Privacy Policy — Who Owes

1. Who we are

Who Owes ("we", "our" or "the app") is a mobile app that lets you track debts and amounts you owe or are owed, by person and by period. This policy describes what data we collect, what we use it for, and how we handle it.

2. Data we collect and use

2.1 Account and authentication

• Email and password: when you sign up or sign in with email. The password is stored securely by our authentication provider (Supabase).
• Sign in with Apple: when you use "Sign in with Apple", we receive an identifier and, if you allow, your email. Processing follows Apple's rules.
• Session: to keep you signed in, we store an encrypted session token locally on the device.

2.2 In-app profile

• Display name: the name shown in the app (e.g. "Welcome, [name]").
• PIX key: optional; used only for you to include your PIX key in the reminder message you send via WhatsApp.
• Account status: whether you completed onboarding, whether the account is active or deactivated and the deactivation date (for the 30-day period before closure).

2.3 People and transactions

• People: name, email, phone and notes you provide; optionally, photo (avatar) and link to a device contact (contact identifier).
• Transactions: amounts, description, due date, payment date (if provided), type (I owe / owes me), status (paid or not), installments, recurrence and link to a person.

This data is needed for the app to work ("I owe" / "I'm owed" dashboard, lists by person and period).

2.4 Device contacts (optional)

If you choose to link a "person" to a device contact, the app will request contact access. We use it only to:

• Show the contact picker so you can choose who to link.
• Get the contact's name and, if available, photo to fill in or display in the app.
• We do not import or store your full contact list on our servers; we only store the contact identifier linked to the "person" you created.

2.5 Store rating

The app may ask you to rate it on the App Store or Google Play (or open the store page). We record the last time we asked so we don't ask again for a period (e.g. 3 months).

3. Third-party services and shared data

3.1 Infrastructure and storage

• Supabase: hosts authentication, database (profile, people, transactions) and file storage (avatar photos). Data is on Supabase servers (location per Supabase contract).
• Firebase (Google): we use it for usage analytics and remote config, as described below.

3.2 Usage analytics (Firebase Analytics)

To understand how the app is used and improve the product, we send anonymous or pseudonymized events, for example:

• Screens viewed (screen name).
• Login method (email or Apple).
• A user identifier (your account ID in the app, not email).
• Events such as tutorial start/end, person creation, transaction create/edit, subscription screen view, upgrade or ad prompts shown.

We do not send transaction amounts, people's names or PIX key to Firebase.

3.3 Advertising (Google Mobile Ads)

Free plan users may see ads in the app (e.g. banner). On iOS we may request tracking permission (ATT – App Tracking Transparency). If you allow, data may be used for personalized ads; if not, ads remain non-personalized. On Android, use of identifiers for ads follows Google settings and Google Advertising policy. Data processing for ads is governed by Google's Privacy Policy.

3.4 Subscriptions (RevenueCat)

To manage the "Who Owes Pro" subscription (purchase, restore, subscriber status), we use RevenueCat. They receive an anonymous identifier and purchase info (e.g. product, subscription state). Data handling by RevenueCat is in their privacy policy.

3.5 Remote config (Firebase Remote Config)

The app fetches server config (e.g. free plan limits, ad parameters). This does not involve personal data that directly identifies you.

3.6 WhatsApp

The "Remind via WhatsApp" feature generates text in the app (amount, details and optionally your PIX key). You send the message via WhatsApp. We do not send data to WhatsApp; you decide if and when to share the message.

4. Legal bases (LGPD)

• Contract performance and service delivery: account, profile, people, transactions and avatar storage.
• Consent: contact access (when you authorize) and, on iOS, tracking for ads (ATT).
• Legitimate interest: usage analytics (Firebase Analytics) and app improvement, with limited events and no financial or PIX data in analytics.

5. Retention and deletion

• While the account is active: we keep account, profile, people and transaction data for as long as needed for the service.
• Account deactivation and deletion: in settings you can "Delete account". This deactivates the account and records the deactivation date. After the 30-day grace period, the account is considered closed. We may then handle data per our retention policy (e.g. deletion or anonymization).
• Data in third-party services: Analytics, advertising and RevenueCat follow each provider's policies and terms. You can ask us to stop sending new data once the account is closed.

6. Your rights (LGPD)

You may, to the extent the law allows:

• Access the data we hold about you.
• Correct incomplete or outdated data (many can be changed in settings and in the app).
• Request deletion of data (including via "Delete account" and, after 30 days, final closure).
• Revoke consent (e.g. disable contact permission in the device; on iOS, revoke tracking permission).
• Request portability or more information about processing.

To exercise these rights, use the email or contact channel we provide in the app or store (e.g. developer page).

7. Security

• Authentication and session with a secure provider; encrypted session token on the device.
• Use of HTTPS and access policies for database and storage (Supabase).
• Sensitive data (e.g. PIX key) processed only in the context of the app and the message you send.

8. Minors

Who Owes is not intended for users under 13. We do not knowingly collect data from minors. If we become aware of minor data, we will handle it in accordance with the law (e.g. deletion).

9. Changes to this policy

We may update this policy (e.g. due to feature or partner changes). The "Last updated" at the top will be changed and, when relevant, we may notify in the app or by email. Continued use of the app after publication constitutes acceptance of the new version.