Ching (清數理財) · Last updated: 8 April 2026 · Effective: 8 April 2026
Ching (清數理財) is developed and maintained by iloveworking Ltd, based in Hong Kong ("we", "us", "our").
Contact: chingsupport@iloveworking.dev
Ching is a local-first personal finance app. Your financial data (transactions, accounts, budgets, stock holdings) is stored in a SQLite database on your device only. No account or login is required.
We do not collect personal data by default. The optional features below only transmit data when you explicitly enable them and give consent.
When you enable the AI Advisor feature and give consent, a summary of your financial data is sent to our server for analysis:
You control exactly what data is shared via Settings > AI & Privacy — you can exclude accounts, budgets, investments, or couple data individually.
When you use the AI Advisor, your financial snapshot passes through:
Cloudflare Workers & AI Gateway (Cloudflare, Inc., USA) — Your data is routed through Cloudflare's network to an AI gateway endpoint. Due to API geographic restrictions, processing occurs outside Hong Kong (typically United States, Japan, or Singapore). Cloudflare may log request metadata (timestamps, IP addresses) per their privacy policy.
Anthropic (Claude API) (Anthropic, PBC, USA) — Processes your financial data to generate insights. As an API billing customer, your data is not used for model training per Anthropic's privacy policy.
AI responses are cached on your device for up to 24 hours, then automatically discarded. Your IP address is processed by Cloudflare for rate limiting and is not stored beyond the request.
If you enable "Auto-Capture Payments", the app uses Android's Notification Listener Service to read payment notifications from supported apps (Octopus, Google Pay, PayMe, HSBC, BOCHK).
If you use the "Report Issue" feature in Settings, the following data is sent to our Cloudflare Worker for debugging purposes:
This data is stored in Cloudflare KV for support purposes and is retained for up to 30 days, after which it is automatically deleted. No financial data (transactions, balances, accounts) is included in bug reports.
If you enable Partner Mode, selected transactions are synced between you and your partner via Cloudflare Workers. You choose whether to share all transactions or only split expenses.
The following data is stored on our Cloudflare database while the partnership is active:
This data is deleted when either partner disconnects. Undelivered transactions are cleaned up after 24 hours. Inactive devices are purged after 30 days.
We use Firebase Analytics (operated by Google LLC, USA) to understand app usage patterns. Firebase collects:
Firebase does not receive your financial data. We do not use analytics data for advertising or user profiling. You can review Firebase's privacy documentation.
We use Firebase Cloud Messaging (FCM) to deliver push notifications (e.g., partner sync alerts). When you grant notification permission, a unique device token is generated by Firebase and sent to Google's servers to route notifications to your device. This token does not contain personal or financial information. You can disable push notifications at any time in your device settings.
When you use optional features that transmit data, your information may be processed outside Hong Kong:
These transfers are necessary to provide the services you have opted into. Our service providers maintain appropriate security safeguards for cross-border data processing.
The following table summarises all third-party services that may process your data when you use optional features:
| Service | Provider | Purpose | Data Processed | Privacy Policy |
|---|---|---|---|---|
| Cloudflare Workers & AI Gateway | Cloudflare, Inc. (USA) | AI request routing, Partner Mode sync, Report Issue | Financial snapshot, bug reports, IP address, request metadata | Link |
| Claude API | Anthropic, PBC (USA) | AI financial analysis | Financial snapshot (grouped balances, transactions) | Link |
| Firebase Analytics | Google LLC (USA) | App usage analytics | Interaction events, device info, app-instance ID | Link |
| Firebase Cloud Messaging | Google LLC (USA) | Push notifications | Device token (FCM token) | Link |
We do not use any advertising networks, social media SDKs, or other third-party tracking services beyond those listed above.
Ching is a native mobile application and does not use cookies. All app preferences are stored locally on your device using standard Android/iOS storage mechanisms (SharedPreferences / UserDefaults). This privacy policy page itself does not set any cookies or use any tracking scripts.
The AI Advisor provides automated analysis and suggestions based on your financial data. These are informational only and do not constitute financial advice. No automated decisions with legal or similarly significant effects are made about you.
Under the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) and applicable data protection laws, you have the right to:
To exercise these rights, contact us at chingsupport@iloveworking.dev. We will respond within 40 days as required by Hong Kong law.
If you believe your data privacy rights have been violated, you may lodge a complaint with the Office of the Privacy Commissioner for Personal Data (PCPD).
Ching is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
We protect your data through: local-first architecture (data stays on your device by default), encrypted API key storage (Flutter Secure Storage), encrypted HTTPS connections for all server communications, and API key authentication for server endpoints.
This policy may be updated to reflect changes in our practices or legal requirements. We encourage you to review this page periodically. The "Last updated" date at the top indicates when the policy was last revised. Continued use of the app after changes constitutes acceptance of the updated policy.
For questions, data access requests, deletion requests, or concerns:
Email: chingsupport@iloveworking.dev
For formal data access or correction requests under the Personal Data (Privacy) Ordinance (Cap. 486), we will respond within 40 days as required by law.
In the event of any inconsistency between the English and Chinese versions of this policy, the English version shall prevail.
