Dooit
Dooit privacy

Privacy Policy

Last updated: May 13, 2026

This Privacy Policy explains how Dooit handles information for the landing page, waitlist, mobile app, optional cloud features, receipt extraction, analytics, and subscriptions.

1. Who we are

Dooit is a personal finance tracking app built for users in Malaysia, although people in other countries may also use it.

For privacy questions or requests, contact Dooit at hafizuddinshariff@gmail.com.

2. Waitlist and landing page information

When you join the Dooit waitlist, we collect the email address you submit, a source marker showing that the signup came from the landing page, and anti-spam information submitted with the form.

The waitlist form sends submissions to a Supabase Edge Function for processing and storage.

Our waitlist form uses Cloudflare Turnstile to help confirm that submissions are legitimate. Cloudflare may process verification tokens, browser signals, and similar technical information according to its own service terms and privacy practices.

3. App information you enter

By default, Dooit is local-first. Financial information you enter in the app, such as transactions, amounts, categories, budgets, accounts, notes, preferences, and saved receipt images, is stored on your device unless you choose to use a feature that sends or backs up that information.

Dooit currently relies on manual entry and user-uploaded receipts. We do not currently connect to banks or import bank transactions automatically.

If you contact us for support, we may collect your email address, message contents, and related troubleshooting information.

4. Optional Pro cloud backup and sync

If you purchase Pro, Dooit may offer optional cloud backup or sync. This is not enabled automatically. You must choose to turn it on.

When cloud backup or sync is enabled, selected financial data is stored in Supabase so it can be backed up or synced. This data is protected with technical and organizational safeguards, but it is not currently end-to-end encrypted.

Saved receipt images are included in cloud backup only if you separately opt in to backing up receipt images.

If you disable cloud backup or sync, Dooit is designed to delete the synced Supabase copy after you confirm that choice.

5. Receipt extraction

Dooit may offer receipt extraction to help turn receipt images into transaction details. Receipt extraction is available only when you intentionally use that feature.

When you use receipt extraction, the receipt image and related information needed to process it may be sent to Google Gemini. This may include merchant, date, total, currency, line items, tax or service charge, category hints, and correction prompts.

Dooit does not use your receipt content to train Dooit models. Google Gemini processes receipt information to provide the extraction result according to Google's applicable terms and privacy practices.

Receipt images may be saved on your device. If Pro cloud backup is enabled, receipt images are backed up only if you opt in to receipt image backup.

6. Accounts and sign-in

If you create an account or enable cloud features, Dooit uses Supabase Auth to provide authentication and account management.

Dooit may support Apple Sign in and Google Sign-In. Depending on the provider and your settings, we may receive account identifiers such as your name, email address, or provider user ID.

You are able to delete your account and associated cloud data in the app. You may also contact us for help with privacy requests.

7. Purchases and subscriptions

Pro purchases are handled through Apple App Store or Google Play in-app purchases. Those stores process payment details under their own terms and privacy practices.

Dooit uses Adapty for subscription entitlement management. Adapty may process purchase receipts, product identifiers, subscription status, app user identifiers, and related subscription lifecycle information needed to unlock and manage Pro access.

Dooit does not need to receive your full payment card details when purchases are handled by Apple or Google.

8. Analytics and diagnostics

Dooit uses privacy-conscious analytics and diagnostics to understand reliability and improve the app.

We use PostHog for analytics events. We do not use PostHog session replay or screen recording.

We do not intentionally send transaction amounts, notes, receipt images, or financial record contents to PostHog for analytics.

You can opt out of analytics in the app.

9. Device permissions

Dooit may request camera or photo library access so you can capture or import receipts.

Dooit may request notification permission to send user-controlled reminders, budget alerts, and important account or service notices. Marketing push notifications are sent only with consent.

Dooit does not need access to your contacts. You can control app permissions through your device settings.

10. How we use information

We use information to operate Dooit, manage the waitlist, provide app features, maintain accounts, process receipt extraction, manage subscriptions, respond to support requests, prevent spam and abuse, improve reliability, and communicate product updates where you have consented to receive them.

We may use aggregated or de-identified information to understand feature usage and improve Dooit.

11. Sharing information

We do not sell your personal information.

We may share information with service providers that help us operate Dooit, including Supabase, Cloudflare, Google Gemini, PostHog, Adapty, Apple, and Google.

We may also share information when required by law, to protect Dooit and users, in connection with a business transfer, or with your consent.

12. Marketing communications

We send marketing or product update emails only with consent, such as when you join the waitlist or enable an in-app email preference.

Transactional messages, such as account, support, purchase, security, or service-related messages, may be sent when needed to provide Dooit.

13. Data retention

We keep waitlist emails until you unsubscribe, request deletion, or Dooit no longer needs the waitlist.

We keep account and cloud backup information while your account or cloud sync is active. If you delete your account or request deletion, we delete or anonymize associated information within a reasonable period unless we need to keep it for legal, security, fraud prevention, dispute resolution, or accounting reasons.

Local app data stored only on your device is controlled by you and may be removed by deleting it in the app or removing the app from your device, subject to your device backup settings.

14. Your choices and rights

You may choose not to join the waitlist, not to create an account, not to enable cloud backup, not to use receipt extraction, not to back up receipt images, or not to provide optional app information. Some features may not work without the information needed to provide them.

You may opt out of analytics in the app and manage camera, photo library, and notification permissions through your device settings.

You may contact us to request access, correction, or deletion of personal information, subject to applicable law and technical or legal limits.

15. Security

We use reasonable technical and organizational measures designed to protect information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

16. International processing

Dooit and its service providers may process information in Malaysia, the United States, the European Union, and other countries where they operate. Data protection laws may differ by location.

17. Children's privacy

Dooit is not intended for children under 13. If a higher minimum age applies in your country, you must meet that higher age requirement to use Dooit.

If you believe a child has provided personal information to Dooit, contact us so we can review and delete it where appropriate.

18. Changes to this policy

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify you, such as updating the date on this page or providing notice in the app.

19. Contact

For privacy questions or requests, contact Dooit at hafizuddinshariff@gmail.com.