Privacy Policy
Date of Publication: December 27, 2025
This Privacy Policy governs the procedure for processing and ensuring the security of Personal Data during the provision of the Services. References to the words "you" or "your" (or similar expressions) refer to the User, depending on the context of this Privacy Policy. References to the words "we," "our," or "us" (or similar expressions) refer to the Service. The words “he” / “she” and their derivatives in this document may apply to both male and female individuals, depending on the context.
1. DEFINITIONS
1.1. Application “Spendient” (hereinafter the “App”) is a software product in the form of a mobile application made available by the Company to Users, which provides functionality for personal finance management, including recording, storing, categorizing, and analyzing information about expenses and incomes, setting budgets and financial categories, generating summaries and insights, and enabling related user settings and notifications within the scope of the Services.
1.2. Personal Data means any information that directly or indirectly allows you to identify the User. For example, first name, last name, phone number, and IP address.
1.3. Services means the functionality and features made available by the Company through the App, including (as applicable) recording and managing expenses and incomes, budgets, categories, notes/tags, reminders, analytics/insights, and subscription features.
1.4. Company is Private Entrepreneur Ivan Denisov (TIN:3442816551, legal address: Ukraine, 16200, Chernihiv region, Novgorod-Siverskyi district, urban-type settlement Korop(z), Kyivskyi district, house 5) that provides the User with access to the App and enables the User to use the Services for personal finance management, including recording, organizing, and analyzing information about expenses and incomes, generating summaries and insights, and managing the related settings within the App.
1.5. User is an individual or legal entity to whom the Company provides Services.
1.6. Third Party means a natural or legal person, government agency, institution or body besides the Company or the User, the Controller or the Processor.
1.7. Controller means any natural or legal person, government agency, institution, or other body that independently determines the purposes and means of personal data processing.
1.8. Processor is a natural or legal person, government agency, institution, or other body that processes Personal Data on behalf of the Controller.
1.9. User Consent (hereinafter “Consent”) means a voluntary, specific, informed, and unequivocal expression of will, in which the User, by a statement or explicit affirmative action, agrees to the processing of the User’s Personal Data and to comply with the terms of this Privacy Policy.
1.10. GDPR (General Data Protection Regulation) means the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, which entered into force on 25 May 2018 and applies to all companies processing the personal data of individuals located within the European Economic Area (EEA), regardless of the company’s place of registration.
2. GENERAL PROVISIONS
2.1. The Company provides the Services to Users in different jurisdictions through the App. The processing of Personal Data in connection with the provision of the Services is carried out in accordance with this Privacy Policy and the requirements of applicable data protection laws, including, where applicable, the GDPR.
2.2. For the purposes of this Privacy Policy, the Company acts as the Controller in relation to the Personal Data processed in connection with the operation of the App and the provision of the Services. Where the Company engages Third Parties to support the provision of the Services (for example, hosting, analytics, customer support, or payment processing), such Third Parties may act as Processors or as independent Controllers, depending on the nature of their role and the applicable legal framework.
3. PERSONAL DATA
3.1. The Company may collect the following Personal Data about the User within the scope of providing the Services through the App:
3.1.1. authorization token provided by the User to connect the App with a third-party banking API on a read-only basis;
3.1.2. transaction data received by the Company via such token, including:
3.1.2.1. id (unique transaction identifier),
3.1.2.2. time (transaction time),
3.1.2.3. description (transaction description),
3.1.2.4. mcc (Merchant Category Code),
3.1.2.5. amount (transaction amount),
3.1.2.6. currencyCode (currency code),
3.1.2.7. balance (account balance after transaction),
3.1.2.8. comment (payment comment), where available.
The Company does not directly collect the User’s full name, phone number, email address, geolocation, or physical address. However, the Company may request such data from the User where it is necessary for a specific feature of the App or for providing the Services. In such case, such Personal Data will be processed in accordance with this Privacy Policy.
3.2.This Privacy Policy complies with the Google Play requirements regarding transparency in the collection and processing of data and reflects the same categories of personal and non-personal data as indicated in the Data Safety Form in the Google Play Console.
