Privacy Policy

1. Data Controller

Whisper Money is the data controller responsible for your personal information.

2. Information We Collect

We collect the following types of personal information:

• Account Information: Email address, name, and password (encrypted)
• Financial Data: Transaction details, budgets, categories, and other financial information you manually enter into the application
• Usage Information: Information about how you use our service, including access times and features used
• Technical Information: IP address, browser type, device information, and operating system

3. How We Use Your Information

We process your personal data for the following purposes:

• To provide and maintain our personal finance tracking service
• To enable cloud synchronization of your encrypted financial data across devices
• To authenticate your access and protect your account security
• To process payments for premium features or subscriptions
• To send you service-related notifications, updates, and security alerts via email
• To improve and optimize our service based on usage patterns
• To comply with legal obligations and enforce our terms

The legal basis for processing your data includes: performance of our contract with you, your consent, our legitimate interests in improving the service, and compliance with legal obligations.

4. Data Security and Encryption

We implement robust security measures to protect your personal information:

• End-to-End Encryption: Your financial data is encrypted on your device before being transmitted to our servers, ensuring that only you can access your information
• Secure Storage: All data is stored on secure servers with encryption at rest
• Access Controls: Strict access controls and authentication mechanisms protect against unauthorized access
• Regular Security Audits: We regularly review and update our security practices

While we use industry-standard security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

5. Third-Party Services

We use the following third-party services to operate our platform:

• Payment Processors: To process subscription payments and transactions. These processors have access only to the information necessary to perform their functions and are obligated to protect your data
• Email Service Providers: To send transactional emails, password resets, and service notifications

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal, accounting, or security purposes.

7. International Data Transfers

Your data is primarily stored and processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your information in accordance with GDPR requirements.

8. Your Rights Under GDPR

As a user in the European Union, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can request correction of inaccurate or incomplete data
• Right to Erasure: You can request deletion of your personal data (right to be forgotten)
• Right to Data Portability: You can request your data in a structured, machine-readable format
• Right to Restriction: You can request restriction of processing in certain circumstances
• Right to Object: You can object to processing of your data based on legitimate interests
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
• Right to Lodge a Complaint: You can file a complaint with your local data protection authority

To exercise any of these rights, please contact us at victor@whisper.money. We will respond to your request within 30 days.

9. Cookies and Tracking

We use essential cookies to maintain your session and ensure the proper functioning of our service. These cookies are necessary for the service to work and cannot be disabled. We do not use tracking cookies or analytics cookies without your explicit consent.

10. Children's Privacy

Our service is not intended for users under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will notify you by email and/or by posting a notice on our website at least 30 days before the changes take effect. Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: