Last updated: June 2026
SpenGo is a personal expense tracker that stores all your financial data directly in your own Google Spreadsheet. We do not operate any servers, databases, or backend infrastructure that stores, processes, or transmits your personal or financial information.
This policy explains what Google user data SpenGo accesses, why, how it is used, and how you can delete it.
When you sign in with Google, SpenGo requests the following permissions:
| Scope | Data accessed | Why it is needed |
|---|---|---|
drive.file |
Only the Google Spreadsheet created by SpenGo — not your entire Drive | To create, read, write, and delete expense records in the SpenGo spreadsheet. Access is limited exclusively to files created by this application. |
drive.metadata.readonly |
File names, IDs, and permission metadata visible to you in Google Drive — no file contents | To search Drive for an existing SpenGo spreadsheet by name (so we don't create a duplicate on every sign-in), and to read the sharing permissions of that spreadsheet so the app can show who has access. |
spreadsheets |
The content (rows and cells) of any Google Spreadsheet you have been given access to | Required when another user shares their SpenGo spreadsheet with you. The drive.file scope only covers files this app itself created; spreadsheets allows reading and writing a spreadsheet created by someone else's account. |
userinfo.profile |
Your display name and profile photo | To show your name and avatar inside the app |
userinfo.email |
Your Google account email address | To pre-select the correct account on subsequent sign-ins, avoiding the account picker popup |
SpenGo requests only the minimum scopes necessary to provide its functionality. drive.metadata.readonly and spreadsheets are classified as sensitive scopes by Google — they are not restricted scopes, and they do not grant access to any Google service beyond Drive file metadata and Sheets data. We do not request access to Gmail, Calendar, Contacts, or any other Google service.
Data obtained via Google APIs is used solely to provide SpenGo's expense tracking functionality:
Your email address is stored locally in your browser solely to avoid the Google account-picker popup when you reload the app. It is not transmitted to any server, used for communication, or shared with any third party.
SpenGo does not use Google user data to train AI or machine learning models, for advertising, or for any purpose beyond what is described in this policy. This complies with the Google API Services User Data Policy Limited Use requirements.
SpenGo allows the owner of a SpenGo spreadsheet to share it with one other Google account. This is an optional feature and is never enabled by default.
When you use the Share feature:
| Action | What happens |
|---|---|
| You share with another person | SpenGo calls the Google Drive Permissions API to grant the specified Google account writer access to your SpenGo spreadsheet. Google sends a notification email to that person on your behalf. |
| The other person signs into SpenGo | SpenGo finds and loads your shared spreadsheet using the drive.metadata.readonly and spreadsheets scopes. They can read and edit all expense records in that file. |
| You revoke access | SpenGo calls the Drive Permissions API to remove the permission. The other person immediately loses access to the spreadsheet. |
Sharing is strictly between Google accounts. SpenGo does not store the shared person's email on any server — it is only persisted in your browser's localStorage as a display cache and is cleared on sign-out.
SpenGo does not share your Google user data with any third parties. There are no analytics services, advertising networks, data brokers, or external APIs involved in processing your data.
All communication happens directly between your browser and Google's APIs (Sheets API, Drive API, People API, Google Identity Services). No intermediate server or proxy is involved.
Google Drive: Your expense records are stored exclusively in a Google Spreadsheet in your personal Google Drive account. This file is protected by Google's own security infrastructure and your Google account credentials.
Browser localStorage: SpenGo caches the following data locally in your browser to enable offline viewing and faster load times:
| Key | Contents | Purpose |
|---|---|---|
spengo_sheet_id |
Your spreadsheet ID | Restore session without searching Drive on every load |
spengo_expenses |
A copy of your recent expenses | Show cached data instantly while fresh data loads |
google_login_hint |
Your Google account email | Skip the account picker on silent token refresh |
spengo_numeric_sheet_id |
Internal Google sheet identifier | Optimise delete operations (avoids an extra API call) |
spengo_shared_users |
Email, display name, and Drive permission ID of the person you have shared with (if any) | Display the shared-user list instantly without an extra Drive API call on every modal open. Cleared on sign-out. |
spengo_sheet_owner |
Email address of the spreadsheet owner | Allows the app to show the correct owner/guest state in the profile screen without an extra API call. Cleared on sign-out. |
Browser sessionStorage: Your OAuth access token and its expiry timestamp are stored in sessionStorage for the duration of your browser session. This data is automatically cleared when the tab or browser is closed.
None of this data ever leaves your device. SpenGo has no backend server that receives, stores, or can access it.
Your expense data is retained in your Google Drive for as long as the spreadsheet exists. SpenGo never automatically deletes your data.
To delete all your data, you have two options:
Your spreadsheet can be found in Google Drive under the name SpenGo. Deleting it there permanently removes all your expense records. Browser-cached data can be cleared separately via your browser's site data settings.
To revoke SpenGo's access to your Google account, visit myaccount.google.com/permissions and remove SpenGo. This immediately prevents the app from reading or modifying any files. Your existing spreadsheet remains in your Drive unless you delete it manually.
Browser localStorage is cleared automatically when you sign out of SpenGo. You can also clear it at any time via your browser's site data settings.
Sign-in is handled entirely by Google OAuth 2.0 via the Google Identity Services (GIS) library. SpenGo never sees, requests, stores, or transmits your Google password.
OAuth access tokens are managed by the browser session. They expire automatically (typically after 1 hour) and are refreshed silently using the GIS library when you are still signed into Google.
SpenGo's use of Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
Data obtained through Google APIs is used only to provide and improve the expense tracking features described in this policy. It is not transferred to other parties except as necessary to provide those features (i.e., direct API calls to Google's own services).
If we make material changes to this Privacy Policy, we will update the "Last updated" date at the top of this page. Continued use of SpenGo after changes are posted constitutes your acceptance of the revised policy.
If you have questions about this Privacy Policy or wish to request deletion of your data, please reach out via the project repository or open an issue on GitHub.