Privacy Policy
Last updated: 10 June 2026 · Version 1.1
This Privacy Policy explains what personal data Monairo collects, why we collect it, the legal bases we rely on, who we share it with, and the rights you have. It covers both the EU/UK General Data Protection Regulation (GDPR) and US federal and state privacy laws (including the FTC Act, GLBA safeguarding principles, and the California CCPA/CPRA and similar state laws). Monairo handles financial data, so we apply the principles of data minimisation and purpose limitation throughout. Region-specific rights are in §11 (EU/UK) and §12 (US).
Contents
- Who we are (data controller)
- What data we collect
- Why we use it & our legal bases
- Where the data comes from
- Who we share it with
- International transfers
- How long we keep it
- How we protect it
- Automated processing & AI
- Your EU/UK (GDPR) rights
- Your US rights (CCPA/CPRA & state laws)
- EU vs US at a glance
- Cookies, SDKs & tracking
- Children (COPPA / GDPR age limits)
- Changes to this policy
- How to contact us
1. Who we are (data controller)
Monairo (“we”, “us”, “our”) is the data controller responsible for your personal data when you use the Monairo mobile app and the monairo.app website.
- Controller / business: Monairo [registered address to be added]
- General contact: jetlumajeti@gmail.com
- Privacy / data requests: jetlumajeti@gmail.com
If we are required to appoint a Data Protection Officer (DPO) or an EU/UK representative under Articles 27/37 GDPR, their contact details will be listed here.
2. What data we collect
| Category | Examples |
|---|---|
| Account & identity | User ID, email address (only if you link an account via magic link), display name, authentication state. |
| Financial / transaction data | Amounts (in integer minor units), currency, merchant, category, notes, account names, budgets, goals, and reconciliation status. |
| Bank connection data | The institution name and an encrypted bank access token used to sync transactions (held server-side only — see §8). |
| Voice & receipt input | Spoken expense phrases are transcribed on your device. If you enable the cloud parser, the short text utterance (not audio) is sent to our parsing service. Receipt photos are processed into line items. |
| Device notification data (Android, optional) | If you enable auto-capture, bank/wallet payment alerts are read on-device and only the parsed amount and merchant become a transaction. The notification content is never sent off your device. |
| Apple Pay / FinanceKit (iOS, optional) | With your permission, transaction summaries from Apple Card, Cash and Savings are imported into your ledger. |
| Purchase data | Subscription plan, product ID, and validation status from the App Store / Google Play. We never receive your card number. |
| Technical & diagnostic | App version, device type, and error logs needed to operate and debug the service. |
3. Why we use it & our legal bases
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Provide the core ledger, budgeting, sync and sharing features you ask for | Performance of a contract (Art. 6(1)(b)) |
| Connect your bank and reconcile transactions | Performance of a contract (Art. 6(1)(b)); your explicit action to connect |
| Read device notifications / Apple Pay for auto-capture | Consent (Art. 6(1)(a)) — you opt in and can switch it off anytime |
| Parse voice/receipt text with our AI service (if enabled) | Performance of a contract (Art. 6(1)(b)); on-device parsing needs no transfer |
| Validate purchases and manage subscriptions | Performance of a contract (Art. 6(1)(b)); legal obligation for tax/records (Art. 6(1)(c)) |
| Keep the service secure, prevent abuse and rate-limit | Legitimate interests (Art. 6(1)(f)) — running a safe service |
| Send essential service emails (e.g. magic-link sign-in) | Performance of a contract (Art. 6(1)(b)) |
| Optional product/marketing emails | Consent (Art. 6(1)(a)) — opt-in, with one-tap unsubscribe |
We do not use your financial transactions for advertising, and we do not sell your data.
4. Where the data comes from
Most data you provide directly by using the app (entering or speaking transactions, setting budgets, linking an account). We also receive data indirectly from:
- Your bank, via our open-banking providers (Plaid in the US; TrueLayer in the UK/EU), once you connect an account.
- Apple (FinanceKit) or your Android device’s notifications, if you enable auto-capture.
- The App Store / Google Play, when you purchase a subscription.
5. Who we share it with
We share personal data only with processors that help us run Monairo, under data processing agreements, and only as needed:
- Supabase — database, authentication and backend hosting.
- Plaid / TrueLayer — open-banking connectivity for transaction sync.
- AI parsing provider (e.g. Google or OpenAI) — only the short voice/receipt text, and only if you enable the cloud parser.
- Apple App Store / Google Play — subscription billing and receipt validation.
- Email delivery provider — to send sign-in and service emails.
We may also disclose data where required by law, or to protect our rights, users, or the security of the service.
6. International transfers
Some processors may process data outside the European Economic Area (EEA) or the UK. Where they do, we rely on appropriate safeguards under Articles 44–49 GDPR — typically the European Commission’s Standard Contractual Clauses (and the UK Addendum), or an adequacy decision. You can request a copy of the relevant safeguards using the contact details in §17.
7. How long we keep it
- Account & ledger data: kept while your account is active. Within the app, transactions are soft-deleted (kept as an auditable, suppressed record) rather than instantly erased, so your history stays consistent.
- Account deletion: when you request deletion, your account and personal data are removed on a scheduled basis (typically within 30 days), except where we must keep limited records to meet a legal obligation (e.g. tax/accounting for purchases).
- Bank tokens: retained only while a connection is active; removed when you disconnect.
- Diagnostic logs: kept for a short period needed to operate and secure the service.
8. How we protect it
- Bank access tokens are encrypted at rest on the server and are technically blocked from being read by the app; only server-side functions can use them to sync.
- Each household’s data is isolated by database row-level security, so one household can never read another’s.
- The app’s on-device cache is stored in an encrypted database, with the key held in the platform secure keystore/keychain and bound to the device.
