Privacy Policy

Contiv SRL ("we", "our", or "us") operates the Contiv Financial mobile application. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our App.

info

1. Information We Collect

1.1 Information You Provide

When you create an account and use the App, we collect:

check

Account information: Name, email address, and password (or Google OAuth credentials)

check

Profile information: Display name, avatar, preferred currency

check

Financial data: Transaction amounts, categories, tags, dates, notes, and whether transactions are personal or business

check

Budget data: Budget names, amounts, periods, and category associations

check

Custom categories and tags: Names, icons, and colors you create

1.2 Information Collected Automatically

When you use the App, we may automatically collect:

check

Device information: Device type, operating system version, unique device identifiers

check

Usage data: App usage patterns, feature interactions, error logs, and crash reports

check

Authentication data: Login timestamps, session tokens

1.3 Information We Do NOT Collect

We want to be clear about what we do not collect:

closeWe do not collect bank account numbers, credit card numbers, or any payment card details

closeWe do not access your bank accounts or financial institutions

closeWe do not collect your precise GPS location

closeWe do not read your contacts, messages, or other apps' data

closeWe do not collect biometric data (Face ID / fingerprint data stays on your device)

insights

2. How We Use Your Information

We use your information solely to:

check_circle

Provide the App's core functionality: Record and categorize your income and expenses, calculate budgets, and generate reports

check_circle

Authenticate your account: Verify your identity and maintain your session

check_circle

Improve the App: Analyze usage patterns to fix bugs and improve features

check_circle

Send essential communications: Account verification, security alerts, and important service updates

We do not use your financial data for:

• Advertising or marketing to third parties

• Credit scoring or financial profiling

• Selling or renting your data to anyone

shield_lock

3. Data Storage and Security

3.1 Where Your Data Is Stored

Your data is stored on Supabase infrastructure hosted in the United States. Supabase uses Amazon Web Services (AWS) data centers with industry-standard security measures.

3.2 International Data Transfers

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your data is transferred to the United States. We rely on:

checkThe EU-U.S. Data Privacy Framework for lawful transfers

checkStandard Contractual Clauses (SCCs) approved by the European Commission as an additional safeguard

checkSupabase's Data Processing Addendum (DPA) which incorporates these protections

3.3 Security Measures

We implement appropriate technical and organizational measures to protect your data:

lockAll data transmitted between the App and our servers is encrypted using TLS/SSL

lockPasswords are hashed using industry-standard algorithms (never stored in plain text)

lockDatabase access is protected by Row Level Security (RLS) — your data is isolated and accessible only to your authenticated account

lockAuthentication tokens are securely stored on your device

lockBiometric authentication (Face ID / fingerprint) is processed entirely on your device — biometric data never leaves your phone

3.4 Data Retention

info

Active accounts: We retain your data for as long as your account is active

info

Deleted accounts: When you delete your account, all your personal and financial data is permanently deleted immediately

integration_instructions

4. Third-Party Services

We use the following third-party services:

Service	Purpose	Data Shared
Supabase	Database, authentication, backend infrastructure	Account data, financial data (encrypted at rest)
Google OAuth	Optional sign-in method	Email, name (only if you choose Google sign-in)
Frankfurter API	Currency exchange rates	No personal data (only currency codes are sent)
Expo / EAS	App build and update delivery	Device type, OS version, app version

We do not share your financial transaction data with any third-party service. Your expenses, incomes, categories, and budget data remain in our database and are never transmitted to external parties.

gavel

5. Your Rights

5.1 For All Users

Access: Request a copy of all personal data we hold about you

Correction: Update or correct inaccurate data

Deletion: Delete your account and all associated data

Data export: Export your financial data in a standard format

5.2 Additional Rights Under GDPR (EEA/UK Users)

Right to restrict processing: Request that we limit how we use your data

Right to data portability: Receive your data in a structured, machine-readable format

Right to object: Object to processing of your data for certain purposes

Right to withdraw consent: Withdraw your consent at any time (without affecting the lawfulness of processing based on consent before withdrawal)

Right to lodge a complaint: File a complaint with your local Data Protection Authority

5.3 Additional Rights Under CCPA (California Users)

Right to know: What personal information we collect and how we use it

Right to delete: Request deletion of your personal information

Right to non-discrimination: We will not discriminate against you for exercising your rights

We do not sell personal information: We have not sold and will not sell your personal information to third parties

To exercise any of these rights, contact us at suport@contiv.ro.

child_care

6. Children's Privacy

Contiv Financial is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we discover that a child under 16 has provided us with personal information, we will promptly delete it. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at suport@contiv.ro.

public

7. Cookies and Tracking

The Contiv Financial mobile app does not use cookies, web beacons, or tracking pixels. We do not track you across other apps or websites. We do not participate in any advertising networks or use any advertising SDKs.

update

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

checkWe will update the "Last updated" date at the top of this page

checkFor significant changes, we will notify you through the App or via email

checkYour continued use of the App after changes take effect constitutes acceptance of the updated policy

balance

9. Legal Basis for Processing (GDPR)

For users in the EEA/UK, we process your personal data based on the following legal grounds:

Purpose	Legal Basis
Providing the App's services	Performance of a contract (Art. 6(1)(b) GDPR)
Account authentication	Performance of a contract
App improvement and bug fixes	Legitimate interest (Art. 6(1)(f) GDPR)
Security and fraud prevention	Legitimate interest
Legal compliance	Legal obligation (Art. 6(1)(c) GDPR)
Marketing communications (if any)	Consent (Art. 6(1)(a) GDPR)

mail

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

mail

suport@contiv.ro

business

Company

Contiv SRL

location_on

Location

Romania, European Union