3.3.The Company does not collect or process sensitive Personal Data of Users, such as race or ethnic origin, political views, religious or philosophical beliefs, union membership, genetic or biometric data, health information, sexual life or sexual orientation.
3.4.In particular, the App may collect and process the following categories of data:
|
Data Category |
Data Type |
Data Processing |
Data Transferring |
Purpose of Data Processing |
|
Personal Data |
Name, surname, email address, phone number, postal/physical address and other contact details, to the extent such information is specifically requested by the Company and voluntarily provided by the User. |
Yes |
Yes (communication, email and cloud infrastructure providers acting on behalf of the Company) |
Communication with the User, provision of support, sending service-related notices, and, where applicable, verification of the User in connection with specific features of the App or the Services. |
|
Personal Data |
Authorization token issued by a third-party banking API and provided by the User; internal User identifier in the App (where applicable). |
Yes |
Yes (cloud hosting / database provider acting on behalf of the Company) |
Linking the App to the User’s external bank account on a read-only basis, retrieving and synchronizing the User’s transaction feed, and ensuring secure access control to the User’s data within the App. |
|
Financial information |
Financial transaction data associated with the User’s account and received via a third-party banking API in connection with the use of the Services (as described in this Privacy Policy). |
Yes |
Yes (cloud hosting / database provider acting on behalf of the Company) |
Providing the Services in the App, including recording, storing, displaying, categorizing and analyzing the User’s expenses and incomes, updating balances, and generating financial summaries and insights. |
3.5 When visiting the App or receiving Services, Company may collect the following Personal Data automatically:
3.5.1 IP address;
3.5.2 time zone and language settings;
3.5.3 operating system, device type and screen resolution;
3.5.4 the country or region from which the User accesses the App;
3.5.5 data about the User’s interaction with the App, including technical information about requests to and from the App (including date and time), response time of interface elements, loading errors, duration of use of particular screens or functions, interaction data (such as scrolling, taps and other in-App actions) and methods used to close or leave specific screens or sections of the App.
3.6 The Company has the right to collect and receive Personal Data as follows:
3.6.1 when the User uses the App and the Services and directly provides information, including when linking a third-party banking API token, entering financial information, or adjusting settings in the App;
3.6.2 through the automatic use of server logs, local storage, device identifiers, software development kits (SDKs) and other technical or analytics tools integrated in the App and the Company’s backend infrastructure;
3.6.3 during communication between the User and the Company via email, in-App support or other communication channels indicated by the Company;
3.6.4 from the User’s interactions with the Company’s official pages, profiles or accounts on social media platforms, to the extent such interactions involve the voluntary provision of Personal Data by the User.
3.7 The Company has the right to use Personal Data for the following purposes to:
3.7.1 provision, support and improvement of the Services through the App, including recording, displaying, categorizing and analyzing expenses and incomes, updating balances and generating summaries and insights;
3.7.2 ensure the security and integrity of the App, the Company’s APIs, databases and other technical infrastructure, including prevention of unauthorized access and misuse;
3.7.3 administer the App and the Company’s backend systems and conduct internal operations, including troubleshooting, data analysis, testing and, where applicable, internal surveys or measurements related to the performance of the Services;
3.7.4 improve the functionality, performance and user experience of the App, including adapting certain features to the User’s technical environment or stated preferences;
3.7.5 communication with the User, including providing support, responding to requests or inquiries, and sending service-related or technical notifications;
3.7.6 respond to requests from law enforcement authorities or other competent public bodies where the Company is legally obliged to do so;
3.7.7 initiate and conduct responses to legal claims, investigations or dispute resolution procedures involving the User or third parties in connection with the App or the Services.
4. FINANCIAL TRANSACTION DATA
4.1. The Company processes financial transaction data relating to the User only after the User has provided a valid access token issued by the User’s bank or other third-party banking API provider. Such token grants the Company read-only access to the User’s transaction feed through a personalized endpoint and does not allow the Company to initiate payments, execute transactions, change any data in the User’s bank account, or otherwise manage the User’s funds.
