Privacy Policy

Walleon ("we", "our", or "us") respects your privacy and is committed to full transparency about how your data is handled. This policy applies to the Walleon mobile application on iOS and Android. By using the app you agree to the practices described here.

1 Information We Collect

1.1 Account Information

When you register or sign in, we collect:

• Email address — to identify your account.
• Display name — shown inside the app.
• Profile photo — only if you voluntarily upload one; stored in Firebase Storage.
• Authentication provider — email/password, Google, or Apple.

This data is processed by Google Firebase Authentication and is subject to Google's privacy practices (see Section 6).

1.2 Financial Data — Stored Locally and Securely on Your Device

If you enable Cloud Sync (where available), your financial data is additionally backed up to Google Firebase Firestore under strict per-user security rules — only you can access your own records.

1.3 Usage and Analytics Data

We use Firebase Analytics to collect anonymous, aggregated usage data — such as which screens are visited most. This contains no financial information and cannot be linked back to you personally.

1.4 Wallet Feature — Payment Method Metadata

If you link a payment card, we store the following locally on your device only:

• Last four digits of the card number
• Card expiry date (MM/YY format)
• Billing ZIP code
• Payment provider name

We do not collect, store, or transmit full card numbers, CVV codes, or banking credentials. Payment processing is handled exclusively by Stripe, a PCI-DSS Level 1 certified processor (see Section 6).

1.5 Crash and Diagnostic Reports

Firebase Crashlytics automatically sends crash reports when the app encounters an unexpected error. Reports contain technical data only: device model, OS version, app version, and error stack trace. They contain no financial data.

1.6 Device Permissions

• Biometrics (Face ID / Fingerprint) — to lock the app. Processed entirely by the OS; biometric data never leaves your device.
• Camera / Photo Library — to attach invoice images to transactions or set a profile photo. Images stored locally unless you upload a profile photo.
• Network access — required for authentication, cloud sync, and crash reporting.

2 Information We Do Not Collect

• We do not collect your location.
• We do not access your contacts, messages, or other apps.
• We do not collect full card numbers, CVV codes, or banking credentials.
• We do not serve advertisements or share data with ad networks.
• We do not sell your data to any third party under any circumstances.

3 How We Use Your Information

• To create and authenticate your account.
• To enable cross-device access (if cloud sync is active).
• To identify and fix bugs via crash reports.
• To understand which features are most valuable and improve the app.
• To comply with applicable laws and regulations.

4 Security

• Financial data is stored in an encrypted SQLite database on-device.
• Authentication tokens are stored in the device's secure enclave via Flutter Secure Storage.
• Biometric authentication prevents unauthorized app access.
• Screen content is hidden when the app is placed in the background.
• Firestore data (if sync is enabled) is protected by strict per-user security rules.
• All data in transit is encrypted via TLS/HTTPS.

No method of electronic storage or transmission is 100% secure. While we implement strong protections, we cannot guarantee absolute security.

5 Data Retention and Deletion

Account data is retained while your account is active. On deletion, all associated data in Firebase Auth, Firestore, and Storage is permanently removed within 30 days.

Local financial data is deleted when you uninstall the app or use "Delete All Data" in the app settings.

Analytics and crash data is retained by Google Firebase for up to 14 months.

To delete your account: Profile → Account Info → Delete Account.

6 Third-Party Services

The following services process data on our behalf, each under their own privacy policy:

• Google Firebase (Auth, Firestore, Storage, Crashlytics, Analytics) Account authentication, optional data sync, crash reporting, and usage analytics. firebase.google.com/support/privacy
• Google Sign-In Optional sign-in using your Google account. policies.google.com/privacy
• Sign in with Apple Optional sign-in using your Apple ID. apple.com/legal/privacy
• Stripe Payment processing. PCI-DSS Level 1 certified. We never handle or store raw card data. stripe.com/privacy

7 Children's Privacy

Walleon is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided personal information, contact us at the address below and we will delete it promptly.

8 Your Rights

• Access: Request a copy of the personal data we hold about you.
• Rectification: Update or correct inaccurate information.
• Erasure: Request deletion of your account and all associated data.
• Portability: Export your financial data via the CSV Export feature in the app.
• Withdraw Consent: Disable analytics collection at any time in your device settings.

To exercise any right: support@walleon.app

Account and Data Deletion

You can delete your account and all associated data directly from the app (Profile → Account Info → Delete Account) or by submitting a request.

• Account Deletion — permanently closes your account and removes all associated data.
• Data Deletion — removes specific app data without closing your account.

For email requests, contact support@walleon.app. Requests are processed after account ownership verification.

9 Changes to This Policy

We may update this policy periodically. The "Effective" date above reflects the latest revision. Material changes will be communicated via an in-app notice. Continued use of the app after changes are posted constitutes acceptance of the updated policy.

10 Contact

Email: support@walleon.app