Privacy Policy

Your financial data (expense records, split calculations, savings goals) is kept secure and private, but we do not have access to your bank accounts, credit cards, or any actual funds.

We collect information you provide directly to us, and certain information automatically when you use the app.

Account & Profile

• • Name, email address, and profile picture
• • Preferred language and currency
• • Authentication credentials (password hashes are never stored in plaintext)

Financial & Budgeting Data

• • Expenses, categories, amounts, and notes you enter
• • Savings goals, budgets, and wealth allocations
• • Group expense splits and settlement records you create with other users

Folosat does not connect to your bank. We never see real account balances, card numbers, or transaction feeds — only the data you manually enter.

Camera & Photo Library

With your explicit permission, we access your camera and photo library only when you choose to attach a receipt image to an expense. Photos are stored with your expense record and are never accessed without your action.

Biometric Authentication (Face ID / Touch ID)

If you enable Face ID or Touch ID to unlock the app, authentication happens entirely on your device via Apple's Secure Enclave. Folosat never receives, stores, or transmits your biometric data.

Push Notification Tokens

When you enable notifications, we store a device-specific push token so we can deliver notifications about your budgets, goals, group expenses, and settlements. Tokens are deleted when you sign out or uninstall the app.

Device & Usage Data

• • Device type, operating system version, app version
• • IP address (used for security and abuse prevention)
• • In-app interactions (which screens you visit, which features you use) for product improvement

Folosat lets you sign in with Google or Apple. When you choose one of these options:

• • Google: We receive your name, email address, and profile picture from Google. We do not receive or request any other Google account data.
• • Sign in with Apple: We receive a unique Apple user identifier and, if you choose, your name and email. If you use Apple's private email relay, we only see the relayed address and cannot see your real email.

We use these details only to create and maintain your Folosat account. We never post to, read from, or otherwise access your Google or Apple account beyond this initial authentication.

We use the information we collect to provide, maintain, and improve our services.

• • Provide and maintain your account
• • Process transactions and split expenses
• • Send notifications and updates
• • Improve our AI features and user experience
• • Provide customer support

We implement appropriate security measures to protect your personal information.

• • End-to-end encryption for sensitive data
• • Regular security audits and updates
• • Secure cloud infrastructure
• • Limited access controls for our team

You have several rights regarding your personal data:

• • Access and download your data
• • Correct inaccurate information
• • Delete your account and data
• • Opt out of communications
• • Data portability

You can permanently delete your Folosat account and all associated data directly inside the app, with no need to contact support:

1. Open Folosat and go to Settings
2. Scroll to the Danger Zone section
3. Tap Delete Account
4. Type DELETE to confirm

Once confirmed, your profile, expenses, budgets, goals, wealth containers, group memberships, settlement history, notifications, and push tokens are removed from our systems immediately. Backup copies are purged within 30 days.

Note: Expenses and settlements shared in a group with other users may remain visible to those users as part of their own records, but your personal identifiers are disassociated from them.

You may also email hello@folosat.com to request deletion if you no longer have access to the app.

We retain your personal data for as long as your account is active. When you delete your account, we remove your data immediately from our live systems and purge it from encrypted backups within 30 days. Anonymized, aggregate usage statistics (which cannot be linked back to you) may be retained indefinitely for product analytics.

Folosat is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us at hello@folosat.com and we will promptly delete the information.

Folosat is hosted on infrastructure provided by Supabase, with data stored in secure data centers in Stockholm, Sweden (North EU region). If you access the app from outside the European Economic Area, your data will be transferred to and processed in the EU under standard contractual clauses that ensure an adequate level of data protection.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you in the app or by email and update the "Last updated" date at the top of this page. Your continued use of Folosat after a change takes effect means you accept the updated policy.