Privacy Policy

Last Updated: February 2026

1. Introduction

Welcome to Saivly. This Privacy Policy explains how we collect, use, and protect information when you use our personal finance tracking app (the “App”). By using Saivly, you agree to the practices described in this policy.

Saivly is operated by Aliaksandr Kharkevich, an individual entrepreneur (sole proprietor) doing business as “Saivly”, based in Warsaw, Poland.

2. Information We Collect

We collect only the information needed to operate Saivly, provide its features, keep the App reliable and secure, and support subscriptions.

2.1 Account & Contact Information

• Email address (required for account creation, login, account recovery, and essential service communications).
• Name (requested during registration for profile/account personalization inside the App).
• User ID / account identifier (internal ID used to associate your data with your account and keep you signed in securely).

2.2 User-Provided Financial Data (“Other Financial Info”)

Saivly is a manual personal finance tracker. We do not connect to your bank accounts or payment cards. All financial data is entered by you. This may include:

• Transactions (expenses and income): amounts, dates, categories, notes/descriptions you provide
• Budgets and limits you create
• Accounts you create (e.g., account names, currencies, optional balances you enter)
• Custom categories and tags you create

2.3 Diagnostics (Crash & Performance Data)

To keep the App stable and improve reliability, we collect diagnostic data such as:

• Crash Data (crash reports, stack traces, and related technical context)
• Performance Data (performance metrics and telemetry to detect slowdowns and improve responsiveness)
• Technical metadata commonly included with diagnostics (e.g., device model, OS version, app version, language/locale)

This diagnostic data is used for App Functionality (stability, troubleshooting, security) and, where applicable, Analytics limited to performance and reliability improvements. It is not used for advertising or cross-app tracking.

2.4 Subscriptions & Billing (Apple App Store + RevenueCat)

Saivly may use a subscription to unlock Premium features. We use Apple’s in-app purchase system and a subscription management provider (RevenueCat) to validate and manage entitlements. This may involve processing:

• Subscription status/entitlement (active/inactive)
• Product identifiers (e.g., monthly/annual SKU)
• Purchase/renewal/cancellation events (typically dates and product IDs)

Important: Saivly does not process, store, or have access to your payment card number or full payment details. Payments are handled by Apple. We receive only what is necessary to determine whether Premium access should be enabled.

2.5 AI-Assisted Features (OpenAI)

Saivly may offer AI-assisted features (for example, voice transcription or categorization suggestions). To provide these features, certain user-provided content may be sent to OpenAI via API, such as:

• Short voice recordings and/or their text transcripts (if you use voice input)
• Transaction descriptions, notes, and related text needed to generate a suggestion
• Minimal context required to return a relevant result

Data is sent to OpenAI only when you invoke an AI feature. AI suggestions may be inaccurate; you should review them before relying on them for financial decisions.

We use OpenAI as a service provider (processor). According to OpenAI’s API terms/policies applicable to the API usage, data sent via the API is used only to provide the requested functionality and is not used to train public models.

3. How We Use Information

• Account & authentication: create and manage your account, authenticate users, maintain secure sessions.
• Core app functionality: store and sync your transactions, budgets, accounts, and preferences.
• Personalization inside the App: display your name/profile and tailor basic in-app preferences (e.g., currency/language).
• Subscriptions: validate Premium entitlement, enable/disable Premium features.
• Diagnostics & reliability: detect crashes, improve performance, and fix bugs.
• Security: prevent abuse, fraud, and unauthorized access.
• AI features (optional): process voice/text you submit to generate suggestions when you request them.
• Essential communications: account-related messages such as verification, security alerts, or policy updates.

4. Legal Bases (GDPR)

Where the GDPR applies, we process personal data under one or more legal bases:

• Performance of a contract (Article 6(1)(b)): to provide the App, account, and Premium features you request.
• Legitimate interests (Article 6(1)(f)): to secure, maintain, and improve the App (limited diagnostics/analytics for stability and performance).
• Consent (Article 6(1)(a)), where applicable: for optional features that require it (for example, if you opt into non-essential communications, where offered).
• Legal obligation (Article 6(1)(c)), where applicable: to comply with lawful requests and mandatory retention obligations.

5. Sharing of Information & Service Providers

We do not sell your personal data. We share data only with service providers needed to run Saivly, or when required by law.

5.1 Service Providers

• Cloud hosting and database (e.g., Supabase): to store and sync your account and finance data.
• Subscriptions (Apple App Store, RevenueCat): to validate entitlements and manage subscription status.
• Diagnostics (e.g., Sentry): to collect crash and performance data for reliability and troubleshooting.
• AI provider (OpenAI): to process voice/text you submit when you request AI features.

These providers process data under our instructions and are bound by contractual obligations to protect data and use it only for the services they provide.

5.2 Legal & Safety

We may disclose information if we reasonably believe it is necessary to:

• Comply with a legal obligation, court order, or lawful request
• Protect the rights, property, or safety of Saivly, our users, or others
• Detect, prevent, or address fraud, security, or technical issues

6. International Data Transfers

Saivly is operated from Poland (EU). Some service providers may process data outside the EU/EEA (for example, in the United States). When transferring personal data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or other legally recognized mechanisms.

7. Data Retention

We retain data only as long as necessary for the purposes described in this policy, unless a longer period is required by law.

• Account data (email, name, user ID): retained while your account is active; deleted or anonymized after a valid deletion request, subject to legal requirements.
• User-provided financial data: retained while your account is active to provide access to your history and budgets; deleted or anonymized after account deletion, subject to legal requirements.
• Diagnostics (crash/performance): typically retained for a limited period (commonly 30–90 days) for troubleshooting and reliability improvements, then deleted or anonymized.
• Backups: data may persist in encrypted backups for a limited time until overwritten in routine backup cycles.
• Subscription status: may be retained as needed to manage entitlements and comply with legal obligations.

For retention questions, contact us at alekskharkevich96@gmail.com.

8. Your Rights

Where applicable (including under GDPR), you may have rights such as access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

• Access: request a copy of personal data we hold about you.
• Deletion: request deletion of your account and associated data, subject to legal obligations.
• Correction: request correction of inaccurate data.
• Portability: request a machine-readable export where feasible.
• Objection: object to processing based on legitimate interests in certain circumstances.

To exercise rights, contact alekskharkevich96@gmail.com. We may need to verify your identity before responding.

Note: Deleting the Saivly app from your device does not automatically delete your account or cancel your subscription. Subscriptions are managed in Apple ID settings (Settings → Apple ID → Subscriptions).

9. Children’s Privacy

Saivly is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child provided personal data, contact us and we will take steps to delete it.

10. Security

We implement reasonable technical and organizational measures to protect data, including:

• Encryption in transit (HTTPS/TLS)
• Secure cloud infrastructure and access controls
• Least-privilege access and monitoring for abuse

No system is 100% secure. If you suspect unauthorized access, contact us immediately.

11. Changes to This Policy

We may update this policy from time to time. We will update the “Last Updated” date and, where appropriate, notify you in-app or by email. Continued use of Saivly after changes means you accept the updated policy.

12. Contact Information