Ching(清數理財)· 最後更新:2026 年 4 月 8 日 · 生效日期:2026 年 4 月 8 日
Ching(清數理財)由我愛返工有限公司(iloveworking Ltd)開發及維護(下稱「我們」)。
聯絡方式: chingsupport@iloveworking.dev
Ching 是一個本地優先的個人理財應用程式。你的財務資料(交易、帳戶、預算、股票持倉)儲存在你裝置上的 SQLite 資料庫中。不需要帳戶或登入。
我們預設不會收集任何個人資料。以下可選功能只會在你明確啟用並表示同意後才傳送資料。
當你啟用 AI 顧問功能並表示同意後,你的財務資料摘要會傳送到我們的伺服器進行分析:
你可以在設定 > AI 與私隱中控制分享的資料範圍 — 可以個別排除帳戶、預算、投資或伴侶資料。
當你使用 AI 顧問時,你的財務快照會經過以下處理者:
Cloudflare Workers 及 AI Gateway(Cloudflare, Inc.,美國)— 你的資料會通過 Cloudflare 的網絡傳送到 AI 閘道端點。由於 API 地域限制,處理會在香港以外進行(通常為美國、日本或新加坡)。Cloudflare 可能會按其私隱政策記錄請求元資料(時間戳記、IP 位址)。
Anthropic(Claude API)(Anthropic, PBC,美國)— 處理你的財務資料以生成分析結果。作為 API 付費用戶,你的資料不會被用於訓練模型,詳見 Anthropic 私隱政策。
AI 回覆會在你的裝置上暫存最多 24 小時,之後自動刪除。你的 IP 位址會由 Cloudflare 用於速率限制,不會在請求結束後儲存。
如果你啟用「自動擷取付款」功能,應用程式會使用 Android 的通知監聽服務讀取支援的應用程式(八達通、Google Pay、PayMe、滙豐、中銀香港)的付款通知。
如果你使用設定中的「回報問題」功能,以下資料會傳送到我們的 Cloudflare Worker 以供除錯:
此資料儲存在 Cloudflare KV 中供支援用途,保留最多 30 天,之後自動刪除。錯誤報告中不包含任何財務資料(交易、餘額、帳戶)。
如果你啟用伴侶模式,所選交易會透過 Cloudflare Workers 與你的伴侶同步。你可以選擇分享所有交易或只分享拆帳項目。
在合作關係有效期間,以下資料會儲存在我們的 Cloudflare 資料庫中:
任何一方斷開連接時,此資料會被刪除。未送達的交易會在 24 小時後清除。非活躍裝置會在 30 天後清除。
我們使用 Firebase Analytics(由 Google LLC 營運,美國)了解應用程式使用模式。Firebase 會收集:
Firebase 不會收到你的財務資料。我們不會將分析資料用於廣告或用戶分析。詳見 Firebase 私隱文件。
我們使用 Firebase Cloud Messaging(FCM) 傳送推送通知(例如伴侶同步提醒)。當你授予通知權限時,Firebase 會生成一個裝置令牌並發送到 Google 的伺服器以將通知傳送到你的裝置。此令牌不包含個人或財務資訊。你可以隨時在裝置設定中停用推送通知。
當你使用傳送資料的可選功能時,你的資訊可能在香港以外處理:
這些傳輸是為了提供你已選擇啟用的服務而必要的。我們的服務提供者對跨境資料處理維持適當的安全保障。
下表列出使用可選功能時可能處理你資料的所有第三方服務:
| 服務 | 提供者 | 用途 | 處理的資料 | 私隱政策 |
|---|---|---|---|---|
| Cloudflare Workers 及 AI Gateway | Cloudflare, Inc.(美國) | AI 請求路由、伴侶模式同步、回報問題 | 財務快照、錯誤報告、IP 位址、請求元資料 | 連結 |
| Claude API | Anthropic, PBC(美國) | AI 財務分析 | 財務快照(分組餘額、交易) | 連結 |
| Firebase Analytics | Google LLC(美國) | 應用程式使用分析 | 互動事件、裝置資訊、應用程式實例 ID | 連結 |
| Firebase Cloud Messaging | Google LLC(美國) | 推送通知 | 裝置令牌(FCM 令牌) | 連結 |
除上述列出的服務外,我們不使用任何廣告網絡、社交媒體 SDK 或其他第三方追蹤服務。
Ching 是原生流動應用程式,不使用 cookies。所有應用程式偏好設定均使用標準的 Android/iOS 儲存機制(SharedPreferences / UserDefaults)儲存在你的裝置上。本私隱政策頁面本身亦不設置任何 cookies 或使用任何追蹤腳本。
AI 顧問根據你的財務資料提供自動分析和建議。這些僅供參考,不構成財務建議。我們不會對你作出具有法律效力或類似重大影響的自動化決定。
根據香港《個人資料(私隱)條例》(第 486 章)及適用的資料保護法律,你有權:
如需行使上述權利,請聯絡 chingsupport@iloveworking.dev。我們會按香港法律規定在 40 天內回覆。
如你認為你的資料私隱權利受到侵犯,可向個人資料私隱專員公署(PCPD)投訴。
Ching 不面向 13 歲以下的兒童。我們不會故意收集兒童的個人資料。如你認為有兒童向我們提供了個人資料,請聯絡我們,我們會予以刪除。
我們透過以下方式保護你的資料:本地優先架構(資料預設留在你的裝置上)、加密的 API 密鑰儲存(Flutter Secure Storage)、所有伺服器通訊均採用 HTTPS 加密連接,以及伺服器端點的 API 密鑰驗證。
本政策可能會因應我們的做法變化或法律要求而更新。我們建議你定期查閱本頁面。頁首的「最後更新」日期標示政策的最近修訂時間。在更新後繼續使用應用程式即表示接受更新後的政策。
如有問題、資料查閱請求、刪除請求或其他疑慮:
電郵: chingsupport@iloveworking.dev
如為根據《個人資料(私隱)條例》(第 486 章)提出的正式資料查閱或更正要求,我們會按法律規定在 40 天內回覆。
如本政策的中文版本與英文版本有任何不一致之處,概以英文版本為準。