CaliMoney
Sign inGet started free
← CaliMoney

Privacy Policy

Last updated: May 18, 2026

1. Data Controller

CaliMoney is operated by Alessio Sacchetta Cali. For any privacy-related inquiry, contact: support@calimoney.it.

2. Data We Collect

We collect your email address (used as account identifier) and the financial movements you add to the app (date, amount, description, type, category). No advertising identifiers, device fingerprints or third-party tracking pixels are used.

3. How We Use Your Data

Your data is used exclusively to provide the CaliMoney service: storing, syncing and displaying your financial records across devices. We do not sell, share or use your data for advertising.

4. Lawful Basis for Processing

We rely on the following legal bases under GDPR Art. 6: performance of contract (Art. 6(1)(b)) — account management, data storage and sync are necessary to deliver the service you signed up for; legitimate interests (Art. 6(1)(f)) — security monitoring and fraud prevention, balanced against your rights; legal obligation (Art. 6(1)(c)) — retaining records where required by applicable law. We do not rely on consent for core service processing.

5. Data Storage & Processors

Data is stored locally on your device via IndexedDB (Dexie) and synced to Google Firebase Firestore in europe-west8. Firebase Hosting runs in europe-west4. Firebase Authentication persists your sign-in state in local browser storage. We also use localStorage to remember the site theme and landing-page language. Google LLC acts as a data processor under a Data Processing Agreement (DPA) incorporating Google's Standard Contractual Clauses (SCCs) where applicable. No other third-party processors receive your personal data. Google's privacy policy: policies.google.com/privacy.

6. End-to-End Encryption (Pro)

Pro users may enable AES-256-GCM encryption. When active, all movement data is encrypted on-device before transmission. The encryption key is derived from your passphrase and never leaves your device. CaliMoney cannot decrypt your data. For additional security, the session automatically locks after 15 minutes of inactivity.

7. Data Retention

Your data is retained for as long as your account is active. On account deletion, your data is removed from Firestore immediately and from device storage immediately. Deletion is permanent and irreversible.

8. Your Rights & DSAR (GDPR)

If you are an EU resident, you have the right to access, rectify, port and erase your personal data, and to restrict or object to processing. To submit a Data Subject Access Request (DSAR) or exercise any right, email support@calimoney.it — we respond within 30 days as required by GDPR Art. 12. You also have the right to lodge a complaint with your national supervisory authority; in Italy: Garante per la protezione dei dati personali (garante.it).

9. Cookies

CaliMoney does not use cookies. Authentication state is persisted via Firebase's local browser storage, not HTTP cookies.

10. Changes to This Policy

We may update this policy. Material changes will be communicated via email or an in-app notice. Continued use of the service after the effective date constitutes acceptance.

11. Contact

Questions or requests: support@calimoney.it.