攝收據請求相機和相簿存取權限。收據圖片在裝置本機處理,或傳送至 Google Gemini 進行文字辨識;Pockyt 伺服器不會儲存這些圖片。附加至交易紀錄的收據照片儲存於您的本機裝置。
在您授權的前提下,Pockyt 使用您裝置的位置自動填入交易的所在地點,並推薦與地區相關的信用卡優惠。位置會在您的裝置上轉換為地點名稱。位置功能為選用性質——即使不啟用,應用程式仍可完整運作——且絕不用於判斷您的資料路由地區;該判斷是透過網路連線測試完成,與您的位置無關。位置資料不會與第三方分享。
免費版用戶可能會看到由 Google AdMob 投放的橫幅廣告。在 iOS 上,Pockyt 會先請求權限(App 追蹤透明度),才會使用您的廣告識別碼(IDFA,或 Android 上的同類識別碼)來個人化這些廣告;若您拒絕,則僅顯示非個人化廣告。付費訂閱用戶不會看到廣告,中國大陸亦不顯示廣告。您可隨時在裝置隱私設定中變更此選項(iOS:設定 → 隱私與安全性 → 追蹤)。
Pockyt 可能會發送本機推播通知,提醒您即將到來的信用卡還款日和定期交易。這些通知完全在裝置本機排程,不會向任何伺服器傳輸通知內容。
以下功能僅在您的裝置上進行計算,不向外部傳送任何資料:
雲端同步資料受 Firebase 安全規則保護,確保只有您本人才能存取自己的帳戶。在中國大陸,代理伺服器會在伺服器端驗證您的身份權杖,並在轉發任何資料前套用相同的個人專屬規則。您可隨時在「設定」中刪除所有雲端資料。本機資料可透過解除安裝應用程式清除。
Pockyt 面向全球用戶提供服務。應用程式會自動偵測是否能連線至 Google 伺服器(並非偵測您的位置),當無法連線時(例如在中國大陸),便透過騰訊雲(香港)代理路由同步、身份驗證及 AI 功能,使雲端功能維持運作。中國大陸不會顯示廣告。在不同地區之間旅行時,您的本地資料始終得到保留。
未來版本將支援透過受監管的開放銀行 API 以唯讀方式安全關聯銀行帳戶,實現自動匯入交易紀錄。Pockyt 絕不會儲存您的銀行憑證。功能上線前,我們將提供完整的隱私政策更新說明。
如有疑問、意見或資料刪除請求,請發送郵件至 wksunshine@gmail.com。
最後更新:2026 年 7 月