Privacy Policy

FINORAL Privacy Policy

Effective Date: May 1, 2026 | Last Updated: May 1, 2026

Finoral ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data. This policy applies to our mobile application available on iOS and Android.

1. Information We Collect

1.1 Information You Provide

  • Account Information — when you sign in with Google, Facebook, or Apple, we receive your name, email address, and profile photo from the identity provider
  • Financial Data — expenses, incomes, savings goals, categories, and notes you enter in the app. This data is stored locally on your device.
  • Profile Photos & Receipts — photos you attach to transactions are stored locally on your device

1.2 Information Collected Automatically

  • Usage Data — anonymous app usage patterns to improve the product
  • Device Information — device type, operating system version, and app version for compatibility and crash reporting
  • Purchase Information — subscription and purchase receipts verified through Apple App Store and Google Play (we do not store full payment details)
  • Advertising Data — if you use the free tier, Google AdMob may collect advertising identifiers and usage data as described in Google’s Privacy Policy

1.3 Information We Do Not Collect

  • We do NOT collect or store your financial transaction data on our servers
  • We do NOT sell your personal data to third parties
  • We do NOT use your financial data for advertising targeting

2. How We Use Your Information

2.1 Core Service

  • To authenticate your identity and maintain your account
  • To synchronize your subscription status across devices
  • To process in-app purchases and verify subscription entitlements
  • To deliver AI-powered analysis (requests are processed and not stored after response)

2.2 Service Improvement

  • To monitor app performance, diagnose crashes, and fix bugs
  • To understand usage patterns and improve the user experience
  • To send important service announcements (not marketing without consent)

2.3 Anti-Abuse

To prevent fraud and abuse, we retain an anonymized hash of your email address for up to 3 months after account deletion. This data cannot be used to identify you and is solely used to prevent re-registration abuse.

3. Data Storage & Security

3.1 On-Device Storage

All your financial data (transactions, goals, categories, notes) is stored locally on your device using encrypted local storage. We cannot access this data, and it is not transmitted to our servers during normal operation.

3.2 Cloud Storage

The following limited data is stored in our Firebase cloud infrastructure:

  • Your authentication identity (name, email, provider ID)
  • Your subscription plan and status
  • App usage metadata (not financial data)

3.3 Security Measures

  • All communications between the app and our servers use TLS/HTTPS encryption
  • Backup files are AES-256 encrypted with your personal password
  • We use Firebase Authentication, a production-grade authentication service
  • Access to backend infrastructure is restricted and monitored

4. Third-Party Services

Finoral integrates with the following third-party services. Each has their own privacy policy:

Google Firebase / Firebase Auth

Used for authentication and data storage. Privacy policy: policies.google.com/privacy

Google Sign-In

Used for account login. Privacy policy: policies.google.com/privacy

Facebook Login

Optional login method. Privacy policy: facebook.com/privacy/policy

Sign in with Apple

Optional login method for iOS users. Privacy policy: apple.com/legal/privacy

Google AdMob

Used for advertising on the free tier. May collect advertising identifiers. Privacy policy: policies.google.com/privacy

Google Gemini API

Used to power AI financial analysis. Requests are processed transiently and not stored. Privacy policy: ai.google.dev/terms

Apple App Store / Google Play

Used to process in-app purchases and subscriptions.

5. Your Rights & Choices

5.1 Access & Correction

You can view and update your account information within the app under Profile > Settings.

5.2 Data Export

You can export all your financial data at any time using the Backup feature (Settings > Backup & Restore). Backups are encrypted and stored locally.

5.3 Account Deletion

You can delete your account at any time from Settings > Account > Delete Account. Deletion will:

  • Remove your authentication account
  • Delete your cloud-stored data (subscription info, profile)
  • Clear all locally stored data on the device
  • The anonymized email hash described in Section 2.3 is retained for up to 3 months for anti-abuse purposes

5.4 Advertising Opt-Out

Free-tier users can opt out of personalized advertising through your device settings (iOS: Settings > Privacy > Tracking; Android: Settings > Google > Ads).

5.5 GDPR Rights (EU Users)

If you are located in the European Economic Area, you have additional rights under GDPR including the right to access, rectify, erase, restrict processing, and data portability. Contact us at the email below to exercise these rights.

6. Children’s Privacy

Finoral is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. Continued use of Finoral after changes constitutes acceptance of the updated policy.

8. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: support@frejaluck.com

Website: https://frejaluck.com/terms