Privacy Policy

1. Information We Collect

1.1 Personal Information

When you create an account, we collect:

• Email address
• Password (stored in hashed form)

If you choose to sign in using third-party authentication providers, we collect:

• Google account identifier (if using Google Sign-In)
• Apple account identifier (if using Apple Sign-In)
• Microsoft account identifier (if using Microsoft Sign-In)

1.2 Financial Data

To provide our core services, we collect and store:

• Wallet information (names, balances, currencies, icons)
• Transaction records (amounts, descriptions, dates, categories, exchange rates)
• Custom categories for income and expenses
• Financial goals (names, target amounts, date ranges)
• Currency preferences

1.3 Device and Technical Information

We automatically collect:

• Device name (for managing multiple device sessions)
• Device type (phone, tablet, or desktop)
• Operating system name and version
• IP address (collected during authentication and session creation)
• Approximate geolocation derived from your IP address (country, city)
• App version information
• Error logs (error messages, stack traces, timestamps) for troubleshooting
• File timestamps for synchronization purposes

1.4 Subscription and Payment Information

When you subscribe to premium features, we collect:

• Subscription status and tier
• Payment platform (App Store, Google Play, Microsoft Store, or Stripe)
• Transaction and product identifiers
• Purchase and expiration dates
• Auto-renewal and trial status

1.5 Feedback and Support Data

When you submit feedback or support requests:

• Feedback topic and description
• Communication history with our support team

2. How We Use Your Information

We use the collected information to:

• Provide and maintain the App's functionality
• Create and manage your user account
• Synchronize your financial data across devices
• Process subscriptions and payments
• Send account verification and password reset emails
• Respond to your feedback and support requests
• Improve our App through error analysis and debugging
• Provide real-time currency and cryptocurrency exchange rates
• Ensure the security and integrity of our services

3. Data Storage and Synchronization

3.1 Cloud Storage

Your data is stored securely on Microsoft Azure cloud servers. This includes:

• Account information
• All financial data (wallets, transactions, goals, categories)
• Subscription information
• Error logs and feedback

3.2 Local Storage

The App also stores data locally on your device using SQLite database for:

• Offline access to your financial data
• Caching for improved performance
• Synchronization with cloud servers

3.3 Data Synchronization

When synchronization is enabled, the App synchronizes data between your device and our cloud servers when you open the App, when you manually request a sync, or when new data is created. Synchronization is optional and can be enabled or disabled in the App settings.

4. Third-Party Services

We use the following third-party services:

4.1 Authentication Providers

• Google Sign-In
• Apple Sign-In
• Microsoft Sign-In

These services may collect information in accordance with their own privacy policies.

4.2 Payment Processors

• Apple App Store (for iOS purchases)
• Google Play Store (for Android purchases)
• Microsoft Store (for Windows purchases)
• Stripe (for web payments)
• RevenueCat (subscription management)

4.3 Financial Data Providers

• FXRatesAPI (currency exchange rates)
• CoinMarketCap (cryptocurrency prices)

4.4 Communication Services

• Gmail SMTP (for sending verification and password reset emails)

4.5 Geolocation Services

• IpInfo.io (for deriving approximate location from your IP address during session creation)

We encourage you to review the privacy policies of these third-party services.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• AES-256-GCM encryption for all financial data (wallets, transactions, categories, goals) — data is encrypted on your device before being transmitted and stored on our servers
• Password hashing using industry-standard algorithms
• Secure JWT-based authentication with device-specific refresh tokens
• HTTPS/TLS encryption for all data transmission
• Secure cloud infrastructure (Microsoft Azure)
• Regular security updates and monitoring

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We may also retain and use your information to:

• Comply with legal obligations
• Resolve disputes
• Enforce our agreements

If you delete your account, we will delete or anonymize your personal data within a reasonable timeframe, except where retention is required by law.

7. Your Rights

Depending on your location, you may have the following rights:

7.1 Access

You can request a copy of the personal data we hold about you.

7.2 Correction

You can request that we correct any inaccurate or incomplete data.

7.3 Deletion

You can request that we delete your personal data, subject to certain legal exceptions. You can also reset your financial data (wallets, transactions, categories, goals) without deleting your account through the App settings.

7.4 Session Management

You can view all active sessions (devices logged into your account) and remotely disconnect any device through the App settings.

7.5 Data Portability

You can request your data in a portable format.

7.6 Withdraw Consent

Where we rely on consent, you can withdraw it at any time.

7.7 Account Unlinking

You can unlink third-party authentication providers (Google, Apple, Microsoft) from your account through the App settings.

To exercise any of these rights, please contact us at the email address provided below.

8. Children's Privacy

Our App is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the App, you consent to the transfer of your information to these countries.

We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date at the top of this policy

We encourage you to review this Privacy Policy periodically for any changes.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising your privacy rights

We do not sell your personal information to third parties.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object

Our legal bases for processing your data include:

• Performance of a contract (providing App services)
• Legitimate interests (improving our services, security)
• Consent (where specifically requested)
• Legal obligations (compliance with applicable laws)

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: wealthtrack.app@gmail.com

We will respond to your inquiry within a reasonable timeframe.