Privacy Policy

Last updated: February 25, 2025

Introduction

At Subswoop ("we," "our," or "us"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our manual expense tracking service.

We designed Subswoop as a privacy-focused alternative to traditional expense trackers. Unlike other services, we do not connect to your bank accounts or financial institutions, giving you complete control over what information you share.

Please read this Privacy Policy carefully. By accessing or using Subswoop, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined in this policy.

1. Information We Collect

1.1 Information You Provide to Us:

  • Account Information: Email address, password (encrypted), name, and account creation date.
  • Profile Information: Optional information such as country, city, preferred currency, and notification preferences.
  • Expense Data: Information you manually enter about your expenses, including amounts, categories, billing frequencies, renewal dates, and custom category names.
  • Communications: Information provided when you contact us for support or other inquiries.

1.2 Information Collected Automatically:

  • Usage Data: Information about how you interact with our service, including access times, pages viewed, and the routes by which you access the service.
  • Device Information: Information about the device you use to access our service, including device type, operating system, and browser type.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

1.3 Information We Do Not Collect:

  • Bank Account Information: We do not connect to your bank accounts or financial institutions.
  • Credit Card Numbers: We do not store complete credit card numbers. For subscription payments, we use trusted third-party payment processors.
  • Financial Transaction Data: We do not automatically import or collect data about your financial transactions.

2. How We Use Your Information

We use your information for the following legitimate purposes:

2.1 To Provide and Maintain Our Service:

  • Process and display the expense information you enter
  • Calculate monthly totals and generate spending reports
  • Manage your account and provide customer support
  • Send service-related notifications, such as renewal reminders

2.2 To Improve Our Service:

  • Analyze usage patterns to enhance user experience
  • Debug technical issues and maintain service security
  • Develop new features based on user feedback and behavior

2.3 For Communications:

  • Respond to your inquiries and support requests
  • Send administrative messages about your account
  • With your consent, send promotional communications about new features or offers

3. Legal Basis for Processing (EU/EEA Users)

If you are located in the European Union or European Economic Area, we collect and process your personal information based on the following legal grounds:

  • Performance of Contract: Processing necessary to provide the service you have requested.
  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving our service, as long as these interests are not overridden by your rights.
  • Consent: Processing based on your specific consent, such as for marketing communications.
  • Legal Obligation: Processing necessary to comply with applicable laws.

4. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the limited circumstances described below:

4.1 Service Providers:

We may share your information with third-party service providers who help us operate our service, such as:

  • Cloud hosting and storage providers
  • Payment processors for subscription fees
  • Email service providers for communications
  • Analytics providers to help us understand service usage

These providers are contractually obligated to use your information only as directed by us and in a manner consistent with this Privacy Policy.

4.2 Legal Requirements:

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers:

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

4.4 With Your Consent:

We may share your information with third parties when you have given us your consent to do so.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Regular backups to prevent data loss

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your personal information:

6.1 For All Users:

  • Access: You can access most of your personal information through your account settings.
  • Correction: You can update or correct most of your personal information through your account settings.
  • Deletion: You can delete your account and associated data through your account settings or by contacting us.
  • Data Export: You can export your expense data through your account settings.

6.2 Additional Rights for EU/EEA and UK Residents:

  • Restriction of Processing: You have the right to request that we restrict the processing of your personal information under certain circumstances.
  • Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format.
  • Objection to Processing: You have the right to object to our processing of your personal information under certain circumstances.
  • Withdrawal of Consent: Where we rely on your consent to process your personal information, you have the right to withdraw your consent at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Active Accounts: We retain your data for as long as your account remains active.
  • Deleted Accounts: When you delete your account, we will delete or anonymize your personal information within 30 days, except for information we need to retain for legal, financial, or security purposes.
  • Backups: Your information may remain in our backup systems for up to 90 days after deletion.

8. Children's Privacy

Our service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we can take appropriate action.

9. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country.

For transfers from the EU/EEA to countries not deemed to provide an adequate level of data protection, we implement appropriate safeguards, such as standard contractual clauses approved by the European Commission.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

For significant changes, we will provide a more prominent notice, such as an email notification. We encourage you to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: support@subswoop.com