4.2. Transaction data received in this way (as described in the list of Personal Data above) is stored in an encrypted database hosted on the infrastructure of a specialized cloud service provider (including, as applicable, database hosting services such as Heroku) with restricted access rights. Encryption keys and access credentials are protected using SHA-256 or equivalent industry-standard cryptographic mechanisms, and access to the database is limited to authorized technical personnel of the Company and/or its contractors to the extent strictly necessary for maintenance, support, and security of the Services.
4.3. The Company’s API stores transaction records received via the User’s access token and provides them back to the App in a read-only mode, using filters based on the User’s token and the date of the last update so that only the most recent transactions are retrieved. The App, in turn, receives transaction data from the Company’s API, saves it to the App’s local storage, converts it into the App’s internal transaction model, and updates local account balances according to the information contained in the transaction data.
4.4. The processing and storage of financial transaction data are carried out in accordance with applicable personal data protection legislation, including, where applicable, the General Data Protection Regulation (GDPR) and the Law of Ukraine “On Personal Data Protection”, and in compliance with the principles of lawfulness, fairness, transparency, purpose limitation, and data minimization.
5. TRANSFER OF PERSONAL DATA
5.1. The Company may transfer Personal Data to entities with which the Company cooperates in the implementation and provision of Services:
5.1.1. Payment service providers and app store operators. Where the User purchases paid features or subscriptions related to the App, certain Personal Data necessary to process such payments may be transferred to payment service providers and/or app store operators. In such cases, the processing of payment information is carried out in accordance with the privacy policies of the respective payment service providers and app store operators.
5.1.2. Cloud infrastructure and database hosting providers. Personal Data (including financial transaction data received via third-party banking APIs) may be stored and processed using cloud infrastructure, database hosting and related technical services engaged by the Company for secure hosting, backup, encryption and maintenance of the Company’s systems.
5.1.3. Contractors and employees. The Company may transfer Personal Data to its employees and to external contractors who provide professional or technical support to the Company, including legal, tax, accounting, information security, IT maintenance, development, analytics and other support services, to the extent necessary for the proper provision and support of the Services.
5.1.4. Counterparties in corporate transactions. The Company has the right to disclose or transfer Personal Data in connection with corporate transactions, including acquisition or merger, financing, corporate reorganization, joint venture, sale of assets, or bankruptcy, subject to compliance with applicable personal data protection legislation and safeguards for the rights of the Users.
5.1.5. Courts, law enforcement and state bodies. The Company has the right to transfer Personal Data to courts, law enforcement authorities, supervisory bodies and other competent public authorities where such transfer is required for the fulfilment of legal obligations, including on the basis of a court order, request of an authorised body or other procedure provided for by applicable law.
5.2. All transfers of Personal Data are carried out to the minimum extent necessary, on the basis of appropriate contractual or legal safeguards, and subject to confidentiality obligations and requirements for adequate protection of Personal Data.
6. USER CONSENT
6.1. The User provides voluntary, specific, informed, and unambiguous consent to the processing of their Personal Data in accordance with this Privacy Policy by performing one or more of the following actions:
6.1.1. clicking the “Connect”, “Continue”, “Confirm”, “Agree” or similar button in the App, where such action is accompanied by a reference to this Privacy Policy or to data processing terms;
6.1.2. linking a third-party banking API token (including, but not limited to, a token issued by a bank) to the App in order to enable the retrieval and processing of transaction data for the purposes of the Services;
6.1.3. adjusting settings in the App that clearly indicate consent to specific types of data processing (for example, enabling certain analytics or notification features, where applicable);
6.1.4. submitting a request or communication to the Company that contains Personal Data, after being informed that such data will be processed under this Privacy Policy;
6.1.5. confirming consent via a pop-up window, checkbox, in-App notice, or other electronic confirmation mechanism made available by the Company.
