Privacy Policy

Last updated: April 8, 2025

danestves, LLC ("us", "we", or "our") operates the ExpenseTrackr application (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We take your privacy seriously and are committed to protecting your personal and financial information. By using the Service, you agree to the collection and use of information in accordance with this policy.

Definitions

• Service: The ExpenseTrackr application operated by danestves, LLC
• Personal Data: Data about a living individual who can be identified from that data
• Usage Data: Data collected automatically from the Service
• Cookies: Small files stored on your device
• Data Controller: The entity determining how personal data is processed (danestves, LLC in this case)
• Financial Data: Any information related to your financial accounts, transactions, or financial status

Information We Collect

Personal Data

We collect several types of information for various purposes:

• Account Information:

  • Email address
  • Name
  • Password (encrypted)
  • Profile information
  • Contact information

• Financial Information:

  • Account balances
  • Transaction history
  • Budget data
  • Financial goals
  • Investment information
  • Expense categories
  • Income sources

• Workspace Information:

  • Workspace settings
  • Member lists
  • Team configurations
  • Shared financial data

Usage Data

We automatically collect usage data when you access the Service, including:

• Browser type and version
• Time and date of access
• Pages visited
• Time spent on pages
• Device information
• IP address
• Operating system
• Other diagnostic data

Tracking & Cookies

We use cookies and similar tracking technologies to monitor Service activity. Types of cookies we use:

• Session Cookies: To operate our Service
• Security Cookies: For security purposes
• Preference Cookies: To remember your settings

Use of Data

We use collected data for:

• Providing and maintaining the Service
• Notifying you about changes
• Allowing participation in interactive features
• Providing customer support
• Gathering analysis to improve the Service
• Monitoring usage
• Detecting and preventing technical issues
• Processing your financial transactions
• Generating financial reports and analytics
• Managing your workspace and team access

Data Security

We implement robust security measures to protect your data, including:

• Encryption of sensitive data
• Regular security audits
• Secure data transmission
• Access controls
• Regular backups
• Industry-standard security protocols

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

Data Retention

Retention Period

We will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including:

• As long as your account remains active
• As needed to provide you with our Service
• As required to comply with our legal obligations
• As necessary to resolve disputes
• As needed to enforce our agreements

Specific retention periods:

• Account information: Until account deletion or 30 days after account closure
• Financial transactions: 7 years (for tax and regulatory compliance)
• Usage data: 2 years
• Communication records: 3 years
• Inactive accounts: Archived after 2 years of inactivity

Data Deletion

When you delete your account:

1. Your personal information will be deleted within 30 days
2. Financial records will be retained as required by law
3. Anonymized statistical data may be retained indefinitely
4. Backup copies may be retained up to 90 days

Transfer of Data

International Transfers

Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or governmental jurisdiction where data protection laws may differ.

Transfer Safeguards

When we transfer your data internationally, we ensure appropriate safeguards through:

1. Legal Frameworks:

   • Standard Contractual Clauses (SCCs)
   • Privacy Shield certification
   • Binding Corporate Rules
   • Adequacy decisions

2. Technical Measures:

   • End-to-end encryption
   • Secure data transmission protocols
   • Access controls and authentication

3. Organizational Measures:

   • Data processing agreements
   • Regular security audits
   • Staff training and confidentiality agreements

Consent to Transfer

By using our Service, you consent to your data being transferred to and processed in countries where we maintain facilities or engage service providers. We will take all reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.

Disclosure of Data

Legal Requirements

We may disclose your Personal Data if required to do so by law or in response to valid requests from public authorities (e.g., a court or government agency) when:

• Required to comply with a legal obligation
• Protecting our legal rights or defending against legal claims
• Preventing or investigating possible wrongdoing
• Protecting the personal safety of users or the public
• Protecting against legal liability

Business Transactions

If danestves, LLC is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Third-Party Disclosure

We may share your data with third parties in the following circumstances:

1. Service Providers:

   • Payment processors
   • Cloud storage providers
   • Analytics services
   • Customer support tools
   • Authentication services

2. Business Partners:

   • Financial data aggregators
   • Banking institutions
   • Investment platforms
   • Only with your explicit consent

3. Legal Entities:

   • Affiliated companies
   • Regulatory bodies
   • Law enforcement agencies
   • Government authorities

Data Protection Measures

When sharing data with third parties, we ensure:

• Data processing agreements are in place
• Minimum necessary data is shared
• Recipients maintain adequate security measures
• Compliance with applicable privacy laws
• Regular audits of third-party practices

Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request data deletion
• Object to data processing
• Export your data
• Withdraw consent

To exercise these rights, contact us at [email protected].

Children's Privacy

Our Service does not address anyone under 18 ("Children"). We do not knowingly collect personal data from children. If you are a parent/guardian and believe your child has provided us personal data, contact us to have it removed.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any changes by:

• Posting the new policy on this page
• Sending an email notification
• Displaying a notice in the Service

Changes become effective when posted on this page.

California Privacy Rights

California residents have specific rights regarding their personal information under the CCPA. Please contact us for more information about these rights.

Legal Basis for Processing (GDPR)

If you are from the European Economic Area (EEA), danestves, LLC's legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

danestves, LLC may process your Personal Data because:

• We need to perform a contract with you
• You have given us permission to do so
• The processing is in our legitimate interests and it's not overridden by your rights
• For payment processing purposes
• To comply with the law

Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, please contact us at [email protected].