This Privacy Policy explains how 1M Finance ("we," "us," or "our") handles information when you use our mobile application and website at finance.one-m.app. We built 1M Finance with a strong belief that your financial data belongs to you — not us.

If you have any questions, contact us at finance.contact@one-m.app.

1. Your Financial Data Stays on Your Device

All financial information you enter into 1M Finance — including transactions, budgets, categories, account balances, and net worth data — is stored exclusively on your device. We do not have servers that store your financial data, and we have no ability to access, read, or view it.

Financial health indicators displayed in the App (such as debt-to-income ratio, liquidity runway, and currency exposure) are computed entirely on your device using the data you have entered. These calculations are performed locally and are never transmitted to our servers or any third party.

If you enable backups:

• iOS: Backups sync to your personal iCloud account, encrypted and managed entirely by Apple. We do not have access to your iCloud.
• Android: Backups sync to your personal Google Drive account, encrypted and managed entirely by Google. We do not have access to your Google Drive.

To be explicit about what we do not do:

• We do not connect to your bank or any financial institution.
• We do not use Plaid, MX, Yodlee, or any similar bank data aggregator.
• We do not perform screen scraping or credential-based data import of any kind.
• We do not store, transmit, or process your financial data on our servers.
• We do not sell or share your financial data with any third party.
• We do not use your financial data for advertising.

2. Information We Do Collect

While your financial data stays private, the app does collect or process a limited set of non-financial information in order to function.

Account Authentication

1M Finance uses Firebase Authentication (provided by Google) to manage user accounts. When you create an account, we collect:

• Your email address
• Your name (if you sign in with Google or Apple)
• An authentication token used to identify your account session

This information is used solely to authenticate you and link your account to your device's local data and cloud backup. We do not use it for advertising or to build a profile about you.

Server-Side Account Record

We store a user record in Google Firestore (hosted in Europe) that includes your display name and email address (from authentication), a device identifier (for device binding), and your subscription entitlement (tier, status, expiry). This record is used solely for account management, subscription verification, and single-device enforcement. No financial data (transactions, accounts, budgets, or categories) is stored on our servers.

Analytics and Diagnostics

We use Firebase Analytics and Firebase Crashlytics (both provided by Google) to understand how the app is used and to identify and fix bugs.

This diagnostic data may include:

• Which screens and features are used most frequently
• App crash reports and error logs
• Device type, operating system version, and app version
• General session information such as session duration and app opens
• Subscription tier and general feature usage patterns

This data is associated with a randomly generated identifier (Firebase Installation ID), not with your name or email address. It never includes your financial data — no transaction amounts, account names, balances, categories, or budget figures are transmitted.

We do not use advertising identifiers (IDFA), do not participate in ad networks, and do not share diagnostic data with advertisers. This data is used solely to improve app stability and the user experience.

Device Information

To support crash diagnostics and app compatibility, we collect basic device information including device model and operating system version. This data is collected through Firebase Crashlytics and is used solely for technical diagnostics.

Biometric Authentication

1M Finance supports Face ID and Touch ID for app lock. Biometric authentication is processed entirely on your device by the operating system's secure enclave. We never receive, store, or transmit your biometric data — we only receive a pass/fail result from the operating system.

Subscription Verification

When you purchase or restore a subscription, the app communicates with our verification service (via Google Cloud Functions, hosted in Europe) to validate the transaction with Apple. This process includes your subscription receipt and entitlement status. It does not include any financial data from within the app.

Exchange Rates

If you use multi-currency features, the app fetches current exchange rates from a third-party API. This request contains no personal data — it is a simple public data lookup.

3. Subscriptions and In-App Purchases

1M Finance offers a premium subscription. Subscriptions are purchased and managed through the Apple App Store (iOS) or Google Play Store (Android). We do not collect or store your payment card details. All billing and payment processing is handled entirely by Apple or Google under their respective terms and privacy policies. We receive only a confirmation of whether a valid subscription is active — not any payment details.

4. How We Use the Information We Collect

• Email address and authentication data: To create and manage your account, authenticate you when you sign in, and enable iCloud or Google Drive backup linkage.
• Analytics data: To understand general usage patterns and improve the app.
• Crash reports: To identify, diagnose, and fix bugs.
• Exchange rate data: To display accurate currency conversions within the app.

We do not use any collected information for advertising, profiling, or sale to third parties.

5. Third-Party Services

1M Finance integrates with the following third-party services. Each operates under its own privacy policy:

• Firebase Authentication (Google LLC) — account sign-in and session management. Firebase Privacy Policy
• Firebase Analytics (Google LLC) — anonymous usage analytics. Firebase Privacy Policy
• Firebase Crashlytics (Google LLC) — anonymous crash reporting. Firebase Privacy Policy
• iCloud (Apple Inc.) — optional encrypted backup on iOS. Apple Privacy Policy
• Google Drive (Google LLC) — optional encrypted backup on Android. Google Privacy Policy
• Apple App Store / Google Play Store — subscription and payment processing.

6. Data Retention

Your financial data is retained only on your device and, if you choose, in your personal cloud backup account. Deleting the app removes all local data. Managing or deleting your cloud backup is done directly through iCloud or Google Drive settings.

You can delete your account at any time directly within the app:

1. Open Profile & Settings
2. Scroll to Data & Privacy
3. Tap Delete Account
4. Confirm your choice (email/password users will be asked to re-enter their password)

Upon account deletion, your authentication record, server-side profile, and subscription data are permanently removed. Local data on your device is also cleared. Because we do not store your financial data on our servers, there is nothing else to delete on our end.

Cloud backups in iCloud or Google Drive are not automatically deleted and must be removed manually. If you have an active subscription, cancel it in the App Store before deleting your account — account deletion does not stop subscription billing.

You may also request deletion by contacting us at finance.contact@one-m.app. For step-by-step instructions, see our data deletion guide.

7. Children's Privacy

1M Finance is not directed at children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at finance.contact@one-m.app and we will take steps to delete that information.

8. Your Rights and Choices

Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete it. Because we hold only a minimal amount of personal data (primarily your email address and authentication record), these rights are straightforward to exercise.

To request access to, correction of, or deletion of your account data, contact us at finance.contact@one-m.app. We will respond within 30 days. You can also exercise your right to deletion directly within the app, as described in Section 6 above.

For residents of the European Economic Area (EEA) and United Kingdom, your rights under the GDPR include: the right to access, the right to rectification, the right to erasure, the right to restrict processing, and the right to data portability.

For California residents, the CCPA grants you the right to know what personal information we collect and how it is used, the right to delete your personal information, and the right to opt out of the sale of personal information. We do not sell personal information.

For residents of the United Arab Emirates, your rights under Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) are fully respected. We process only the minimum personal data necessary and do not transfer your data outside the protections described in this policy.

Regardless of where you live, if your local law grants you data protection rights that cannot be waived, those rights are not affected by this policy.

9. Security

We take reasonable measures to protect the limited personal data we do handle. Firebase Authentication uses industry-standard security practices for credential storage. Financial data on your device is subject to your device's own security protections (device passcode, biometrics, device encryption). Cloud backups are transmitted via HTTPS and protected at rest by your cloud provider's encryption (iCloud or Google Drive).

No method of transmission or storage is 100% secure, but we have designed 1M Finance so that the most sensitive data — your financial records — never leaves your device or your personal cloud storage.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will make reasonable efforts to notify you, such as via an in-app notice.

Your continued use of 1M Finance after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: finance.contact@one-m.app
• Website: finance.one-m.app