Last updated: March 26, 2026
Churn ("we," "our," or "us") is a credit card optimization tool available as a web application and a mobile application that helps users maximize their credit card rewards. This Privacy Policy explains what information we collect across both platforms, how we use it, and your rights regarding your data. We are committed to protecting your privacy and being transparent about our data practices.
When you create an account, we collect your email address and, if you sign in with Google OAuth, your name and profile picture as provided by Google. We use Supabase for authentication and securely store your credentials. Your account works across both the web and mobile apps.
You tell us which credit cards you hold by selecting them from our database. We store these selections to power recommendations and reward calculations. These selections are synced between the web and mobile apps when you are signed in.
You may optionally provide estimated monthly spending amounts per category (e.g., groceries, gas, dining). These are self-reported estimates used to calculate your optimal card usage and are not connected to any bank or financial institution.
If you use the Churning Tracker, we store your minimum spend progress, signup dates, and annual fee dates. This data is entered manually by you.
If you grant permission, we use your device's Geolocation API (on web) or location services (on mobile) to detect your location and suggest relevant spending categories based on nearby businesses. This is used by our Smart Context feature to automatically determine the likely merchant category for your current location. Location lookups are performed via OpenStreetMap's Nominatim reverse geocoding service. Your coordinates are sent to Nominatim only when you actively use this feature. We do not store your location history on our servers.
If you enable push notifications in the mobile app, we collect your device's push notification token (via Expo Push Notifications) to send you alerts about churning deadlines, annual fee dates, and other time-sensitive information. You can disable push notifications at any time through your device settings.
We use Vercel Analytics and Vercel Speed Insights (web) to collect anonymized usage data such as page views, performance metrics, and general device information. On the mobile app, we use Sentry for crash reporting and error tracking. This data does not identify individual users.
Churn is designed to work without sensitive financial data. We never collect or have access to:
Churn's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
When you sign in with Google, Churn requests access to your basic profile information (name, email address, and profile picture) via Google OAuth. We do not request access to any other Google services, such as Gmail, Google Drive, Google Calendar, or Google Contacts.
Your Google profile information is used solely to create and maintain your Churn account. Specifically, your email address is used as your account identifier and for account-related communications, your name is used to personalize the app experience, and your profile picture is displayed in the app interface. We do not use your Google data for advertising, market research, or any purpose unrelated to providing the Churn service.
We do not sell, share, or transfer your Google user data to any third parties, except as necessary to provide the Churn service (e.g., storing your account in Supabase, our database provider, which is bound by its own data protection agreements). We do not share Google user data with advertising networks, data brokers, or any other information resellers.
Your Google user data is stored securely in Supabase's PostgreSQL database with Row Level Security enabled, ensuring only you can access your own data. All data in transit is encrypted via HTTPS/TLS. We do not store Google OAuth tokens beyond the authentication session — Supabase Auth handles token management securely.
Your Google user data is retained only as long as you maintain an active Churn account. You can delete your account and all associated data (including Google-provided data) at any time through the Settings page in the web app or mobile app. Upon account deletion, all your data — including your Google profile information — is permanently removed from our database. You may also revoke Churn's access to your Google account at any time via your Google Account permissions.
When you are signed in, your card selections, spending estimates, tracker data, and preferences are synced between the Churn web app and the Churn mobile app via Supabase. This sync happens automatically in the background. If you use Churn without an account, your data is stored only on the device you are using and is not synced.
We use the following third-party services:
Some card recommendations on Churn include affiliate links. When you apply for a credit card through one of these links, Churn may earn a commission at no additional cost to you. Affiliate relationships do not influence how cards are ranked — recommendations are always ordered by estimated value to you based on your spending profile.
Churn uses the following browser storage mechanisms (web app):
The mobile app uses secure on-device storage for the same purposes. We do not use advertising cookies or third-party tracking cookies.
Your data is retained as long as you maintain an active account. You can export or delete your data at any time through the Settings page (web) or within the mobile app. When you delete your data, it is permanently removed from our database across all platforms. If you wish to delete your account entirely, you can do so from Settings, which will remove all associated data from Supabase.
If you use Churn without an account, your data is stored only on your device (in your browser's localStorage on web, or local storage on mobile) and is never sent to our servers. Clearing your browser data or uninstalling the mobile app will remove it.
We implement industry-standard security measures to protect your data. All data in transit is encrypted via HTTPS. Database access is protected by Supabase's Row Level Security policies, ensuring that users can only access their own data. We do not store passwords directly — authentication is handled entirely by Supabase Auth.
Canada (PIPEDA) — Churn complies with the Personal Information Protection and Electronic Documents Act. We collect only the minimum personal information necessary to provide the service, we obtain meaningful consent before collecting data (including location data), and we provide access to and deletion of your data upon request. You may withdraw consent for optional data collection (such as location services or push notifications) at any time through your device settings without affecting your ability to use core features.
California (CCPA/CPRA) — If you are a California resident, you have the right to: (1) know what personal information we collect and how it is used, (2) request deletion of your personal information, (3) opt out of the sale or sharing of your personal information, and (4) not be discriminated against for exercising your privacy rights. We do not sell your personal information to third parties. To exercise your rights, contact us at the email below or use the data deletion feature in Settings.
Other U.S. State Privacy Laws — For residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and other states with comprehensive privacy legislation: you have similar rights to know what data we collect, request deletion, and opt out of the sale of personal information. We do not sell your personal information to third parties.
Churn is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us so we can delete it.
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
If you have questions about this Privacy Policy or your data, please contact us at privacy@churnapp.com.