Privacy Policy
1. Introduction
AssetVault ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Please read this policy carefully. If you do not agree with our practices, please do not use the App.
2. Information We Collect
A. Information You Provide
- Account Information: Email address, password (hashed), name, and profile information
- Receipt Data: Photos of bills/receipts, transaction amounts, dates, categories, and notes
- Asset Information: Name, categories, dates, categories, price, and notes
- Subscription Information: Subscription tier, purchase history (through Apple)
- Communication: Support emails, feedback, and bug reports you send us
B. Information Collected Automatically
- Device Information: Device model, OS version, app version, unique device identifiers
- Usage Data: Features used, pages visited, actions taken, time spent in app
- Crash Reports: Error logs and app crash information (for debugging)
- Analytics: App performance metrics and user behavior patterns
C. Third-Party Information
- Apple App Store: Purchase history and subscription status
- Analytics Providers: Aggregated usage data
- Google Gemini AI: Processing results from bill recognition features
3. How We Use Your Information
We use collected information for:
- Providing and improving the App and its features
- Authenticating your account and maintaining security
- Processing subscription payments and renewals
- Personalizing your experience
- Sending service-related notifications (asset/account expiry reminders, updates, security alerts)
- Analytics to understand user behavior and improve the app
- Complying with legal obligations
- Detecting and preventing fraud or abuse
We do not use your information for marketing without your consent.
4. How We Share Your Information
We do not sell your personal data. We only share information when necessary:
- Service Providers: Supabase (database), Apple (payment processing), cloud providers who help us operate the App under strict confidentiality agreements
- Legal Requirements: When required by law, court order, or government request
- Security: To prevent fraud or protect user safety
Your bill images and personal data are never sold to advertisers or third parties.
5. Data Security
We implement industry-standard security measures to protect your data:
- Encryption in Transit: All data sent to/from our servers is encrypted using HTTPS/TLS
- Encryption at Rest: Sensitive data is encrypted on our servers
- Access Controls: Only authorized personnel can access your data
- Password Security: Passwords are hashed using industry-standard algorithms
While we take security seriously, no system is 100% secure. We cannot guarantee absolute protection against unauthorized access.
6. Data Retention
We retain your information as long as your account is active or as needed to provide services. You can request deletion of your account and data by contacting us. Some data may be retained for legal or operational purposes for a limited period after deletion.
7. GDPR & CCPA Compliance
For EU Users (GDPR): AssetVault adheres to the General Data Protection Regulation (GDPR). We act as the Data Controller for your information.
- Data Protection Officer: Contact us at iai2auto@gmail.com.
- Legal Basis: Processing is based on the necessity to perform our contract (App services) and our legitimate interest in app security/stability.
- Storage Locations: Data is hosted primarily with Supabase.
- User Rights: You have the right to access, correct, delete ("Right to be Forgotten"), or request portability of your data.
For California Residents (CCPA): we provide the following additional disclosures under the CCPA:
- No Sale of Data: We do NOT "sell" your personal information, as the term is defined under the CCPA.
- Verification: To protect your identity, we may verify requests by checking account ownership.
- User Rights: You have the right to know what personal information is collected and to request deletion.
To exercise your rights (GDPR/CCPA), please contact us at iai2auto@gmail.com.
8. Children's Privacy
AssetVault is not intended for children under 13. We do not knowingly collect data from children under 13. If we become aware of such collection, we will delete the data and terminate the account. For children 13-18, parental consent is recommended.
9. AI Processing Disclosure
To provide intelligent bill recognition, AssetVault integrates Google Gemini AI:
- Privacy: Bill images are encrypted during transmission and WILL NOT be used to train Google's AI models.
- Consent: Explicit user consent is obtained via an in-app prompt before processing.
10. Third-Party Services
AssetVault uses these third-party services. Please review their privacy policies:
- Apple App Store: https://www.apple.com/privacy/
- Supabase: https://supabase.com/privacy
- Google Firebase: https://firebase.google.com/support/privacy
- Google Gemini AI: https://ai.google.dev/terms
We are not responsible for third-party privacy practices.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by updating the "Last Updated" date and sending you an email notification. Continued use of the App after changes constitutes acceptance of the updated policy.
12. Contact Us
For privacy questions, data access requests, or concerns, contact:
Email: iai2auto@gmail.com
General Support: iai2auto@gmail.com
Company: IAI Technology Ltd
We will respond to privacy requests within 30 days.