Privacy Policy

Trax is an iOS Shortcut application that helps you log personal expenses directly to your own Google Sheets account. We are an independent developer product, not a company. References to “we”, “us”, or “our” refer to the Trax development team.

Our website: trax.pragmatixstudio.com
Contact: purnanshu@trax.pragmatixstudio.com

2.1 Google account information

When you connect Trax to your Google account, we receive:

• Your Google account email address
• An OAuth access token and refresh token

We use your email address solely to identify your account in our system and to associate your Google Sheet with your device. We use the tokens solely to write expense data to your Google Sheet on your behalf.

We do not receive or store your Google password at any point.

2.2 Expense data

When you log an expense using the Shortcut, you provide:

• A category (selected from a predefined list)
• An amount (a number you enter)

This data is transmitted over an encrypted HTTPS connection to our backend, which immediately writes it to your Google Sheet and does not retain a copy. We do not log, analyse, aggregate, sell, or otherwise process your expense data.

2.3 Device identifier

The first time you run the Shortcut, a random unique identifier (UUID) is generated and stored in your iCloud Drive. This identifier is used to associate your device with your Google Sheet. It contains no personal information and cannot be used to identify you individually.

2.4 Technical logs

Our servers may automatically log standard technical information such as IP addresses, timestamps, and HTTP response codes as part of normal server operation. These logs are retained for a maximum of 7 days and are used only for diagnosing technical issues. They are not linked to your identity or your expense data.

We use the information described above exclusively to provide the core functionality of the Trax Shortcut:

• To authenticate you with Google on your behalf
• To create a Google Sheet in your Drive on first setup
• To write expense entries to your Sheet when you log them
• To refresh your Google access token when it expires

We do not use your data for advertising, analytics, profiling, or any purpose other than the above.

We do not sell, trade, rent, or share your personal information with third parties, except in the following limited circumstances:

4.1 Google

Your expense data is written to Google Sheets via the Google Sheets API. Your file is created in Google Drive via the Google Drive API. This data transfer is the core purpose of the application. Google’s own privacy policy governs how Google handles data within their services: https://policies.google.com/privacy

4.2 Infrastructure providers

We use Firebase (Google) for token storage and n8n for workflow automation. Both operate under strict data processing agreements. We configure these services to store only the minimum data necessary (device ID, encrypted tokens, sheet ID). No expense content is stored in these systems.

4.3 Legal requirements

We may disclose information if required to do so by law or in response to valid legal process.

Trax requests the following Google OAuth scopes:

• https://www.googleapis.com/auth/spreadsheets
  Used to: append expense rows to your Google Sheet
• https://www.googleapis.com/auth/drive.file
  Used to: create a new Google Sheet from a template on your first setup. This scope provides access only to files created by our app — not your entire Drive.
• email (OpenID Connect)
  Used to: identify your account
• profile (OpenID Connect)
  Used to: display your name during setup

Trax’s use of Google API data adheres to the Google API Services User Data Policy, including the Limited Use requirements: https://developers.google.com/terms/api-services-user-data-policy

6.1 Your expense data

Your expense data is stored in your own Google Sheet, in your own Google Drive account, under your own Google account’s security. We do not have a secondary copy.

6.2 Your OAuth tokens

Your Google OAuth tokens are stored in Firebase Firestore, encrypted at rest. They are associated with your device’s UUID identifier, not your personal identity. Access to Firestore is restricted to our backend server only.

6.3 Your device UUID

Your device UUID is stored in a plain text file in your iCloud Drive. It is protected by your iCloud account security. We store no copy of it beyond our Firestore record linking it to your sheet.

We retain your records (device UUID → sheet ID → tokens) for as long as you use the Shortcut. You can delete your records at any time by:

1. Revoking Trax’s Google access at https://myaccount.google.com/permissions
2. Deleting the device UUID file from your iCloud Drive
3. Emailing us at purnanshu@trax.pragmatixstudio.com to request deletion of your Firestore record

Upon receiving a deletion request, we will purge your Firestore record within 7 business days.

Trax is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the “Last updated” date at the top of this page. Continued use of the Shortcut after changes are posted constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding your privacy or this policy, please contact us at:

purnanshu@trax.pragmatixstudio.com

We aim to respond to all privacy-related enquiries within 5 business days.