6.2. By giving Consent to the processing of Personal Data, the User confirms that they have read and understood this Privacy Policy and agrees, in particular, that:
6.2.1. their Personal Data may be processed for the purpose of providing, maintaining, and improving the Services in the App, including linking a third-party banking API token, retrieving financial transaction data on a read-only basis, and displaying, categorizing, and analyzing such data within the App;
6.2.2. their Personal Data may be used to ensure the security and proper functioning of the App, the Company’s APIs, databases, and related technical infrastructure;
6.2.3. their Personal Data may be used for communication with the User, including responding to requests, providing support, and sending service-related or technical notifications;
6.2.4. their Personal Data may be processed through technical and analytics tools (including SDKs and cloud infrastructure) and may be transferred to the categories of recipients specified in this Privacy Policy, subject to appropriate safeguards;
6.2.5. their Personal Data may be processed for compliance with applicable legal obligations and for the protection of the rights and legitimate interests of the Company, the User, and third parties, as described in this Privacy Policy;
6.2.6. they are responsible for the accuracy and relevance of the Personal Data provided to the Company.
6.3. The User has the right to withdraw their Consent at any time. To withdraw Consent, the User may send an email request to: spendient@gmail.com. Withdrawal of Consent does not affect the lawfulness of processing based on Consent before its withdrawal. If the User withdraws Consent with respect to processing that is necessary for the provision of the core functionality of the Services (including processing of transaction data via a third-party banking API token), the Company has the right to restrict or terminate the provision of the Services and to discontinue all relations with the User, with subsequent deletion or anonymization of Personal Data to the extent permitted or required by applicable law.
7. PERSONAL DATA STORAGE AND PROTECTION
7.1. The Company uses all necessary technical, organizational and legal measures to protect Personal Data processed in connection with the App and the Services, in order to ensure its confidentiality, integrity and availability and to prevent unauthorized access, loss, alteration or disclosure.
7.2. The Company protects and stores Personal Data, including financial transaction data retrieved via third-party banking APIs, against:
7.2.1. loss or accidental destruction or damage;
7.2.2. unlawful or unauthorized use, transfer, disclosure, modification, deletion and/or destruction.
7.3. In accordance with Article 32 (“Security of processing”) of the GDPR, the Company may, where appropriate, implement in particular the following measures:
7.3.1. encryption of Personal Data in transit and at rest, including storage in encrypted databases hosted on secure third-party cloud infrastructure with access protected by cryptographic keys based on SHA-256 or equivalent industry-standard algorithms;
7.3.2. access control mechanisms and procedures that ensure Personal Data is available only to duly authorized employees, contractors and service providers acting on behalf of the Company and only to the extent necessary for the purposes described in this Privacy Policy;
7.3.3. technical and organizational procedures designed to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services used for the App and the Services;
7.3.4. regular testing, assessment and evaluation of the effectiveness of technical and organizational measures implemented to ensure the security of Personal Data.
7.4. The Company does not continue to store the User’s Personal Data where the User has properly exercised their right to erasure in accordance with Article 17 (“Right to erasure”) of the GDPR, except to the extent and for the period required by applicable law or necessary for the establishment, exercise or defence of legal claims.
7.5. The Company has the right to retain the User’s Personal Data for a period of up to three (3) years after the termination of the relationship with the User in the following cases:
7.5.1. for statistical accounting and internal business reporting in aggregated or otherwise limited form;
7.5.2. if applicable legislation requires the storage of such data for a longer or specific period (including, for example, accounting, tax or financial reporting requirements);
7.5.3. if such retention is reasonably necessary for the conduct of the Company’s business, including the establishment, exercise or defence of legal claims, handling of complaints, or performance of audits and internal controls.
8. GROUNDS FOR PERSONAL DATA PROCESSING
8.1. The Company processes Personal Data solely on the basis of valid legal grounds, in particular as provided by Article 6 of the General Data Protection Regulation (GDPR) and the applicable provisions of the legislation on personal data protection, including the Law of Ukraine “On Personal Data Protection”, where applicable.
