Legal

Privacy Policy

Last updated: 16 June 2026

Draft — not yet in effect. This policy contains placeholders (shown in [brackets]) that must be filled in before publishing. It is not legal advice.

Operator: [LEGAL ENTITY / YOUR NAME] ("Fable", "we", "us")
Contact: [PRIVACY CONTACT EMAIL]

Fable is a group chat + expense-splitting + trip-companion app. This policy explains what we collect, why, who we share it with, and the choices and rights you have.

Fable is not a payment processor. We never move money or process card/bank transactions. You record settlements after money has moved outside the app (e.g. via your UPI app). Any payment handles you add (UPI ID, bank details) are stored so your group can pay you — they are not used to initiate transactions.

1. Information we collect

You give us

Account & identity: your phone number (phone sign-in) and/or your Google account email, name, and ID (Google sign-in); your display name and optional username; an optional profile photo.
Payment handles: UPI IDs / bank details you choose to add, shown to members of your groups so they can pay you. Stored as entered; never used to move money.
Content you create: chat messages (text, images, voice notes, GIFs/stickers, documents), expenses (amounts, descriptions, categories, receipt images), settlement records, "Stash" items, trip moments, group names/photos, and reactions.
Reports & moderation: content you report or users you block.

Collected automatically

Device & push: a device/install identifier, your push notification token, app version, and OS type — used to deliver notifications and operate the app.
Usage & diagnostics: in-app events (product analytics) and crash reports, used to improve reliability and the product.

Only with your permission

Camera / photo library: when you attach a photo, scan a bill, or send a GIF/sticker. We access only what you select.
Location: if you enable trip live-location sharing, your location is shared with your trip group for the trip's dates. You can turn this off at any time; it stops automatically when the trip ends.
Contacts: we do not read your address book. You invite people via a link/QR code or by their username.

2. The bill/payment "scan" feature (AI processing)

When you use scan to turn a bill or payment screenshot into an expense or settlement:

We first try to read the image on your device (Apple Vision on iOS, Google ML Kit on Android). This stays on your device.
If on-device reading isn't enough, the image or its extracted text is sent to our AI provider, Anthropic, to identify items/amounts. Anthropic processes it to return the result and, per its API terms, does not use it to train its models. We don't keep the image for AI beyond producing the result.

Scanning is optional — you can always add expenses manually.

3. How we use your information

Provide core features: messaging, expense splitting, settlement tracking, trips, search, and notifications.
Authenticate you and keep your account secure (incl. anti-abuse / rate limits).
Deliver push notifications you've enabled.
Operate the scan feature when you use it.
Improve reliability and the product (aggregated analytics, crash diagnostics).
Enforce our Terms and respond to reports/abuse.
Comply with legal obligations.

We do not sell your personal information, and we do not use your messages, expenses, or media for advertising.

4. Who we share it with (service providers)

We share data only with providers who process it on our behalf to run Fable:

Provider	Purpose	Data
Google Firebase	Phone/Google sign-in, push notifications	Phone/email/account ID, push token
Cloudflare R2	Media storage	Images, voice notes, documents, receipts
[Database/cache host — Neon / Upstash]	App database & cache	Your account + content data
[Backend host]	Runs the Fable API	All app data in transit/at rest
Anthropic	AI scan (only when you scan)	The image or its extracted text
Google Maps Platform	Place suggestions when you pin a location	Approximate coordinates / search text
[Analytics — PostHog]	Product analytics	Usage events, device info
[Crash reporting — Sentry]	Crash diagnostics	Crash logs, device info

Members of a group can see the content you share in that group (messages, expenses, your payment handles, etc.). We may also disclose information if required by law or to protect users' safety.

5. Data retention & deletion

We keep your data while your account is active.
You can delete your account in the app (Settings → account deletion), which removes your profile and personal data. Some content shared into a group (e.g. an expense others rely on) may be retained or anonymized to preserve the group's records, and backups/logs purge on a rolling schedule.
Media has a server-side lifecycle and may expire from our servers over time.

6. Your rights

Depending on where you live (e.g. India's DPDP Act 2023, or the EU/UK GDPR), you may have the right to access, correct, delete, export, or restrict processing of your data, and to withdraw consent. Use the in-app controls or contact us at [PRIVACY CONTACT EMAIL]. We respond within the timeframe the applicable law requires.

7. Security

We use HTTPS/TLS in transit, access controls, and reputable infrastructure providers. Your refresh token is stored in the device's secure keystore. No system is perfectly secure, but we work to protect your data and will notify you of incidents as required by law.

8. Children

Fable is not directed to children under [13 / 16 / 18 — set per your policy]. We do not knowingly collect data from them. If you believe a child has provided data, contact us and we will delete it.

9. International transfers

We operate from [REGION] and use providers that may process data in other countries. Where required, we rely on appropriate safeguards for cross-border transfers.

10. Changes

We'll update this policy as the app evolves and revise the "Last updated" date. Material changes will be highlighted in the app or by notice.

11. Contact

Questions or requests: [PRIVACY CONTACT EMAIL].