Privacy Policy

1. Policy

This privacy policy applies to the Famverge app (hereby referred to as "Application") for mobile devices that was created by Maratus S.P. (hereby referred to as "Service Provider") as a Freemium service. This service is intended for use "AS IS".

2. Information Collection and Use

The Application collects information when you download and use it. This information may include:

• Your device's Internet Protocol address (e.g. IP address)
• The pages of the Application that you visit, the time and date of your visit, the time spent on those pages
• The time spent on the Application
• The operating system you use on your mobile device
• Email address and full name for account creation and communication
• Images, text input, and audio files you provide for expense tracking purposes
• Financial data extracted from your provided content through AI processing

The Application does not gather precise information about the location of your mobile device.

AI Processing and Google Services

To provide expense tracking functionality, we use Google AI models to process your provided content including:

• Images of receipts, invoices, and financial documents
• Text input related to expenses and financial information
• Audio files containing expense-related information

This processing is performed to extract relevant financial information, categorize expenses, and provide intelligent expense tracking features. The processing is done in accordance with Google's AI services terms and privacy policies.

Data Storage and Encryption

All user-provided content is stored in encrypted form on our servers. Your data is encrypted using industry-standard encryption methods, and the encryption keys are stored securely on your device. This means that your content is only accessible and readable by you as the content owner.

The Service Provider may use the information you provided to contact you from time to time to provide you with important information, required notices and marketing promotions (only with your explicit consent for marketing communications).

For a better experience, while using the Application, the Service Provider may require you to provide us with certain personally identifiable information, including but not limited to email, full name. The information that the Service Provider request will be retained by them and used as described in this privacy policy.

3. Analytics and Data Collection

What We Collect

We collect anonymous, non-personal analytics data to improve our app's functionality and user experience. This data collection is based on our legitimate interest in providing and improving our services.

Anonymous Usage Data:

• App feature usage patterns (which features are used most often)
• Performance metrics (app loading times, crash reports)
• Technical information (device type, operating system, app version)
• Language and currency preferences (for app functionality)
• General navigation patterns within the app
• Error logs and crash reports (anonymized)

What We DO NOT Collect:

• Personal identifiers (names, email addresses, phone numbers)
• User account information
• Individual user behavior tracking
• Cross-session user identification
• Screen recordings or detailed user interactions
• Location data
• Contact lists or personal files

How We Collect Data

We use PostHog, a privacy-focused analytics platform, with the following privacy protections:

• Anonymous Mode: We do not identify individual users
• Session Isolation: Each app session is treated independently
• Data Anonymization: All data is processed anonymously
• EU Data Processing: Data is processed on EU-based servers for GDPR compliance
• No Session Replay: We do not record user interactions or screen content

Legal Basis for Processing

We process this anonymous data under Article 6(1)(f) of GDPR - Legitimate Interest:

• Purpose: Improving app functionality, performance, and user experience
• Necessity: Essential for maintaining and improving our services
• Balance: Minimal data collection with strong privacy protections

Data Retention

• Analytics data is retained for 12 months maximum
• Data is automatically deleted after the retention period
• No long-term user profiling or tracking

Data Processing Location

Analytics data is processed within the European Union through PostHog's EU infrastructure, ensuring GDPR compliance.

Your Rights

Even though we collect only anonymous data, you have the following rights:

• Right to Information: You can request information about our data processing activities
• Right to Object: You can object to our analytics data collection
• Right to Opt-Out: You can disable analytics in the app settings

How to Opt-Out

If you prefer not to contribute anonymous usage data:

1. Open the app settings
2. Navigate to "Privacy & Data"
3. Toggle off "Anonymous Analytics"
4. Restart the app for changes to take effect

Third-Party Services

PostHog Analytics

• Website: https://posthog.com
• Privacy Policy: https://posthog.com/privacy
• Location: EU-based servers
• Purpose: Anonymous app usage analytics
• Data Sharing: No personal data is shared

Data Security

We implement appropriate technical and organizational measures to protect analytics data:

• Encryption in transit and at rest
• Access controls and authentication
• Regular security audits
• Anonymization at collection point

Supervisory Authority

If you have concerns about our data processing, you can contact your local data protection authority:

• EU residents: Your national data protection authority
• Contact information available at: https://edpb.europa.eu/about-edpb/board/members_en

4. Third Party Access

Only aggregated, anonymized data is periodically transmitted to external services to aid the Service Provider in improving the Application and their service. The Service Provider may share your information with third parties in the ways that are described in this privacy statement.

Google AI Services

We use Google AI models and services to process your content for expense tracking purposes. When you upload images, text, or audio files, this content may be transmitted to Google's AI services for processing. Google's handling of this data is governed by their privacy policy and terms of service.

Please note that the Application utilizes third-party services that have their own Privacy Policy about handling data. Below are the links to the Privacy Policy of the third-party service providers used by the Application:

• Google Play Services
• Firebase Crashlytics
• Google Cloud AI Services
• PostHog Analytics

The Service Provider may disclose User Provided and Automatically Collected Information:

• as required by law, such as to comply with a subpoena, or similar legal process;
• when they believe in good faith that disclosure is necessary to protect their rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
• with their trusted services providers who work on their behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.

5. Your Rights Under GDPR

If you are located in the European Union, you have the following rights regarding your personal data:

• Right of Access: You can request information about the personal data we hold about you
• Right to Rectification: You can request correction of inaccurate personal data
• Right to Erasure: You can request deletion of your personal data
• Right to Restrict Processing: You can request limitation of processing your data
• Right to Data Portability: You can request your data in a structured, machine-readable format
• Right to Object: You can object to processing of your personal data
• Right to Withdraw Consent: You can withdraw consent for processing at any time

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: For AI processing of your content and marketing communications
• Contract Performance: To provide the expense tracking services you requested
• Legitimate Interest: For app improvement, technical support, and anonymous analytics data collection

6. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States where Google's AI services are operated. We ensure adequate protection through:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Certification schemes such as Privacy Shield (where applicable)

7. Opt-Out Rights

You can stop all collection of information by the Application easily by uninstalling it. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

8. Data Retention Policy

The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. If you'd like them to delete User Provided Data that you have provided via the Application, please contact them at [email protected] and they will respond in a reasonable time.

9. Children

The Service Provider does not use the Application to knowingly solicit data from or market to children under the age of 13. The Application does not address anyone under the age of 13. The Service Provider does not knowingly collect personally identifiable information from children under 13 years of age. In the case the Service Provider discover that a child under 13 has provided personal information, the Service Provider will immediately delete this from their servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact the Service Provider ([email protected]) so that they will be able to take the necessary actions.

10. Security

The Service Provider is concerned about safeguarding the confidentiality of your information. The Service Provider provides physical, electronic, and procedural safeguards to protect information the Service Provider processes and maintains.

11. Data Breach Notification

In the event of a data breach that may pose a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

12. Changes

This Privacy Policy may be updated from time to time for any reason. The Service Provider will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.

This privacy policy is effective as of 2025-09-16

13. Your Consent

By using the Application, you are consenting to the processing of your information as set forth in this Privacy Policy now and as amended by us.

14. Contact Us

If you have any questions regarding privacy while using the Application, or have questions about the practices, please contact the Service Provider via email at [email protected].