8.2. The Company processes Personal Data on the following legal grounds:
8.2.1. User’s Consent – where the User voluntarily, specifically, informedly and unambiguously gives Consent to the processing of their Personal Data for one or more defined purposes, including the use of the App and the Services, as well as the retrieval and processing of financial transaction data via a third-party banking API on a read-only basis;
8.2.2. necessity for the performance of a contract – where processing is necessary for the conclusion and performance of the agreement between the User and the Company regarding the use of the App and the Services, including the provision of core functionality for personal finance management;
8.2.3. compliance with legal obligations – where processing is required for the Company to comply with obligations established by applicable law (including, where relevant, accounting, tax, financial reporting or regulatory requirements);
8.2.4. legitimate interests of the Company or third parties – where processing is reasonably necessary for the purposes of ensuring the security and proper functioning of the App and the Company’s technical infrastructure, improving and developing the Services, protecting the rights and legitimate interests of the Company, the User or third parties, and for the establishment, exercise or defence of legal claims, provided that such interests do not override the fundamental rights and freedoms of the User.
8.3. In cases where the legal basis for the processing of Personal Data is the User’s Consent, the User has the right to withdraw such Consent at any time. To withdraw Consent, the User may send an email to: spendient@gmail.com. Withdrawal of Consent does not affect the lawfulness of processing based on Consent before its withdrawal.
8.4. If the User withdraws Consent in relation to processing that is necessary for the provision of the core functionality of the Services (including processing of financial transaction data obtained via a third-party banking API), the Company has the right to restrict or terminate the provision of the Services and to discontinue all relations with the User. In such a case, the Company will permanently delete or anonymize the User’s Personal Data to the extent permitted or required by applicable law and to the extent it is not further needed for compliance with legal obligations or for the establishment, exercise or defence of legal claims.
8.5. The Company undertakes to cease the processing of Personal Data based solely on the withdrawn Consent within fifteen (15) business days from the date of proper receipt of the User’s withdrawal request.
9. USER RIGHTS (JURISDICTION OF UKRAINE)
9.1. This section of the Privacy Policy governs the processing of Personal Data belonging to Users who are residents of Ukraine, in accordance with the requirements of the legislation of Ukraine, in particular the Law of Ukraine "On Personal Data Protection," as well as within the scope of provisions consistent with the principles of international law and best practices for personal data processing.
9.2. The provisions of this section apply to Users and address specific requirements in accordance with the legislation of Ukraine, particularly the Law of Ukraine "On Personal Data Protection." Users are entitled to the following rights:
9.2.1. to receive information about the conditions for granting access to their Personal Data, including information about Third Parties to whom such data is transferred
9.2.2. to receive information, no later than thirty (30) calendar days from the date of receipt of the request (except as provided by law), as to whether their Personal Data is being processed;
9.2.3. to submit a reasoned request objecting to the processing of Personal Data;
9.2.4. to submit a reasoned request for the modification or deletion of Personal Data;
9.2.5. to the protection of Personal Data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision, as well as protection from the provision of false information or information that defames the honor, dignity, or business reputation of the User;
9.2.6. to file complaints with the court regarding the processing of Personal Data;
9.2.7. to apply legal remedies in case of violations of the legislation on personal data protection;
9.2.8. to include reservations regarding the limitation of the right to process Personal Data when giving Consent;
9.2.9. to withdraw Consent to the processing of Personal Data;
9.2.10. to know the mechanism of automatic processing of Personal Data;
9.2.11. to protection from automated decisions that have legal consequences for the User.
10. USER RIGHTS (EEA JURISDICTION)
10.1. This section of the Privacy Policy governs the processing of Personal Data belonging to Users who are residents of the member states of the European Economic Area (EEA), in accordance with the provisions of the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR). The processing of such Users’ Data is carried out on lawful grounds and in compliance with the principles of lawfulness, transparency, proportionality, purpose limitation, and data minimization as set forth by the GDPR.
