Back

Privacy Policy

Last updated: December 19, 2024

1. Introduction

Welcome to Jointly ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personal finance tracking application.

By using Jointly, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (first and last name, if provided)
  • Profile picture (if you sign in with Google)
  • Authentication credentials (securely hashed)

2.2 Financial Data

To provide our finance tracking services, we collect and store:

  • Account names and types (bank, cash, savings, investments)
  • Account balances
  • Transaction amounts, dates, and categories
  • Transaction descriptions (as entered by you)
  • Currency preferences

Important: We do not connect to your actual bank accounts. All financial data is manually entered by you. We do not have access to your bank credentials, account numbers, or any external financial institutions.

2.3 Usage Data

We automatically collect certain information when you use our service:

  • Device type and operating system
  • Browser type
  • IP address
  • Pages visited and features used
  • Date and time of access

2.4 Local Storage Data

We store certain preferences locally on your device:

  • Theme preference (light/dark mode)
  • Privacy mode setting
  • Preferred display currency
  • Selected project ID

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process and display your financial data
  • Generate insights, analytics, and reports about your finances
  • Enable joint finance tracking with your invited members
  • Send important service-related communications
  • Respond to your requests and support inquiries
  • Detect, prevent, and address technical issues or fraud
  • Comply with legal obligations

4. Data Storage and Security

4.1 Where We Store Data

Your data is stored on secure servers provided by our infrastructure partners (Supabase for authentication and MongoDB for application data). These services employ industry-standard security measures including encryption at rest and in transit.

4.2 Security Measures

We implement:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of data at rest
  • Secure authentication via Supabase Auth
  • JWT-based API authentication
  • Rate limiting to prevent abuse
  • Project-based access controls (you can only access data you own or are invited to)

4.3 Data Encryption Notice

Your financial data (transaction amounts, account balances) is stored in our database with encryption at rest but is not end-to-end encrypted. This allows us to provide features such as search, filtering, analytics, and insights. Access to your data is strictly controlled through authentication and authorization mechanisms.

5. Data Sharing

5.1 With Project Members

When you invite someone to your project or join someone else's project, all members of that project can view the shared financial data (accounts, transactions, and analytics) within that project.

5.2 With Service Providers

We may share data with third-party service providers who assist us in operating our service:

  • Supabase (authentication services)
  • MongoDB Atlas (database hosting)
  • Hosting and infrastructure providers

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.3 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information or financial data to third parties for marketing or any other purposes.

5.4 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your personal information
  • Deletion: Request deletion of your account and associated data
  • Export: Request an export of your data in a portable format
  • Withdraw Consent: Stop using our service at any time

To exercise any of these rights, please contact us at the email address provided below.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide you services. If you request account deletion, we will delete your personal data within 30 days, except where we are required to retain certain information for legal or legitimate business purposes.

8. Account Deletion

You have the right to delete your account at any time through the app settings. When you delete your account:

8.1 What Gets Permanently Deleted

  • Your authentication credentials and login access
  • Your profile information (name, email, avatar)
  • All projects you own and their associated data
  • Your memberships in other users' projects

8.2 What Gets Retained

For accounting integrity and to protect other users:

  • Transaction records you created in shared projects remain visible to other project members (your name may be anonymized or shown as "Deleted User")
  • This ensures other users' financial records remain accurate and complete

8.3 Irreversibility

Account deletion is permanent and irreversible. Once deleted, you cannot recover your account or any associated data. If you wish to use Jointly again, you will need to create a new account.

8.4 Impact on Other Users

If you own projects with other members, deleting your account will also delete those projects, causing all members to lose access. We recommend transferring project ownership to another member before deleting your account if you want the project to continue.

9. Children's Privacy

Jointly is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Users

Our services are primarily designed for users in Lebanon and the Middle East region. If you access our service from other locations, please be aware that your data may be transferred to and processed in countries with different data protection laws than your country of residence.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@jointly-app.com