Finanshier logo Finanshier Finance with structure

Privacy Policy

Last updated: May 6, 2026

This Privacy Policy explains how Finanshier ("we", "us", "our") collects, uses, stores, and shares personal data when you use the Finanshier application (the "App").

1. Who We Are

Controller: Mohomed Rumaiz Mohomed Refaiz

Registered address: Sofia, Plovdivsko Pole Street 19, Entrance A, Floor 2, Apartment 6. 1756, Bulgaria

Support email: finanshier.support@symbolstechnology.com

2. Data We Collect

We collect the following categories of data.

2.1 Account and identity data

  • Name and email address
  • Authentication identifiers such as Firebase user ID
  • Sign-in provider data for email/password, Google, Facebook, and Apple
  • Email verification status

2.2 Financial and profile data you enter

  • Profiles
  • Account records and balances
  • Transactions and repeating transactions
  • Budgets and budget items
  • Debts and repayment data
  • Assets and investment records
  • Categories and user configuration preferences

2.3 Device and usage/security data

  • Device token used for push messaging
  • Device model or name
  • Sign-in timestamp
  • Device status
  • Timezone and device location or locale label used for device visibility
  • In-app notification records

2.4 Location-related data

  • If you grant permission, we access device location to detect country and currency.
  • If geolocation is unavailable, the app may use IP-based lookup through ipapi.co.
  • Manual country and currency selection is available.

2.5 Data stored on your device

  • Country and currency preferences
  • App lock configuration including hashed PIN and biometric-enabled flag in secure storage
  • Notification topic preference data

2.6 Sensitive data note

Financial records can reveal sensitive lifestyle and economic patterns. We treat this as high-risk personal data and apply additional safeguards.

2.7 Advertising data (AdMob)

If advertising is enabled in the app via Google AdMob, ad-related data may be processed by Google and its partners, including identifiers, device and network metadata, and ad interaction or fraud-prevention signals.

We currently configure ads as non-personalized ads only.

2.8 Subscription and consent data

  • Current subscription plan and subscription source
  • Subscription start or update timestamps
  • Privacy policy consent status and related acceptance or withdrawal timestamps

3. Why We Collect Data

  • Provide account access and authentication
  • Deliver core app functionality including budgeting, accounts, transactions, debts, assets, and recurring schedules
  • Provide country and currency convenience
  • Support security and account protection
  • Send reminders and service notifications
  • Display ads and support monetization
  • Validate subscriptions and manage paid plan access
  • Support export and account deletion request flows
  • Maintain service reliability

4. Legal Bases (GDPR/UK GDPR)

  • Contract: to provide the app and requested features
  • Legitimate interests: service security, fraud prevention, and operational integrity
  • Consent: for optional permissions where required
  • Legal obligation: where required by applicable law

5. How We Share Data

We do not sell personal data.

We may share data with service providers used to operate the app, such as:

  • Firebase Authentication
  • Cloud Firestore
  • Firebase Cloud Messaging
  • Google AdMob
  • RevenueCat
  • Apple App Store and Google Play billing infrastructure
  • Social login providers when you choose those sign-in methods
  • ipapi.co only when IP-based country or currency lookup is used

6. International Transfers

Your data may be processed in countries other than your own depending on provider infrastructure. Where required, we apply transfer safeguards.

7. Data Retention

We retain personal data while your account is active and as needed to provide services and comply with legal obligations.

  • Device and session records are retained while relevant for account security
  • Privacy policy consent records are retained while needed to demonstrate and manage consent status
  • Account deletion requests are queued with a 7-day cancellation window before final deletion workflow
  • Exported files are generated on-demand and saved where you choose

8. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your data
  • Correct inaccurate data
  • Delete your data
  • Export or port your data
  • Restrict or object to certain processing
  • Withdraw consent for optional processing
  • Lodge a complaint with a supervisory authority

How to exercise rights:

  • In-app data export and deletion request features
  • Contact: finanshier.support@symbolstechnology.com

9. Children

The app is not intended for children under the age where parental consent is required in your jurisdiction.

10. Security

We use administrative, technical, and organizational safeguards, including platform security controls and secure storage for local app lock credentials. No method of transmission or storage is 100% secure.

11. Changes to This Policy

We may update this policy from time to time. We will update the "Last updated" date and, where required, provide additional notice.

12. Region-Specific Notices

EEA/UK Notice

You have GDPR/UK GDPR rights described above, including complaint rights with your local authority.

California Notice (CCPA/CPRA)

California residents may have rights to know, delete, correct, and limit use or disclosure of sensitive personal information, and to opt out of sale or sharing where applicable. We do not sell personal information.

Canada (PIPEDA)

You may request access or correction and withdraw consent subject to legal or contractual limits.

Singapore (PDPA)

You may request access or correction and withdraw consent, subject to legal exceptions.

Australia (Privacy Act)

You may request access or correction and file complaints under applicable Australian Privacy Principles.