Privacy Policy for Magpie

2.1 Personal Information

We collect the following personal information from you:

• Email address
• Username (which may or may not be your real name)
• Name and profile picture (if you sign in with Google)

2.2 Financial Information

Through our integration with GoCardless, we collect and store the following transaction data from your connected bank accounts and credit cards:

• Transaction ID
• Institution ID
• Payment amount
• Transaction date
• Currency
• Transaction description
• Creditor name and account information
• Debtor name
• Proprietary Bank Transaction Code
• Internal Transaction ID
• Account ID

2.3 Group and Sharing Information

When you use the expense sharing features:

• Information about group members (email addresses and usernames)
• Details of shared expenses and payment splits
• Group membership information

2.4 Device Permissions

We may request the following optional permissions:

• Camera access (for capturing receipts or profile pictures)
• Notification permissions (to send you app-related notifications)

3.1 Core App Functionality

• Providing expense tracking and splitting services
• Connecting to your bank accounts and credit cards through GoCardless
• Displaying transaction history and expense splits
• Managing group memberships and shared expenses
• Converting currencies using the ECB exchange rate API

3.2 Communication and Support

• Providing customer support and responding to your inquiries
• Sending you service-related notifications
• Marketing communications (including email marketing)

3.3 Analytics and Improvement

• Analyzing app usage through Google Analytics, Firebase Analytics, and Railway Analytics
• Improving our services and developing new features

4.1 Data Storage

Your data is stored in two locations:

• Local Storage: Transaction data is cached locally on your device using Room database
• Remote Storage: Your data is stored on our PostgreSQL database hosted on Railway servers in the Netherlands

4.2 Security Measures

We implement appropriate security measures to protect your data:

• All communications use HTTPS encryption
• Passwords are stored as hashes, not in plain text
• Rate limiting on transaction requests
• Regular security updates and monitoring

4.3 Bank Account Connection

Your bank account connection through GoCardless is authorized for 3 months, after which you must reauthorize the connection.

5.1 Third-Party Services

We share data with the following third-party services:

• GoCardless: For bank account and credit card connections (only data necessary for the service)
• Google: If you sign in with Google, we share authentication data
• ECB Exchange Rate API: We access exchange rates but do not share any user data
• Analytics Services: Google Analytics, Firebase Analytics, and Railway Analytics for app improvement

5.2 Group Members

When you participate in expense sharing groups, other group members can see:

• Your username and email address
• Payment amounts for shared expenses
• Transaction booking dates
• Bank or credit card company names
• Transaction descriptions for expenses you've shared

5.3 Legal Requirements

We may disclose your information if required by law or to protect our rights and the safety of our users.

6.1 Active Users

We retain your personal data for as long as your account is active and you continue to use our services.

6.2 Account Closure

After you close your account, we retain your data for 5 years to:

• Resolve any disputes
• Comply with legal obligations
• Maintain accurate records for other users in shared groups

6.3 Data Deletion Requests

When you request data deletion:

• We cannot fully delete your data if it's part of shared expenses with other users
• We will anonymize your personal information while retaining necessary transaction data
• We remove personal identifiers such as your name, email address, transaction IDs, and account numbers
• We retain payment amounts, dates, and involvement in payments for group accuracy

7.1 Access and Portability

• Request access to your personal data
• Request a copy of your data in a portable format

7.2 Rectification

• Request correction of inaccurate personal data

7.3 Erasure

• Request deletion of your personal data (subject to limitations for shared expenses)

7.4 Restriction and Objection

• Request restriction of processing
• Object to processing for direct marketing

7.5 Exercising Your Rights

To exercise these rights, contact us at support@magpie.money.

8.1 Account Deletion Request

You can request deletion of your Magpie account at any time. To request account deletion:

• Visit: magpie.money/delete-account
• Or email us at: support@magpie.money with the subject "Account Deletion Request"

We will process your request within 30 days.

8.2 Data Deletion Request

You can request deletion of specific data associated with your account. To request data deletion:

• Visit: magpie.money/delete-data
• Or email us at: support@magpie.money with the subject "Data Deletion Request"

Please specify which data you would like deleted in your request.

8.3 Limitations on Deletion

Important: We may not be able to completely delete your account or data if you are involved in unsettled group expenses. This is because:

• Other users in your groups depend on accurate expense records
• Deleting your data would corrupt the expense calculations for other group members
• We need to maintain transaction integrity for financial accuracy

If you have unsettled balances:

• We will anonymize your personal information (name, email, profile picture)
• We will remove transaction IDs and account identifiers
• We will retain only the minimum data necessary to maintain accurate group expense records (payment amounts, dates, and group involvement)

If all your groups are settled: We can perform a complete account deletion, removing all your personal and transactional data from our systems.

8.4 Deletion Timeline

Once we receive your deletion request, we will:

• Acknowledge your request within 5 business days
• Complete the deletion process within 30 days
• Notify you when the deletion is complete
• Provide details about any data that could not be fully deleted due to unsettled balances