Privacy policy

My treasury

Darek Rutkowski built the My treasury app as a Freemium app. This SERVICE is intended for use as is.

This page is used to inform website visitors regarding my policies with the collection, use, and disclosure of Personal Information if anyone decided to use my Service.

If you choose to use my Service, then you agree to the collection and use of information in relation to this policy. I will not use or share your information with anyone except as described in this Privacy Policy.

The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which is accessible at the My treasury app unless otherwise defined in this Privacy Policy.

Information Collection and Use

The My treasury app does not collect nor use Personal Information explicitly. If Personal Information was provided within app (ie. within Customer, or transaction record, or a note), it is then secured the same way as other data.

If you enable Account Sharing or sign in, we process a small amount of data to set up your profile and connections as described below. This is optional — you can use the app locally without Account Sharing.

If you sign in, we process a small amount of data to set up your profile as described below.

The app does use third party services that may collect information used to identify you.

Link to privacy policy of third party service providers used by the app:

Account Sharing (optional)

If you turn on Account Sharing, the app can share only account data you choose with your friends or your own devices. To make that work, we store a small profile and connection info in Firebase and use temporary records to deliver changes.

When Account Sharing is enabled, we may process:

Firebase user ID and display name.
Device info: app-generated device ID, device name you provide, model, and OS version.
Push token (FCM) so we can notify you about sync updates.
Friend/device connection metadata and invitation codes (6‑digit or QR; codes expire quickly).
Sync requests and status (e.g., full or partial sync, approved/denied).
Temporary change records that carry the updates you chose to share (accounts/categories/transactions).

What’s kept: profile and friend/device connection metadata. What’s temporary: invitations and change records — they exist only long enough to deliver updates, then we clean them up.

For extra protection, sensitive fields in shared account, category, and transaction data are encrypted while being sent to/from the cloud and remain encrypted while they are temporarily stored for syncing.

Push Notifications

If you allow notifications, we use a device push token to let you know about new changes, and requests from friends. You can turn notifications off in your device settings or inside the app. However, this would disable automated syncing, leaving only manual syncing as an option.

Camera and QR Codes

We ask for camera access only if you choose to scan a QR code to accept an invitation. Camera access is optional — you can always enter the 6‑digit code manually instead.

Anonymous Analytics (Firebase Analytics)

We use Firebase Analytics to understand how the app is used so we can improve it. This is anonymous usage data like screens visited, feature usage, and basic device info (model, OS, language). We don’t look at the financial content you enter. You can turn analytics off in the app at any time.

Subscriptions and Purchases (RevenueCat)

We use RevenueCat to manage in‑app purchases and subscriptions (Premium). Apple App Store and Google Play process your payment — we don’t see or store your card details. RevenueCat helps us verify purchases, unlock Premium features, handle upgrades/downgrades, and restore purchases on your devices.

RevenueCat may process:

Purchase receipts/transaction identifiers and product identifiers.
An app‑specific user identifier to manage your subscription; if you sign in, we may associate it with your account to restore purchases across devices.
Basic device/app info (platform, app version, country/region) and IP address for fraud prevention, tax, and regulatory compliance.

Legal basis: performance of a contract (your purchase) and our legitimate interests (fraud prevention and service reliability).

Retention: kept as long as needed to provide and validate your subscription and to comply with store/accounting rules, then deleted or anonymized.

Your choices: you can manage or cancel your subscription in App Store or Google Play settings; you can also restore purchases from the app. You can keep using the free version without purchasing Premium.

Service Providers

I may employ third-party companies and individuals due to the following reasons:

To facilitate our Service;
To provide the Service on our behalf;
To perform Service-related services; or
To assist us in analyzing how our Service is used.

I want to inform users of this Service that these third parties have access to information used to identify you. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Security

I value your trust in using my application, thus we are striving to use commercially acceptable means of protecting data. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and I cannot guarantee its absolute security.

To help protect your data and our backend from abuse, we also use Firebase App Check. It helps verify that requests come from the genuine app on a real device. We don’t use App Check to track you for advertising.

In addition to Firebase’s encryption in transit and at rest, we encrypt sensitive fields within shared account/category/transaction data when transmitting and while they are temporarily stored in the cloud for syncing.

Where your data is stored and for how long

Main app data stays on your device unless you turn on Account Sharing.
When Account Sharing is on: profile and friend/device connection metadata live in Firebase until you remove them by selecting to Remove profile in the app; invitations and change records are temporary and cleaned up after delivery (typically within a short time window). Sensitive fields in change records are encrypted in transit and while they are temporarily stored.
Push tokens are removed when you sign out, disable Account Sharing, or the token expires.

Your choices and controls

Turn Account Sharing on/off anytime in Settings and pick which accounts to share.
Add or remove friends/devices; stop sharing whenever you want.
Revoke notifications and camera permissions at any time.
Opt out of anonymous analytics in the app.
Use “Remove My Profile” in Account Sharing to delete your cloud profile and stop syncing.
If you believe a child is using Account Sharing, please contact us so we can remove any related data.

International data transfers

Firebase may process and store data in data centers outside your country (for example, EU or US), depending on our project settings. We rely on safeguards required by law for these transfers and use Firebase as a processor to run the service.

Children’s Privacy

This app isn’t directed to children under the age set by your local law (e.g., 16 in the EEA). We don’t knowingly collect personal data from children.

Links to Other Sites

This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by me. Therefore, I strongly advise you to review the Privacy Policy of these websites. I have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Changes to This Privacy Policy

I may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. I will notify you of any changes by posting
the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.

Contact Us

If you have any questions or suggestions about my Privacy Policy, do not hesitate to contact me.

Back