- All traffic is encrypted in transit (HTTPS/TLS). Access to production systems is restricted and rate-limited.
9. Automated processing & AI
Monairo uses automated processing to categorise transactions, detect recurring payments, generate spending insights, and warn you before a purchase exceeds a budget. This helps you understand your spending; it does not produce legal or similarly significant decisions about you within the meaning of Article 22 GDPR, and you can always edit or override any suggestion. If you enable the cloud parser, a short text version of your voice/receipt input is processed by an AI provider solely to extract the amount, merchant and category.
11. Your EU/UK (GDPR) rights
If you are in the EU, EEA or UK, you have the right to:
- Access — get a copy of your personal data.
- Rectification — correct inaccurate or incomplete data.
- Erasure — delete your account and data (“right to be forgotten”), subject to legal-retention exceptions.
- Restriction — limit how we process your data in certain cases.
- Objection — object to processing based on legitimate interests.
- Portability — receive your data in a structured, machine-readable format (you can also export your ledger to CSV in the app).
- Withdraw consent — where we rely on consent (e.g. auto-capture, marketing), withdraw it anytime without affecting prior processing.
To exercise any right, email jetlumajeti@gmail.com. We respond within one month (GDPR Art. 12). You also have the right to lodge a complaint with your local supervisory authority (in the EU, your national Data Protection Authority; in the UK, the Information Commissioner’s Office, ico.org.uk).
12. Your US rights (CCPA/CPRA & state laws)
We act as a “business” under the California Consumer Privacy Act as amended by the CPRA, and we extend equivalent choices to residents of other US states with comprehensive privacy laws (e.g. Virginia, Colorado, Connecticut, Texas). Because we process transaction and account data, US law classifies it as Sensitive Personal Information (SPI) and, in CCPA terms, Category D – Commercial Information / financial data.
Notice at Collection
At or before sign-up we collect the categories listed in §2 (identifiers, financial/commercial information, and limited technical data) to provide and secure the expense-tracking service. We do not collect this data for advertising.
We do not “sell” or “share” your data
We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA. Because of this, no money changes hands for your data and there is nothing to opt out of for advertising — but you can still exercise the controls below.
Right to limit the use of Sensitive Personal Information
You may direct us to use your financial information only for the core purpose of tracking your expenses and running the service. We already operate this way by default: we never use your financial transactions to train advertising models or to target ads. The optional on-device/cloud AI parser is used solely to read an amount and merchant from text you submit, and only when you enable it.
Global Privacy Control (GPC)
Our website honors the Global Privacy Control browser signal as a valid opt-out of any data “sharing/selling.” Since we do not sell or share data, a GPC signal simply confirms our existing posture.
GLBA & FTC safeguarding
Although Monairo is an informational expense tracker and not a bank or lender, when you connect a bank account through our open-banking providers we treat the resulting nonpublic personal financial information consistently with the safeguarding principles behind the Gramm-Leach-Bliley Act (GLBA) and the FTC Act §5: we secure it (see §8), and our statements here about encryption and non-sale are accurate and not deceptive.
Your CCPA/CPRA rights
- Know / Access — what we collect, use and disclose.
- Delete — request deletion of your personal information.
- Correct — fix inaccurate personal information.
- Limit — restrict use of Sensitive Personal Information to the core service.
- Non-discrimination — we will not deny service or change pricing because you exercised a right.
To exercise any of these, email jetlumajeti@gmail.com or use the in-app “Delete account” and “Export CSV” controls. We respond within 45 days (extendable once where permitted). You may use an authorized agent where state law allows.
13. EU vs US at a glance
| Topic | EU / UK (GDPR) | US (CCPA/CPRA & state) |
|---|---|---|
| Data categorisation | Specific personal-data types, purpose-limited and minimised (§2–§3). | Statutory buckets — incl. CCPA Category D (Commercial/Financial Information), treated as SPI. |
| “Selling” / “Sharing” | No “sale” concept; we disclose sub-processors / third-party controllers (§5). | We do not sell or share for ads; GPC honored. No “Do Not Sell” needed because we don’t sell. |
| User-rights response time | Access, erasure, portability — within 30 days. | Know, delete, correct, limit — within 45 days. |
| Children | Consent age 13–16 depending on member state. | COPPA: no users under 13 without verified parental consent. |
14. Cookies, SDKs & tracking
The monairo.app website uses only cookies strictly necessary to serve the pages. The Monairo app contains no advertising or behavioral tracking SDKs — no ad identifiers, no third-party analytics trackers fire on launch. Because of this, the app does not show an Apple App Tracking Transparency (ATT) prompt, and there are no non-essential SDKs to consent to under the ePrivacy Directive. Features that send any data off-device (cloud AI parser, bank sync, Android notification capture, Apple Pay/FinanceKit import) are opt-in and off by default; the core tracker works fully without them. If we ever add analytics, we will gate it behind an explicit, granular consent banner (no pre-ticked boxes) before any such SDK initialises.
15. Children (COPPA / GDPR age limits)
Monairo is not directed at children. In the US, we do not knowingly collect personal information from children under 13 (COPPA); in the EU/UK, the applicable digital-consent age (13–16) varies by member state. If you believe a child has provided us data, contact us and we will delete it.
16. Changes to this policy
We keep this policy under review and post any updates here with a new “last updated” date. For material changes we will notify you in the app or by email.
17. How to contact us
Questions, requests, or complaints about privacy:
- Email: jetlumajeti@gmail.com
- Postal: [registered address to be added]
This document is a template tailored to Monairo’s data flows. Before publishing, fill the bracketed placeholders and have it reviewed by a qualified data-protection adviser for your jurisdiction. It does not constitute legal advice.