Privacy Policy

Last updated: February 2026

1. Introduction

Money Me ("we", "our", or "us") operates the personal finance management application available at money-me.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your personal data and your right to privacy. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Your name and email address (provided via Google OAuth or email registration)
  • Profile picture (if provided through Google OAuth)
  • Account preferences and settings

2.2 Financial Data

To provide the Service, we store financial information that you voluntarily enter, including:

  • Bank account names and balances
  • Expense details (names, amounts, categories, and payment schedules)
  • Income records
  • Savings goals and progress
  • Debt and IOU records

We do not connect directly to your bank accounts. All financial data is manually entered by you.

2.3 Authentication Data

We use Google OAuth 2.0 for authentication. When you sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive or store your Google password. We also offer email and password authentication, in which case your password is securely hashed before storage.

2.4 Payment Data

Subscription payments are processed by Stripe. When you subscribe, Stripe collects your payment card details directly. We do not store your full card number, CVV, or other sensitive payment information on our servers. We receive from Stripe only:

  • Your Stripe customer ID
  • Subscription status (active, cancelled, etc.)
  • Subscription plan details and billing period
  • The last four digits of your payment card (for display purposes)

2.5 Automatically Collected Data

When you use the Service, we may automatically collect:

  • Device type and browser information
  • IP address
  • Pages visited and features used
  • Date and time of access

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account
  • Process subscription payments through Stripe
  • Calculate financial summaries, analytics, and insights
  • Send important service-related communications (e.g., subscription changes, security alerts)
  • Respond to your enquiries and support requests
  • Detect, prevent, and address technical issues or security threats
  • Comply with legal obligations

4. Data Storage and Security

Your data is stored in Amazon DynamoDB, a managed database service provided by Amazon Web Services (AWS). Data is encrypted at rest and in transit. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

These measures include:

  • Encryption of data at rest (AES-256) and in transit (TLS 1.2+)
  • Secure authentication with hashed passwords and OAuth tokens
  • Server-side input validation and parameterised database queries
  • Regular security reviews of our codebase
  • Access controls limiting data access to authorised processes only

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your data with:

  • Stripe: For payment processing. Stripe's use of your data is governed by the Stripe Privacy Policy.
  • Amazon Web Services (AWS): For data hosting and storage infrastructure.
  • Vercel: For application hosting and delivery.
  • Google: For OAuth authentication services. Google's use of your data is governed by the Google Privacy Policy.
  • Legal requirements: If required by law, regulation, or legal process.

6. Cookies

We use cookies and similar technologies to maintain your session, remember your preferences, and improve the Service. For detailed information about the cookies we use, please see our Cookie Policy.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal, accounting, or regulatory purposes.

Subscription and payment records may be retained for up to 7 years to comply with financial record-keeping requirements.

8. Your Rights (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and UK GDPR:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct inaccurate or incomplete data.
  • Right to erasure: You can request that we delete your personal data, subject to certain exceptions.
  • Right to restrict processing: You can request that we limit how we use your data.
  • Right to data portability: You can request your data in a structured, commonly used, and machine-readable format.
  • Right to object: You can object to our processing of your data in certain circumstances.
  • Right to withdraw consent: Where we rely on your consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at support@money-me.com. We will respond to your request within 30 days.

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

10. International Data Transfers

Your data may be processed and stored in countries outside of your country of residence, including the United States (where AWS and Vercel operate). Where we transfer data outside the EEA or UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this page periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@money-me.com

Website: money-me.com

Privacy Policy - Money Me