Finanzbook Privacy Policy

Effective Date: April 29, 2025
Last Updated: April 29, 2025

Finanzbook (“we”, “us”, or “our”) is operated by OsnaDigit UG (haftungsbeschränkt). We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the Finanzbook expense tracker application (“the App”), in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Who We Are

2. What Data We Collect

• Account Information: Name, email address, authentication tokens (via AWS Cognito)
• Financial Data: Expense categories, amounts, transaction dates, and notes (as entered by you)
• Device Information: IP address, operating system, app version
• Usage Data: Interactions with the app (anonymized if used for analytics)
• Subscription Data: Status and entitlement data processed via RevenueCat

3. Legal Basis for Processing

• Consent (Art. 6(1)(a) GDPR): For optional features and analytics
• Contract performance (Art. 6(1)(b) GDPR): To deliver core features and manage accounts and subscriptions
• Legal obligations (Art. 6(1)(c) GDPR): Where necessary to comply with applicable laws
• Legitimate interest (Art. 6(1)(f) GDPR): For fraud prevention, service integrity, and secure access management

4. How We Use Your Data

• Operate and maintain Finanzbook
• Help you track and manage personal or household expenses
• Authenticate and authorize user access
• Provide customer support and respond to inquiries
• Process and manage premium feature subscriptions
• Improve app functionality and user experience
• Ensure data security and prevent abuse

5. Data Storage and Retention

Your data is securely stored on servers located in Germany, operated by STRATO AG, which is ISO 27001-certified.
We retain your data only as long as necessary for the purposes described in this policy or to comply with legal obligations.
You may request account deletion or data removal at any time (see Section 7).

6. Data Sharing and Transfers

We do not sell or share your personal data for advertising purposes.

We share data with the following third-party service providers:

• STRATO AG: Our hosting provider, for secure infrastructure operation. Based in Germany, GDPR-compliant.
• AWS Cognito (Amazon Web Services, Inc.): For secure authentication and authorization of user accounts. Data may be processed in the EU or transferred to the United States under the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs). AWS Privacy Notice
• RevenueCat, Inc.: For managing in-app purchases and subscriptions. RevenueCat may process purchase receipts, subscription status, and technical identifiers. RevenueCat does not handle payment information directly. Data may be transferred to the United States under GDPR-approved safeguards. RevenueCat Privacy Policy

We have Data Processing Agreements (DPAs) in place with these providers in accordance with Article 28 GDPR.

7. Your Rights Under GDPR

• Access your personal data
• Rectify inaccurate or incomplete data
• Erase your data (“right to be forgotten”)
• Restrict or object to processing
• Export your data (data portability)
• Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact: info@osnadigit.de

8. Data Security

• End-to-end encryption
• Secure authentication via AWS Cognito
• Hosting in Germany (STRATO AG)
• Role-based access control
• Regular security updates and audits

9. Data Breach Notification

In the event of a data breach affecting your personal data, we will notify the German data protection authority (BfDI) and affected users in accordance with Articles 33 and 34 of the GDPR.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in legal, technical, or operational requirements.
You will be notified of any material changes via the App or email. The latest version will always be available within the App.

11. Contact

This privacy policy page was generated by App Privacy Policy Generator