Privacy Policy

1. Introduction

NellyTrack ("we", "our", "us") is operated by Preagos. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use NellyTrack.

2. Data We Collect

We collect the following types of data:

• Account data: Email address, first name, last name (provided during registration)
• Business data: Articles, sales, expenses, clients, invoices, appointments, and services you create within the app
• Personal finance data: Incomes, budgets, savings goals, expenses, subscriptions, net-worth entries (assets/liabilities) and debt payment history you track in personal mode
• Payment data: Subscription plan and billing status (payment processing is handled by Stripe - we never see your card details)
• Usage data: Screen views and feature usage via Firebase Analytics (anonymized)
• Device data: Device type, operating system, and app version for crash reporting
• Push notification tokens: If you enable push notifications, we store a Firebase Cloud Messaging (FCM) device token so we can deliver reminders (debt payment due, recurring expense due, budget alerts). Tokens do not identify you personally and can be revoked by disabling notifications in the app settings or your device OS.
• Photos: Receipt images you voluntarily upload for expense tracking

3. How We Use Your Data

• To provide and maintain the NellyTrack service
• To sync your data across devices
• To process your subscription payments via Stripe
• To send transactional emails (welcome, password reset, support replies)
• To send push notifications you have opted into
• To improve the app through anonymized usage analytics
• To provide AI-powered features (product/receipt scanning) - images are processed in real-time and not stored on AI servers

4. Data Storage & Security

Your data is stored in Supabase (PostgreSQL) hosted in the EU. All data is protected by Row-Level Security (RLS), meaning only you can access your own data. Data is encrypted in transit (TLS) and at rest. Receipt photos are stored in secure cloud storage with access restricted to your account.

5. Data Sharing

We do not sell your data. We share data only with:

• Supabase: Database hosting and authentication (EU servers)
• Stripe: Payment processing
• Firebase: Analytics and push notifications
• Brevo: Transactional email delivery
• Google AI (Gemini): Product/receipt image analysis (images processed in real-time, not stored)

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of all your data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of all your data
• Portability: Export your data in a standard format
• Restriction: Limit how we process your data
• Objection: Object to data processing

To exercise these rights, contact us at support@preagos.com. We will respond within 30 days.

7. Data Retention

Your data is retained as long as your account is active. If you delete your account, all your data is permanently removed within 30 days. Anonymized analytics data may be retained indefinitely.

8. Children's Privacy

NellyTrack is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us.

9. Offline Data

NellyTrack works offline by storing data locally on your device (using Hive). This data is synced to our servers when you reconnect. Local data is not encrypted by default - we recommend using device-level encryption (screen lock). When you delete your account or log out, all local data is automatically cleared from the device.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the app after changes constitutes acceptance.

11. Contact

For privacy-related questions:
Preagos
Email: support@preagos.com
Website: preagos.com