10.2. When processing personal and statistical data, the Service grants the User the following rights:
10.2.1. Right of access (Article 15 GDPR). The User may contact us directly to access the Personal Data we hold about them, as well as any additional information provided for in Article 15 of the General Data Protection Regulation (GDPR).
10.2.2. Right to erasure (Article 17 GDPR). The User has the right to request the deletion of their Personal Data. In such a case, the Personal Data will be permanently deleted in accordance with Article 17 GDPR, unless legal exceptions apply.
10.2.3. Right to data portability (Article 20 GDPR). The User has the right to receive their Personal Data in a structured, commonly used, and machine-readable format and to transmit it to another controller or request its direct transmission to a third party, where technically feasible, pursuant to Article 20 GDPR.
10.2.4. Right to rectification (Article 16 GDPR). The User has the right at any time to request the update, correction, or completion of inaccurate or incomplete Personal Data in accordance with Article 16 GDPR.
10.2.5. Right to object (Article 21 GDPR). The User has the right to object at any time to the processing of their Data on grounds relating to their particular situation, pursuant to Article 21 GDPR.
10.2.6. Automated individual decision-making, including profiling (Article 22 GDPR). The User has the right not to be subject to a decision based solely on automated processing, including profiling, if such a decision produces legal effects concerning them or similarly significantly affects them, as set forth in Article 22 GDPR.
11. USER RIGHTS (USA)
11.1. This section of the Privacy Policy regulates the procedure for processing personal data of Users who are residents of the United States of America, taking into account the requirements of the legislation of individual U.S. states on the protection of personal information, in particular the California Consumer Privacy Act (CCPA/CPRA).
11.2. This section applies to Users who are residents of the United States of America. Within the framework of applicable legislation, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), Users have the right to exercise the following rights with respect to their Personal Data:
11.2.1. Right of access. The User has the right to request which Personal Data about them is stored by the Service, as well as to learn about the purpose of its processing, its source, and the categories of third parties to whom it may have been disclosed.
11.2.2. Right to deletion. The User has the right to request full deletion of their Personal Data, except in cases where its retention is necessary under applicable law.
11.2.3. Right to rectification. The User has the right to update, change, or supplement inaccurate or incomplete Personal Data stored by the Service.
11.2.4. Right to data portability. The User has the right to receive a copy of their Personal Data in a commonly used machine-readable format and to transfer this data to another service provider upon request.
11.2.5. Right to object. The User may object at any time to the processing of their Personal Data, including for marketing or analytical purposes.
11.2.6. Right to withdraw consent. The User has the right to withdraw previously given consent to the processing of Personal Data. In such a case, the Service reserves the right to discontinue the provision of Services.
12. SUBMISSION OF REQUEST
12.1. The User has the right to submit a request to the Company if they believe that the processing of their Personal Data is carried out in violation of applicable law or the provisions of this Privacy Policy, or in order to exercise their rights as a data subject.
12.2. The request shall be submitted in writing to the Company’s email address: spendient@gmail.com.
12.3. The User’s request must include:
12.3.1. a clear statement of the User’s demands to the Company;
12.3.2. a description of the alleged violation or the subject matter of the request;
12.3.3. sufficient identifying information to enable the Company to verify the User’s identity;
12.3.4. contact details for feedback.
12.4. The Company has the right to refuse to consider the request if:
12.4.1. the request does not contain specific demands or is insufficiently formulated;
12.4.2. the User’s identity cannot be verified or is doubtful;
12.4.3. the information provided in the request is inaccurate or incomplete.
12.5. If it is not possible to identify the User or verify the relevance of the Personal Data, the Company has the right to request clarifications or additional information. In such a case, the User shall provide an updated or corrected request after receiving the Company’s clarification request.
12.6. The Company is obligated to provide a response to the User or to fulfil the User’s request within thirty (30) calendar days from the date of proper receipt of the request.
13. RESPONSIBILITY
13.1. The Company informs the User that the processing of Personal Data (including Financial information received via a third-party banking API on a read-only basis) is necessary for the proper provision of the Services through the App. If the User does not agree with the terms of this Privacy Policy or with such processing, the User is not entitled to use the App or receive the Services.
