Privacy Policy
Effective Date: January 1, 2025
1. Introduction
ZenNudge ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ZenNudge (the "App").
Our Privacy Promise: ZenNudge is designed with privacy at its core. We never access your bank accounts, never sell your data, and give you full control over your information.
Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.
2. Information We Collect
2.1 Information You Provide
When you use ZenNudge, you may provide us with the following types of information:
| Category | Data Types | Purpose |
|---|---|---|
| Account Information | Email address, authentication provider (Google or Apple) | Account creation, authentication, and account recovery |
| Financial Goals | Goal names, descriptions, target amounts, progress notes | Track your savings goals and display progress |
| Bill Information | Bill names, amounts (fixed or ranges), due dates, payment account nicknames | Send bill reminders and track payment history |
| Spending Tracking | Purchase amounts, merchant names, dates, notes, spending triggers | Help you understand and manage impulse spending |
| Location Preferences | State, county, city (user-entered, not GPS) | Display relevant financial deadlines (taxes, renewals) |
| Life Events | Event types (marriage, job change, etc.), dates | Suggest relevant financial deadlines based on life changes |
2.2 Information Collected Automatically
When you use the App, we automatically collect certain information:
- Device Information: Device type, operating system version, app version, and timezone
- Usage Analytics: Anonymous app usage patterns (screens viewed, features used) without personal identifiers
- Error Reports: Crash logs and error information to improve app stability (with sensitive data automatically removed)
What We Do NOT Collect: We never collect your bank credentials, account numbers, credit card numbers, Social Security numbers, GPS location, contacts, photos, or any data from other apps on your device.
2.3 Information NOT Included in Analytics
Our analytics explicitly exclude:
- Personal information (names, email addresses)
- User-generated content (goal names, notes, bill descriptions)
- Specific financial amounts or merchant names
- IP addresses or device identifiers
- Individual check-in responses or progress notes
3. How We Use Your Information
We use the information we collect to:
- Provide App Functionality: Display your goals, bills, and spending data; send reminders and notifications
- Personalize Your Experience: Show relevant financial deadlines based on your location and life events
- Improve the App: Analyze anonymous usage patterns to enhance features and fix bugs
- Maintain Security: Detect and prevent fraud, abuse, and security incidents
- Communicate With You: Send important updates about your account or the App
We do not use your information to:
- Sell or rent your data to third parties
- Display targeted advertisements
- Create marketing profiles
- Share with data brokers
4. Data Storage & Security
4.1 Where Your Data Is Stored
Your data is stored in two locations:
- On Your Device: Authentication tokens are stored securely in iOS Keychain (encrypted by Apple's security framework)
- Cloud Storage: Account and app data is stored on Supabase, a secure cloud database provider with industry-standard encryption
4.2 Security Measures
We implement robust security measures to protect your data:
- Encryption: All data transmitted between your device and our servers uses HTTPS/TLS encryption
- Secure Token Storage: Authentication tokens are stored in iOS Keychain with device-level encryption
- Data Sanitization: Sensitive patterns (emails, passwords, tokens) are automatically removed from error logs before transmission
- App Integrity: We verify app signatures and detect jailbroken devices to prevent tampering
- Access Controls: Your data can only be accessed with your authenticated account
4.3 Data Breach Response
In the unlikely event of a data breach, we will:
- Notify affected users within 72 hours of discovery
- Provide information about what data was affected
- Take immediate steps to secure your account
- Report to relevant authorities as required by law
5. Third-Party Services
ZenNudge uses the following third-party services to provide app functionality:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database and authentication | Account data, goals, bills, spending data (encrypted) |
| Google Sign-In | Authentication option | Email address, authentication token |
| Sign in with Apple | Authentication option | Email address (can be hidden), authentication token |
| Sentry | Error monitoring and crash reporting | Anonymized crash reports with sensitive data removed |
Each of these services has their own privacy policies:
6. Your Privacy Rights
You have the following rights regarding your personal data:
6.1 Access Your Data
You can view all your personal data within the App at any time. For a complete data export, contact us at adarsh.thampy@gmail.com.
6.2 Correct Your Data
You can edit or update your information directly within the App, including goals, bills, spending entries, and profile settings.
6.3 Delete Your Data
You can delete your account and all associated data at any time through the App settings. When you delete your account:
- All your goals, bills, check-ins, and spending data are permanently deleted
- Your authentication tokens are removed from your device
- Analytics events associated with your account are deleted
- This action cannot be undone
6.4 Data Portability
You can request a copy of your data in a machine-readable format by contacting us at adarsh.thampy@gmail.com.
6.5 Opt-Out of Analytics
While our analytics are anonymous and do not contain personal information, you can contact us to opt out of analytics data collection entirely.
7. Children's Privacy
ZenNudge is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at adarsh.thampy@gmail.com and we will delete such information.
8. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
8.1 Right to Know
You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose, and the categories of third parties with whom we share it.
8.2 Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions.
8.3 Right to Correct
You have the right to request correction of inaccurate personal information.
8.4 Right to Opt-Out of Sale/Sharing
We do not sell or share your personal information. ZenNudge does not sell, rent, or share your personal information with third parties for their marketing purposes.
8.5 Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights.
8.6 Sensitive Personal Information
ZenNudge collects financial information (bill amounts, spending data) that may be considered sensitive under CPRA. This information is used solely to provide App functionality and is never sold or shared for advertising purposes.
To exercise these rights, contact us at adarsh.thampy@gmail.com or use the data deletion feature in the App.
9. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):
9.1 Legal Basis for Processing
We process your personal data based on:
- Contract Performance: To provide the App services you requested
- Legitimate Interests: To improve our App and prevent fraud
- Consent: For optional features like push notifications
9.2 Your GDPR Rights
In addition to the rights listed in Section 6, you have:
- Right to Restrict Processing: Request that we limit how we use your data
- Right to Object: Object to processing based on legitimate interests
- Right to Lodge a Complaint: File a complaint with your local data protection authority
9.3 International Data Transfers
Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place, including encryption and contractual protections with our service providers.
10. Data Retention
We retain your personal data for as long as your account is active or as needed to provide you with our services. Specifically:
- Account Data: Retained until you delete your account
- Goals, Bills, Spending Data: Retained until you delete the items or your account
- Analytics Events: Retained for up to 365 days, then automatically deleted
- Error Logs: Retained for up to 90 days for debugging purposes
When you delete your account, all associated data is permanently deleted from our systems within 30 days.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will:
- Update the "Effective Date" at the top of this policy
- Notify you through the App or via email
- Obtain your consent if required by applicable law
We encourage you to review this Privacy Policy periodically. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
- Email: adarsh.thampy@gmail.com
- General Support: adarsh.thampy@gmail.com
- Website: https://zennudge.com
We aim to respond to all privacy inquiries within 30 days.