Offline & privacy

Your cards never leave your phone
No account, no login, no personal profile. Your wallet and preferences live only on this device, and you can delete them any time.

Effective July 17, 2026. Operated by an independent developer based in Canada, who is the person accountable for how Verdict handles your data.

Your name or email, no account exists
Location or GPS
Purchase or search history
Card numbers or bank logins
Your wallet stays on your device
Your cards, their rates, and your preferences are saved on this device only. An optional backup is end-to-end encrypted, so only your recovery code can open it.
A merchant name you look up
Sent to our classifier (through Google) to sort a brand-new store into a category. Only the store name goes, never your cards. It is cached under a one-way hash, so the exact text you typed is not stored.
Automatic
Anonymous usage counts
A bare tally of a few app events, like a verdict being shown. The count carries no name, no account, and no history.
Automatic
Page and speed analytics
Vercel measures page loads and speed. We strip the search text out of the address first, so what you looked up never travels with it.
Automatic
An encrypted backup
If you turn on backup, a copy of your wallet is locked with your recovery code before it leaves the device, so we only ever hold a blob we cannot read.
Optional
A correction you send
If you send a correction, it includes the item you flagged and the fix you propose, plus a one-way hash of your IP address, used only to count how many people flagged the same thing. Never a raw address, never tied to you.
Optional
A card request
If you ask us to add a card, it sends the name, issuer, and link you type.
Optional

Verdict runs on Vercel (hosting, plus the page and speed analytics above), uses Upstash Redis for storage, and uses Google's Gemini to categorize merchants. The same storage holds the encrypted backups, which only your device can open, alongside the operational data above: the merchant cache, corrections, card requests, and usage counts. Only the backup is end-to-end encrypted. The rest is operational data kept in plain form, keyed by hashes rather than by you. Vercel, Upstash, and Google are US companies, so the limited server data above is processed and stored in the United States, where it can be subject to US law, including lawful access requests by US authorities. To block abuse, requests to our API are briefly rate-limited by your IP address, a short-lived limit that expires within about a minute and is not stored with the data above, and a correction also keeps a one-way hash of your IP so duplicate reports can be counted. Neither ties a report back to you.

On-device data stays until you clear it or uninstall. An encrypted backup stays until you overwrite or delete it. The shared merchant cache expires on its own, in about 90 days. Corrections you send are kept while we work through the review queue, including the one-way IP hash used only to count duplicate reports. Card requests are kept until the card is added or the request is closed. Because there are no accounts, there is no per-person record on the server to look up.

You can ask what limited data we may hold that relates to you, ask us to correct it, or ask us to delete it. Since we keep no accounts, most data cannot be tied to a person, so there may be nothing to retrieve, but we will respond to any request at the email below. Questions, or want something removed? Email tapverdictadmin@gmail.com. If this policy changes, the new version and its effective date appear here.

No tracking cookies, no ad networks, and nothing you do here is sold to anyone. Verdict is meant for adults managing their own credit cards and is not directed at children. Verdict is not financial advice.