Security is our main priority. We don't collect and don't store any kind of your personal data on our servers.
We require following permissions for best convenience and sustainability:
Read SMS permission (android.permission.READ_SMS) - this is required for importing your transactions from SMS messages. App does not read ANY other sms messages, except those you manually set for cards!
Internet requests permission (android.permission.INTERNET) - this is required for loading sms parse settings for your bank from the server. You can also add/edit bank parse rules manually.
Read/Write device memory (android.permission.READ_EXTERNAL_STORAGE, android.permission.WRITE_EXTERNAL_STORAGE) - this is required for saving and loading your backups, also this is neccessary when you share your backups/card settings (when sending file it is actually saved in memory first).