Privacy Policy

Effective date: 25th August, 2025 · Last updated: 25th August, 2025

1. Introduction

Sumi ("we", "us", or "our") is a personal finance app that helps users track expenses and income, manage recurring payments, view charts, and optionally use an AI chat assistant. This Privacy Policy explains how we collect, use, disclose, and protect your personal information. By using Sumi, you accept the practices described here.

Controller: Constantin Gînga, Warsaw, Poland. Contact: hello@constantout.com.

2. What this policy covers

  • Information you give us directly (account info, profile)
  • Information we collect automatically (app usage, device)
  • How we use and share data
  • Your choices and rights (exporting/deleting data, opt-outs)
  • Security, retention, and international transfers

3. Data we collect

Information you provide

  • Account info: name, email address, and public profile picture when you register.
  • Transactions: records you enter (expense/income amounts, date, category, notes, currency).
  • Payment & subscription metadata: choice of plan (weekly trial, annual, lifetime), receipt metadata (for subscription verification), and purchase timestamps (but not raw payment card details).

Information collected automatically

  • Device and operating system information (device model, OS version).
  • App usage data (features used, crash reports, basic analytics).
  • IP address and approximate location as needed for fraud prevention or analytics.

Authentication

We use third-party authentication providers (for example Apple Sign in, Google Sign-In). When you sign in via a third party, we receive the account information that the provider supplies (typically name, email, and profile photo). We do not receive your third-party login password.

4. How we use your data

  • Provide, operate, and maintain Sumi (store and display your transactions; show charts; manage recurring payments).
  • Enable the AI assistant only if you opt in to that feature (see Section 5).
  • Process and validate subscriptions and purchases.
  • Provide customer support and respond to inquiries.
  • Improve and develop features, and perform analytics.
  • Prevent abuse, fraud, and other illegal activity.
  • Comply with legal obligations.

5. AI assistant & transaction processing

The AI chat feature is optional. It will only analyze your transactions if you enable it.

When enabled, the AI may process the content of your transactions and related account metadata to generate responses, suggest savings, or log transactions on your behalf.

Depending on the implementation, AI processing may occur on our servers and/or through third-party AI services. We will request your explicit consent before enabling the AI chat assistant and will disclose the nature of any third-party processing in-app or in a supplemental notice.

6. Sharing & disclosure

We do not sell your personal data. We may disclose information:

  • To service providers who perform services for us (hosting, analytics, payment validation, crash reporting). These providers are contractually bound to protect the data.
  • To payment platforms (Apple, Google) to verify and manage subscriptions.
  • In response to legal requests (court orders, subpoenas) or to protect rights, property, or safety.
  • With your consent (for example, when you request that we share or export data to another service).

7. Data export & deletion

Export: You can export all your data with one click inside the app. Export files are provided in common formats (CSV and/or JSON) and will be downloaded or sent to the email associated with your account.

Deletion: You may delete your account and all associated data from within the app or by contacting support. Deletion requests will be completed within a reasonable time and we will confirm once completed. Some information may remain in backups for a limited period due to standard backup procedures.

8. Data retention

We store your transaction and account data for as long as your account exists and for an additional period as required to comply with legal obligations or to resolve disputes. If you delete your account, we will delete your data as described above (subject to backup retention and legal holds).

9. Security

We use reasonable technical and organizational measures to protect your data (encryption in transit, access controls, secure hosting). However, no system is 100% secure; we cannot guarantee absolute security.

10. Children

Sumi is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such data, contact us to request deletion.

11. International transfers

Your data may be stored and processed in the country where our servers or service providers operate. By using Sumi, you consent to such transfers. We will take reasonable steps to ensure adequate protections are applied.

12. Your rights & choices

  • Access & correction: You may access and correct your account information in the app.
  • Export: Use the in-app export feature to obtain your data in CSV/JSON.
  • Opt-out of analytics: You may opt-out of non-essential analytics via settings.
  • AI opt-in/opt-out: The AI assistant is off by default; enable it explicitly to allow analysis of transactions.
  • Delete account: Use the app or contact support to request deletion.

13. Third-party links

Sumi may contain links to third-party websites/services. We are not responsible for their privacy practices.

14. Changes to this policy

We may update this policy. If material changes occur, we will notify users via the app or email. The new policy takes effect on the stated effective date.

15. How to contact us

Email: hello@constantout.com

Legal entity: Constantin Gînga

Business location: Warsaw, Poland