search

hand-wavePrivacy Policy

Effective Date: August 1, 2025 Last Updated: August 1, 2025

Welcome to Spendington – Expense & Budget Tracker App (“Spendington”, “we”, “our”, or “us”). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our mobile and web applications (collectively, the “Services”).

By using Spendington, you agree to the practices described below. If you do not agree, please do not use the Services.

hashtag
1. Scope of This Policy

This policy applies to personal and financial data collected through the Spendington mobile app, web interface, and related tools and services. We may update this policy periodically. Significant changes will be communicated via email or in-app notifications.

hashtag
2. Data We Collect

We collect the following categories of data to deliver our services effectively:

hashtag
A. Account & Authentication Information

  • Full name

  • Email address

  • Password (hashed and salted)

  • Email confirmation status

  • Password reset requests (rate-limited to 1 per minute)

  • Login/logout timestamps

hashtag
B. Financial & Transaction Data

  • Expense entries: name, unit, price, currency, type (credit/debit), date and time, notes, party involved, location, category, and subcategory

  • Income entries: source, type (active/passive), amount, date, category, and subcategory

  • Attachments (for premium users): Uploaded receipts or supporting files via Firebase Storage

hashtag
C. Location & Device Data

  • Location (longitude and latitude if enabled for labeling expenses)

  • Device ID, OS version, app version

  • IP address and session data

hashtag
D. Usage Analytics

  • Time spent in app, feature usage

  • Real-time dashboard interactions

  • Crashes, errors, and diagnostic logs

hashtag
E. Payment & Subscription Data

  • In-app purchases via Apple Pay, Google Pay, Paystack

  • Subscription status and timestamps

  • Payment platform data (via respective provider)

  • Fraud detection metadata (device fingerprinting, secure session identifiers)

hashtag
3. How We Use Your Data

We use your data to:

  • Authenticate and manage your account

  • Track, categorize, and display your expenses and income

  • Power the real-time dashboard (e.g., income vs. expense pie chart)

  • Provide attachments and labeling for advanced users

  • Deliver customer support via WhatsApp and email

  • Process payments and manage subscription services

  • Enhance app functionality and detect fraud

  • Improve the app through crash reports and usage metrics

  • Send promotional content or financial tips if you opt in

We do not sell your data.

hashtag
4. Data Sharing & Disclosure

We share your data only with trusted partners and under these conditions:

  • Cloud Services: Firebase (authentication, database, hosting, storage)

  • Analytics & Crash Reporting: Google Analytics, Firebase Crashlytics

  • Payment Platforms: Apple Pay, Google Pay, Paystack

  • Bank Aggregators: (e.g., Plaid, TrueLayer — if integrated)

  • Legal Requirements: In response to valid legal requests or applicable laws

We do not share or sell your financial data to advertisers. All third-party services are vetted to ensure compliance with applicable data protection laws.

hashtag
5. Third‑Party Integrations

We integrate with trusted third parties for added functionality:

  • Firebase (Google): Hosting, authentication, database, storage

  • Payment Providers: Apple Pay, Google Pay, Paystack

  • Customer Support: WhatsApp, Gmail

  • (Optional) Bank Aggregation: Future integration with platforms like Plaid or TrueLayer

Please review the respective privacy policies of these third parties when enabling features.

hashtag
6. Cookies & Tracking Technologies

We use:

  • Local storage and cookies: To manage user sessions and app preferences

  • SDKs and tracking pixels: For analytics, crash detection, and app performance

Mobile devices may limit or block certain tracking technologies via device settings. You can also manage preferences directly within the app under Settings > Privacy (currently no tracking pixels).

hashtag
7. Legal Bases for Processing (GDPR/UK GDPR)

For users in the European Economic Area (EEA) or United Kingdom (UK), we rely on:

  • Contractual Necessity: To deliver core functionality

  • Consent: For marketing and location-based features

  • Legitimate Interests: For improving services and fraud prevention

  • Legal Obligation: To meet tax, audit, and compliance requirements

hashtag
8. Data Retention

We retain your data based on usage status:

  • Active Accounts: As long as the account remains active

  • Inactive Accounts: Deleted after 24 months of inactivity

  • Closed Accounts: Deleted within 30 days of confirmed deletion request

  • Legal Obligations: Retained where required by law

hashtag
9. International Transfers

Spendington is operated from the United States and Turkey, and your data may be processed or stored in other jurisdictions. For international transfers, we implement safeguards such as:

  • Standard Contractual Clauses (SCCs)

  • Encryption and access controls

  • Data processing agreements

hashtag
10. Your Rights and Choices

Depending on your jurisdiction, you may:

  • Access your personal information

  • Correct incorrect or outdated data

  • Delete your data (“Right to be Forgotten”)

  • Restrict or object to specific processing

  • Export your data:

    You can request a copy of your financial data in CSV or JSON format by emailing us at spendington1@gmail.com

  • Withdraw consent for location or marketing

  • Opt out of applicable data sharing under CCPA

To exercise any of the above rights, contact us at spendington1@gmail.com.

hashtag
11. Children’s Privacy

Spendington is not intended for users under 16 years old. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us so we can delete it promptly.

hashtag
12. Security Measures

We take the following steps to protect your data:

  • TLS Encryption: For data in transit

  • Encryption at Rest: For stored data in Firebase

  • Role-Based Access: Only authorized personnel have access

  • Rate Limiting: To prevent brute-force login attempts

  • Breach Notification:

    We will notify affected users and regulators within 72 hours of becoming aware of a breach involving personal data.

hashtag
13. Contact Us

For questions, support requests, or privacy-related concerns:

📧 Email: spendington1@gmail.com 📱 WhatsApp: Accessible via the in-app support page

hashtag
14. EU/UK Representative

(Required under GDPR Article 27 for companies offering services in the EU/UK)

Data Protection Contact – Spendington [Insert Representative Name or Company] [Insert Address in EU/UK] 📧 spendington1@gmail.com

hashtag
15. Complaints

If you're an EU/UK user and believe your data rights have been violated, you may file a complaint with your local Data Protection Authority (DPA) or the UK Information Commissioner’s Office (ICO).

Thank you for using Spendington to Track, Control & Achieve Your Financial Goals.

Last updated