Local-First Privacy

Your Data, Your Device

Credit Card Co-Pilot is built on a Local-First philosophy. We believe your financial history—every transaction, reward point, and spending habit—should remain under your control. By utilizing a high-performance local SQLite database, the application ensures that sensitive data is stored directly on your device rather than on a remote server.

Privacy by Design

In an era of data breaches, Co-Pilot minimizes your digital footprint. The system processes financial signals (like SMS or Gmail alerts) and converts them into actionable insights entirely within your local environment.

• Zero-Cloud Dependency for Core Data: Your card details, transaction history, and milestone progress are stored in a local SQLite instance.
• On-Device Ingestion: The logic that parses raw transaction data into categorized rewards happens locally. Your raw financial logs never need to leave your device for processing.
• Selective Sync: While we use Google Auth for identity, your financial "source of truth" remains on your hardware.

High-Performance Offline Access

Because the application doesn't rely on constant API calls to a central server to fetch your wallet or transaction history, the user experience is instantaneous.

• Instant Recommendations: Find the best card for a merchant in milliseconds, even in basements or stores with poor cellular reception.
• Zero Latency: View your milestone progress and transaction summaries without waiting for "loading" spinners.
• Reliability: Your co-pilot works during flight mode, in remote areas, or during server outages.

Transparent Data Ingestion

Co-Pilot gives you full visibility into what data is stored and how it’s interpreted. The Parser Review feature acts as a privacy gatekeeper, allowing you to audit, edit, or reject any data ingested from your messages.

The Ingestion Workflow

1. Local Scanning: The app scans local SMS or authorized Gmail headers for transaction patterns.
2. Schema Mapping: Data is mapped to a transparent local schema.
3. Human-in-the-loop Review: You can review "Ambiguous" or "Failed" parses to ensure accuracy and privacy.

// Example of how an ingestion event is stored locally
export interface IngestionEvent {
  id: number;
  source: 'gmail' | 'sms' | 'manual';
  parseStatus: 'parsed' | 'ambiguous' | 'failed';
  merchantLabel: string; // e.g., "Amazon"
  amount: number;       // e.g., 299.00
  channel: string;      // e.g., "online"
  rawPayload: object;   // The original snippet for your review
}

User-Controlled Storage

You are in the driver's seat of your data lifecycle. Within the application, you can:

• Review Parsed Events: Use the Parser Review screen to see exactly what the app has "learned" from your notifications.
• Correct Metadata: Manually adjust merchant categories or transaction channels if the local parser makes an assumption you disagree with.
• Data Portability: Because we use standard SQLite/Drizzle schemas, your data is organized and structured, not trapped in a proprietary black box.

By prioritizing local storage, Credit Card Co-Pilot solves the fundamental conflict between "personalized financial advice" and "data privacy." You get the best reward recommendations without ever compromising your financial anonymity.