13.2. To the maximum extent permitted by applicable law, the Company is not responsible for:
13.2.1. the consequences of the provision by the User of inaccurate, outdated, incomplete or misleading Personal Data, including cases where this prevents or distorts the provision of the Services;
13.2.2. any damage, loss or other adverse consequences arising from the use, disclosure or other processing of Personal Data by third parties that act as independent controllers, including third-party banking providers, app stores, communication services, social media platforms or other services with which the User interacts directly;
13.2.3. any damage, loss of data or other consequences caused by unlawful actions of third parties (including hacking, malware, unauthorized access to the User’s device, interception of communications or other cyber incidents) that are beyond the reasonable control of the Company;
13.2.4. temporary or permanent unavailability, malfunction, interruption or errors in the operation of the App or the Company’s technical infrastructure, where such events are caused by failures of third-party services (including hosting providers, cloud infrastructure, telecommunications operators, app stores or analytics tools), force majeure events, or other circumstances beyond the Company’s reasonable control;
13.2.5. any consequences arising from the User’s use of the App in violation of this Privacy Policy, the terms of use of the App, or applicable law.
13.3. The App and related materials may contain links to third-party websites, services or resources, or may incorporate third-party tools (including banking APIs, analytics SDKs or social media tools). The privacy practices of such third parties are not governed by this Privacy Policy, and the Company is not responsible for the processing of Personal Data by such third-party websites, applications or services. The User is responsible for reviewing the privacy policies and terms of such third parties before using them.
13.4. The User is responsible for:
13.4.1. maintaining the confidentiality and security of any data or credentials used to access the App and/or to generate or store a third-party banking API token (including the protection of their device, operating system and communication channels);
13.4.2. limiting access to their device and to the App, as well as for all actions performed in the App from their device unless the User proves the absence of their fault;
13.4.3. promptly updating Personal Data provided to the Company where such data is required for the accurate provision of the Services.
13.5. Data transmission over the Internet cannot be guaranteed to be completely secure. While the Company applies appropriate technical and organizational measures to protect Personal Data during transmission and storage, the Company does not guarantee absolute security of data transmitted to or from the App. The User acknowledges and accepts the risks associated with the transmission of Personal Data via the Internet and uses the App at their own risk within the limits established by applicable law.
14. CONFIRM POLICY
14.1. The App and the Services are intended solely for individuals who have reached the age of majority in accordance with the laws of the country of their residence. The Company does not knowingly collect, store or otherwise process the Personal Data of persons who have not reached the age of majority.
14.2. The Company has the right, without prior notice and without any liability for itself, to delete the Personal Data of a person who has not reached the age of majority and to restrict or terminate the provision of the Services and/or access to the App for such a person.
14.3. If you have information that the App or the Services are being used by a person who has not reached the age of majority, please notify the Company’s support service by sending an email to: spendient@gmail.com
15. PRIVACY POLICY CHANGE
15.1. The Company has the right to periodically make changes to this Privacy Policy, including to the rules for processing and protecting Personal Data, as well as to ensure compliance with the requirements of the legislation of the jurisdictions in which the Company operates or whose laws apply to the processing of Personal Data in connection with the App and the Services.
15.2. The User is obligated to independently review the current version of this Privacy Policy. The Company is not responsible for any consequences arising from the User’s failure to familiarize themselves with the updated terms of the Privacy Policy before using the App or the Services.
15.3. The Company indicates the date of the latest update to the current version of this Privacy Policy in the “Updated” (or “Last Updated”) line at the beginning of the document.
15.4. Electronic copies of this Privacy Policy, published within the App or otherwise stored by the Company in electronic form, are deemed to be accurate, complete, valid and enforceable and to be in effect at the moment the User uses the App and/or the Services.
16. CONTACTS
16.1. The User has the right to contact the Company support service at: spendient@gmail.com to ensure his rights, in accordance with the terms of this Privacy Policy, or in case of violation of his rights, or to leave feedback or ask a question.