Privacy Policy
This Privacy Policy explains how Moneatly handles information in the iOS app and on the static website at moneatly.tech.
Controller and contact
Moneatly is prepared for operation by a Turkey-based operator. The controller is the person or legal entity that publishes and operates Moneatly under the Moneatly name. Until formal company registration details are published, privacy, legal, support, and security requests should be sent to support@moneatly.tech.
If you contact us, we may need enough information to verify your account, locate your household records, understand your request, and respond safely.
Scope and age limit
Moneatly is a household finance app for tracking income, spending, bills, budgets, members, receipts, and shared household records. Moneatly is not a bank, payment account, broker, lender, credit provider, tax advisor, investment advisor, or legal service.
Moneatly accounts are for users who are at least 18 years old. A household owner may enter information about family members, including minors, only when the owner has the right to include that information in household finance records. Minors should not create or control Moneatly accounts.
Moneatly does not connect to bank accounts, does not request bank usernames or passwords, does not initiate payments, and does not move money.
Information we handle
- Account and authentication data. Sign in identifiers, account profile details, email or relay email, display name, profile image URL or avatar data, provider identifiers, and authentication tokens from Apple Sign In, Google Sign-In, and Firebase Authentication.
- Household finance records. Household name, owner and member records, categories, budgets, transactions, recurring records, bills, due dates, notes, receipt attachments, import drafts, invite records, preferences, backup/import data, and analysis history that you or household members create.
- Receipt, image, and message inputs. Text, images, screenshots, labels, and extracted suggestions submitted for receipt, bill, payment proof, bank-message, or finance screenshot analysis.
- App Store operational data. Product identifiers, transaction identifiers, app account tokens, signed transaction evidence, and Apple StoreKit status may be handled if an App Store entitlement flow is enabled in a future version.
- Device, security, and diagnostics data. Device identifiers used for household key access, App Check signals, backend request metadata, error codes, language, feature availability, app mode, and other operational data needed to run, protect, troubleshoot, and improve the app.
- Firebase Analytics app events. Limited app events such as app flow, limit, assisted analysis, and product load events. Event parameters are designed to avoid financial amounts, receipt text, message text, emails, invitation codes, and secrets.
- Support communications. Email address, message content, attachments, and related metadata when you contact support.
How information is used
- Authenticate users, maintain sessions, and prevent unauthorized account or household access.
- Store, synchronize, encrypt, decrypt, display, back up, import, and restore household finance records.
- Enable household sharing, owner/member permissions, invitations, account deletion, and household deletion or reset flows.
- Apply app limits, process eligible account state changes, and prevent client-side tampering.
- Provide optional OpenAI-powered assisted receipt, bill, payment proof, message, or finance screenshot analysis.
- Secure the service, enforce Firestore access rules, investigate abuse, detect fraud, debug failures, and maintain audit evidence for sensitive or destructive actions.
- Respond to support, privacy, security, legal, or App Store review requests.
- Comply with law, enforce our Terms, protect rights and safety, and defend against claims.
Service providers and processors
Moneatly may use the following service providers as processors, independent controllers, or platform providers depending on the service and legal context:
- Firebase and Google Cloud. Authentication, Firestore data storage, Cloud Functions, storage, App Check, Firebase Analytics, diagnostics, hosting-related infrastructure for backend operations, and security controls.
- Apple. App distribution, Apple Sign In, eligible App Store operations, StoreKit, and App Store review operations.
- Google. Google Sign-In, account profile data, and related authentication infrastructure.
- OpenAI. AI processing for optional assisted import and analysis features when you submit records, text, or images for those features.
- Email and support providers. Processing support emails and related records when you contact us.
These providers may process data in countries outside your country of residence. Where required, we rely on applicable transfer mechanisms, data processing terms, platform terms, contractual safeguards, consent, necessity for service delivery, or other lawful transfer bases.
AI and automated outputs
AI-assisted features are optional. If you use assisted import or analysis, Moneatly may send relevant household context, user messages, receipt text, bill text, payment proof text, finance screenshots, images, category lists, member lists, and related metadata to an AI provider so the feature can generate a response or transaction draft.
AI outputs may be incomplete, inaccurate, delayed, or inappropriate for your specific situation. Moneatly asks AI systems to avoid investment, tax, legal, credit steering, buy/sell, guaranteed-return, and speculative finance advice, but you remain responsible for checking outputs before relying on them.
Do not submit information to AI features unless you have the right to submit it and you are comfortable with it being processed for that request.
Website privacy
No website analytics. The public website at moneatly.tech is designed as a static website. It does not include website analytics scripts, tracking pixels, advertising tags, newsletter signup, waitlist collection, contact forms, or server-side website databases.
The website may still be served by hosting and network providers that process ordinary delivery data such as IP address, user agent, requested URL, timestamp, and security logs as needed to deliver the site, prevent abuse, and maintain infrastructure.
Retention and deletion
We keep information for as long as necessary to provide the app, maintain your account and household records, comply with law, resolve disputes, enforce agreements, protect the service, preserve security evidence, complete backups, and respond to support or legal requests.
You can delete your account from the app. Account deletion removes your user profile, access records, device records, eligible account-state records, and Firebase Authentication user where technically available. If you are the sole owner of a household, household deletion may be part of account deletion. If other authenticated users are linked to a household you own, you may need to transfer ownership or delete the household before deleting your account.
Deletion may not immediately remove information from encrypted backups, provider logs, anti-abuse records, tax/accounting records, legal holds, or dispute evidence, but those records will be retained only as long as necessary for the applicable purpose.
Privacy rights
Depending on your location, you may have rights under laws such as Turkey's KVKK, the GDPR, UK GDPR, Swiss data protection law, and US state privacy laws. These rights may include access, confirmation of processing, correction, deletion, portability, objection, restriction, withdrawal of consent, complaint to a regulator, and information about international transfers.
No sale of personal data. Moneatly does not sell household finance records or personal data. Moneatly also does not use the static website for cross-context behavioral advertising. If future advertising, referral, analytics, or marketing features change this position, this policy and relevant opt-out controls must be updated before that use begins.
To exercise privacy rights, email support@moneatly.tech. We may reject or limit a request where allowed by law, including when we cannot verify the requester, must protect another user's rights, must preserve legal evidence, or must comply with a conflicting legal duty.
Security
Moneatly uses technical and organizational measures intended to protect household records, including authenticated access, Firestore rules, backend-controlled writes for sensitive operations, App Check for supported callable functions, encryption-oriented household data design, device key management, and sanitized diagnostics.
No app, website, network, provider, device, or storage system can be guaranteed to be perfectly secure. You are responsible for protecting access to your Apple or Google account, your device, and any household invitations you share.
Changes to this policy
We may update this Privacy Policy when the app, providers, law, security posture, or business structure changes. The updated version will be posted on this page. If a change materially affects your rights or how personal data is processed, we will provide notice where required by law.
Contact
For privacy questions, data requests, support, legal notices, or security reports, email support@moneatly.tech.