Trupence — Privacy Policy
The short version
Trupence is a travel-money app that runs almost entirely on your phone. We designed it so there's very little to say here — and that's the point.
- No account. No sign-up. You don't give us your name, email or anything else to use the app.
- Your data stays on your device. Trips, purchases, notes, the cards you've ticked, budgets and any receipt photos are stored only on your phone. We have no servers that hold a copy, because we have no user servers at all.
- No analytics. No tracking. No ads. No third-party SDKs that phone home.
- We can't see your data, sell it, or lose it in a breach, because we never receive it.
The rest of this page explains exactly what that means, what limited network calls the app makes, and the few device permissions it asks for.
1. Who we are
Trupence is an independent app made by DagdaForge, a developer based in Scotland, United Kingdom. For any privacy question, contact:
For UK GDPR / EU GDPR purposes, the developer is the "data controller" for the very limited processing described below. In practice, almost all processing happens locally on your own device and never reaches us.
2. What data Trupence stores, and where
Everything you create in Trupence is stored on your device only, in the app's private storage (a local SQLite database, plus any receipt photos copied into the app's private files area). This includes:
- Trips you create (name, destination country, home and local currency, dates, budget).
- Purchases you log (amounts, the exchange rate and card used at the time, category, store name, notes, timestamp).
- Any receipt photo you choose to attach to a purchase.
- The cards you've ticked as "cards you carry" (from a built-in list or ones you add yourself), and your settings (home currency, default card, preferences).
We never send any of this to a server. There is no Trupence account and no Trupence cloud — there is nothing for it to sync to.
A note on security, in plain English
Your Trupence data is protected by Android's app sandbox and the device's disk encryption — other apps can't read it, and on a modern, locked, PIN/biometric-protected phone it stays private. However, Trupence does not add its own separate layer of encryption on top. That means that on a rooted device, or via a full-device backup, the underlying database file could in principle be read. We mention this honestly so you can decide what to keep in notes and what device backup settings to use.
You're in control: export and delete
- Export: you can export a trip's purchases to a CSV file at any time (via the system "Save to…" dialog — Downloads, Drive, Files, etc.). The data goes wherever you choose to save it.
- Delete: you can delete individual purchases, trips and cards within the app. Uninstalling Trupence removes its on-device database and files entirely.
3. The only times Trupence uses the internet
Trupence works offline for its core job. It makes just three kinds of network request, and none of them sends your personal data:
a) Exchange rates — Frankfurter
To show live mid-market exchange rates, the app fetches them from
Frankfurter (api.frankfurter.dev), a free,
ECB-backed rates service. The only thing sent is the currency
codes you're converting (e.g. "JPY to GBP"). No personal data, no
account, no device identifiers from us — just a currency lookup. Rates are
then cached on your device so the app keeps working offline.
b) Card-fee data — a public file
The list of cards and their typical foreign-exchange fees can be updated between app releases by downloading a small, versioned public data file from public cloud storage (Amazon S3). This is a plain, anonymous, read-only download — it sends no personal data and no credentials, and the app works without it (it ships with a built-in copy as a fallback).
c) Affiliate links (eSIM) — open in your browser
If you tap a disclosed affiliate link (for example, to look at travel eSIM options), Trupence simply opens that link in your normal external web browser. Trupence adds no tracking of its own to that hand-off. Once you're on the destination's website, that site's own privacy policy, cookies and tracking apply — just as they would for any link you open in your browser. See the affiliate disclosure in section 6.
That's the complete list. There are no other servers, no analytics endpoints, and no advertising networks in the app.
4. Crash logs and diagnostics
Trupence keeps a small crash and diagnostics log on your device to help with troubleshooting (for example, camera or scanning hiccups). This log stays on your device and is never sent anywhere automatically.
If you want to report a problem, you can choose to tap "Share" to send the diagnostics yourself (e.g. by email) — at which point it goes only where you send it. The log may include app context such as currency pairs or scanning events, so feel free to review it before sharing. Nothing leaves your device unless you actively share it.
5. Device permissions (asked only when needed)
Trupence requests permissions at the point of use / opt-in — not all up front — and the app keeps working with them denied (you just lose that one feature).
- Camera — used only to scan a price when you open the scanner. The photo is processed on your device using Google's ML Kit on-device text recognition to read the numbers. Images are not uploaded to us or anyone else; the captured frame stays on your device. (Depending on your device, the text-recognition model may be downloaded once via Google Play services — that download is between your device and Google and carries no Trupence user data.)
- Location (coarse / approximate) — used only to detect which country you're in, so the app can offer to start or end a trip and pick the local currency. We request approximate location only (not precise GPS), and your location is not stored remotely or sent anywhere — it's used on-device, in the moment.
- Notifications — used only for trip reminders you opt into. We use ordinary (inexact) reminders and deliberately do not request exact-alarm permissions.
You can change or revoke any of these in your Android settings at any time.
6. Affiliate disclosure
Trupence may include clearly disclosed affiliate links (currently for travel eSIM options). If you tap one and go on to make a purchase on the destination's site, we may earn a small referral commission — at no extra cost to you.
This never affects the app's recommendations. Trupence's "cheapest card" and cost figures are based only on the fee data, and an affiliate suggestion never re-orders the honest ranking. We show affiliate links because they're things we think genuinely help travellers — the commission is a side effect, not the reason.
Affiliate links open in your external browser; see section 3(c) on what that means for tracking.
7. Children
Trupence is a general-audience travel-money tool and is not directed at children. We do not knowingly collect any data from children — in fact, we don't knowingly collect personal data from anyone, since the app keeps your data on your own device.
8. Your rights (UK / EU GDPR)
Because your data lives on your device and we don't hold a copy, you already have direct, hands-on control: you can view, export (CSV) and delete everything from within the app, and uninstalling removes it all.
Under UK GDPR and EU GDPR you also have rights of access, rectification, erasure, restriction, portability and objection. For the limited processing we control (see section 1), contact us at the email above. You also have the right to complain to a supervisory authority — in the UK, the Information Commissioner's Office (ICO), ico.org.uk.
9. Changes to this policy
If we change how Trupence handles data, we'll update this page and revise the "Last updated" date above. Material changes will be reflected here before they take effect in a new app version.
10. Jurisdiction
Trupence is operated from Scotland, United Kingdom, and this policy is governed by the laws of Scotland / the United Kingdom, without affecting any mandatory consumer or data-protection rights you have where you live.
Trupence — the real price, before you pay.