Privacy Policy

1. What We Collect

1.1 Information Stored on Your Device Only

The following data is stored on your device, encrypted using AES-256 encryption via SQLCipher. We do not have access to this data:

• Financial transactions (amounts, descriptions, categories, dates)
• Account information (balances, account names, account types)
• Budget configurations and spending data
• Savings goals and contributions
• Investment holdings and portfolio data
• Subscription and recurring bill tracking
• Lending and borrowing records

1.2 Information We Collect

Firebase Analytics (anonymous usage data):

• Which screens you visit (screen view counts)
• Which features you use (e.g., number of transactions added, budgets created)
• An anonymous identifier (not linked to your identity)
• General device information: country, currency preference, theme mode
• App version, device model, and operating system version

Firebase Crashlytics (crash reports):

• Technical stack traces when the app crashes
• Device model, operating system version, and app version
• No personal data or financial data is included

Firebase Authentication:

• Email address (for account creation and login)
• Authentication tokens (encrypted)
• Google account identifier (if you sign in with Google)

1.3 Information We Do NOT Collect

• Transaction amounts, descriptions, or categories
• Account balances or account names
• Investment holdings, values, or portfolio performance
• Personal financial information of any kind
• Contacts, photos, or other device data not required for App functionality

2. How We Use Data

We use anonymous analytics data to:

• Understand which features are most popular and which need improvement
• Identify areas of the App where users experience difficulty
• Prioritize development of new features based on usage patterns
• Monitor App stability and performance

We use crash reports to:

• Identify and fix bugs that cause the App to crash
• Improve App stability across different devices and operating system versions
• Prioritize bug fixes based on frequency and severity

What We Do NOT Use Data For

• We do not currently use your data for advertising or ad targeting
• We do not currently build user profiles for marketing purposes
• We have never sold, rented, or traded your data to any third party
• We do not use your data for credit decisions, insurance underwriting, or employment screening
• We do not use analytics data to identify individual users or their financial behavior
• If any of these practices change in the future, we will update this Privacy Policy and require your renewed consent before any new processing begins

3. Third-Party Services

The App uses the following third-party services:

All third-party services are subject to their respective privacy policies and data processing agreements. We select services that maintain industry-standard security practices and do not use your data for their own advertising purposes.

4. Data Retention

• Financial data (on device): Until you delete it or uninstall the App. Stored and encrypted locally; not accessed by our servers under the current architecture.
• Firebase Analytics data: 14 months (Google's default retention, anonymized)
• Crashlytics crash logs: 90 days (automatically purged by Google)
• Authentication credentials: Until account deletion
• Consent records: 7 years after account deletion (legal compliance requirement)
• Preferences and settings: Until you delete them or uninstall the App (stored on device only)

5. Your Rights

Opt Out of Analytics

Delete Your Account

You can permanently delete your account and all associated data in Settings > About > Delete Account. This will permanently delete your Firebase Authentication account, all locally stored financial data, and all preferences and settings. Anonymized analytics data (which cannot identify you) and consent records (required for legal compliance) will be retained.

Request a Copy of Your Data

Your data resides locally on your device; we do not currently have access to it.

Correct Your Information

You can update your profile information directly in the App through Navigation Drawer > User Profile.

Withdraw Consent

You can withdraw your consent for analytics collection at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

Lodge a Complaint

If you believe your privacy rights have been violated, you may lodge a complaint with your local data protection authority.

6. AI Features

The App includes AI-powered features that run entirely on your device:

• Smart categorization: Suggests transaction categories based on description text
• Natural language entry: Parses text like "coffee at Starbucks $5" into transaction fields
• Merchant name cleanup: Simplifies complex merchant names
• Smart search: Interprets natural language search queries
• Bill detection: Identifies recurring transactions that may be subscriptions

These features process your data locally on your device. No financial data is sent to external servers for these features.

AI features are experimental and may produce inaccurate results. All AI suggestions can be reviewed and corrected by you before being applied. You should not rely solely on AI features for financial decisions.

You can enable or disable individual AI features in Settings > AI & Intelligence.

7. Future Features

As the App evolves, we may introduce new features that involve additional data processing. When such features are introduced:

• They will always require your explicit opt-in consent before any new data processing begins
• This Privacy Policy will be updated to describe the new data practices
• You will be notified of material changes through the App
• Material changes will require your renewed consent via clickwrap acceptance
• Core financial tracking functionality is designed to work without cloud features

8. International Data Transfers

Firebase services (Analytics, Crashlytics, Cloud Functions, Authentication) process data on servers located primarily in the United States. These transfers are governed by:

• Google's Data Processing Terms, including Standard Contractual Clauses (SCCs) for transfers from the UK/EEA
• Google's SOC 2 Type II and ISO 27001 certifications

By using the App, you acknowledge that anonymous analytics data and crash reports may be processed in the United States. Under the current architecture, personal financial data remains on your device and is not transferred internationally.

9. Children's Privacy

The App is not designed for or directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@aeramoney.com and we will take steps to delete such information.

10. Legal Basis for Processing

For users in jurisdictions that require a legal basis for data processing (including the UK and EEA):

• Anonymous analytics: Legitimate interests — understanding feature usage to improve the App, with minimal privacy impact due to anonymization
• Crash reporting: Legitimate interests — maintaining App stability and fixing bugs
• Authentication: Contract performance — required to provide the account-based service you requested
• Consent record keeping: Legal obligation — required to demonstrate compliance with data protection laws
• On-device data encryption: Contract performance — core App functionality you requested

You may object to processing based on legitimate interests at any time by opting out of analytics or by contacting us.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, new features, or legal requirements.

For material changes (changes to what data we collect, how we use it, or who we share it with), we will notify you through the App and require your renewed consent via clickwrap acceptance before the changes take effect.

For non-material changes (clarifications, formatting, updated contact information), we will update this policy and note the "Last Updated" date.

Previous versions of this policy will be available upon request.

12. Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: support@aeramoney.com

Rosentide Inc.
Quebec, Canada