Privacy Policy

1. Information We Collect

We collect information needed to operate accounts, secure access, provide subscriptions, and support the service.

• Account information: email address, optional display name, account ID, account status, subscription tier, account creation date, last login time, and credit balance.
• Authentication and security information: public keys, optional device fingerprint, session records, token or session IDs, login challenges, key rotation records, device transfer records, IP address, user agent, and account deletion request records.
• Usage and technical information: app version, device or browser information, interaction data needed to operate and improve the service, diagnostics, and service logs.
• Billing and subscription information: subscription plan, subscription status, billing period dates, Stripe customer, subscription, session, and invoice identifiers, credit order records, payment reference codes, consent records, and payment event audit logs.
• Support and consent information: messages you send us, accepted consent versions, checkbox confirmations, date and time of acceptance, IP address, user agent, and the version of terms or consent text accepted.

Payment card details are processed by the relevant payment provider, such as Stripe or an app store payment provider. We do not store full payment card numbers.

The app may also store information locally on your device, such as your signing key, email address, known-account marker, session token, and theme or app preferences. Your private signing key is intended to remain on your device and is not sent to our servers.

2. How We Use Information

We use information to create and manage your account, authenticate users, protect sessions, provide and improve the app, manage subscriptions, billing, credits, invoices, and payment-related consent, send service-related messages, respond to support requests, prevent abuse or unauthorized access, comply with legal obligations, and enforce our terms.

We do not use your personal data for third-party advertising.

3. Sharing of Information

We do not sell your personal data.

We may share information with service providers that help us operate the service, including Stripe, Inc. for subscription processing, hosted checkout, customer portal, invoices, and payment event handling; email delivery providers for service emails; hosting, database, infrastructure, and monitoring providers; and Apple, Google, or other app store providers where relevant.

Stripe's Privacy Policy is available at https://stripe.com/privacy.

We may also disclose information when required by law, to respond to lawful requests, to enforce our terms, to investigate misuse, or to protect our rights, users, and systems.

4. Data Storage and Security

Your server-side app data is stored on our self-hosted LibSQL servers, which are accessible only through our private VPN. We use reasonable technical and organisational safeguards, including access controls and encrypted transport where applicable.

No security method is perfect. We work to protect your information, but we cannot guarantee absolute security.

5. Retention and Deletion

We keep account information while your account is active or as needed to provide the service. We may retain billing, consent, security, deletion-request, audit, tax, accounting, fraud-prevention, and compliance records for as long as necessary for those purposes.

You may request account deletion from the Profile section of the account dashboard or by contacting us at the email below. If you have an active subscription, you may need to cancel or manage it through the relevant billing provider before deletion can be completed.

When an account deletion request is approved, we delete account data that is no longer needed to provide the service or meet legal, security, billing, compliance, or audit obligations. Some records, such as payment event logs or deletion request audit records, may be retained where necessary.

6. Your Choices and Rights

You can request to access, correct, or delete your personal data by using the app where available or by contacting us.

You can cancel a subscription through the app, Stripe Billing Portal, the relevant app store subscription settings, or by contacting us, depending on where you subscribed.

Depending on your location, you may have additional privacy rights, including the right to object to or restrict certain processing, request a copy of your data, or lodge a complaint with a privacy authority.

7. Children's Privacy

The app is not directed at children under 13 years of age, and we do not knowingly collect personal data from children under 13.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the effective date and notify users of material changes where required.

9. Contact

If you have questions or requests about this Privacy Policy, contact:

Developer: Jian Zhou
Email: Jian.Zhou@gmx.com
App: Gua Finance / Gua Service