← Home · Polski

Privacy Policy

Effective date: May 12, 2026 · App: Homvo (com.mgsoft.homvo)

1. Who we are

Homvo is a personal finance management app developed by Mateusz Grabarski (MatGraSoft), an individual developer based in Poland. This Privacy Policy explains how Homvo handles your information.

Contact: grabarski.soft@gmail.com

2. What data we collect

2.1. Data stored on your device (NOT sent to us)

All your financial data is stored locally on your device only, in an encrypted SQLite database (SQLCipher AES-256). This includes:

• Accounts (names, balances, currencies)
• Transactions (amounts, categories, dates, optional notes/payees)
• Budgets, goals, recurring rules, debts
• App settings (theme, currency, PIN hash, biometric preference)

This data never leaves your device unless you explicitly export a backup file (which you control and share manually).

2.2. Crash reports (Firebase Crashlytics) — always on

To diagnose crashes and improve stability, Homvo automatically sends anonymized crash reports to Firebase Crashlytics (a Google service). These reports contain:

• Stack trace of the crash (which line of code failed)
• Device model, Android version, app version
• Free RAM, free disk space at time of crash

Reports never include your financial data, account names, transaction amounts, or any other personal content. Crashlytics is required for app stability and cannot be disabled in-app.

2.3. Usage analytics (Firebase Analytics) — always on

To understand which features are popular and what to prioritize, Homvo automatically sends anonymized usage events to Firebase Analytics (a Google service). These include:

• App open / screen view (which screen, no content)
• Onboarding step completion
• Feature usage (transaction added, budget created — without amounts or names)
• Premium events (paywall viewed, purchase completed)
• Bucketed numeric ranges (e.g. "small / medium / large amount", never the actual value)

Analytics events never include: actual transaction amounts, payee names, account names, notes, your name, email, phone number, or any other personal identifier. We have disabled the AD_ID permission and Privacy Sandbox AdServices APIs, so Firebase does not build an advertising profile of the user.

Analytics is required for app development and runs for all users. If you disagree with this processing, please do not install or please uninstall the app.

2.4. Premium (Google Play Billing)

Homvo Premium is available as a monthly subscription (homvo_pro_monthly) or a one-time lifetime purchase (homvo_pro_lifetime). The transaction is processed entirely by Google Play Billing. We receive only an anonymous purchase token and plan type to verify Premium status. We never see your payment method, billing address, or any financial details — Google handles all of that.

2.5. Permissions we request

• Internet — to send crash reports and (if enabled) analytics events
• Network state — to check connectivity before sending data
• Notifications — to send budget alerts and recurring transaction reminders (you can disable in Android settings)
• Biometric (only if you enable Biometric unlock) — handled entirely by Android, we never see your fingerprint/face data

3. How we use the data

Crash reports are used exclusively to diagnose and fix bugs in the app. They are not used for advertising, profiling, or shared with anyone outside Google's Crashlytics processing.

Analytics is used exclusively to understand which features are popular, what to prioritize, and how the app is performing. We do not build user profiles, do not target ads (we don't show ads at all), and do not sell or share data with third parties.

4. Who has access to data

• You — all your financial data is on your device
• Google (Firebase) — receives anonymized crash reports and analytics events. Subject to Firebase Privacy Policy
• Google (Play Billing) — handles your purchase if you buy Premium (subscription or one-time)
• Nobody else. We don't share data with advertising networks, data brokers, or third-party analytics. Homvo has no servers besides Firebase.

5. Data retention

• On-device data: retained until you uninstall the app or use Settings → Delete all data. We have no copies.
• Crash reports (Firebase): retained by Google for up to 90 days, then anonymized and aggregated.
• Analytics events (Firebase): retained by Google per the Firebase Analytics default retention (14 months); older events are auto-deleted.
• Purchase records (Google Play): subject to Google Play retention, for both subscriptions and one-time purchases.

6. Security

• The local database is encrypted with SQLCipher (AES-256). The encryption key is stored in Android Keystore (hardware-backed if available).
• Optional PIN lock and biometric unlock add an additional layer of access control.
• Network requests use HTTPS only.
• We have removed the Firebase Analytics AD_ID permission and Privacy Sandbox AdServices APIs — no advertising profiling of the user.

7. Your rights

7.1. EU/UK users (GDPR)

• Access & portability: all your data is in the app — use Settings → CSV Export (full transaction dump) or Settings → Backup (encrypted backup file).
• Erasure ("right to be forgotten"): uninstall the app or use Settings → Delete all data. We have no remote copies of your data.
• Object to processing: both Crashlytics and Analytics are necessary for app stability and product improvement (legitimate interest under GDPR Art. 6(1)(f)) — they contain no PII or financial data. If you object to this processing, please uninstall the app.
• Lodge a complaint: contact your local data protection authority. In Poland: UODO.
• Lawful basis: Legitimate interest (GDPR Art. 6(1)(f)) for crash reporting and anonymized analytics for product improvement.

7.2. California users (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising. We collect only anonymized telemetry as described above.

7.3. All users

You can reach us at grabarski.soft@gmail.com with any privacy-related questions or requests. We respond within 30 days.

8. Children's privacy

Homvo is not intended for children under 13. We don't knowingly collect data from children. If you believe a child has used the app and we hold their data, contact us — we'll help arrange deletion. (Note: since data is on-device only, simply deleting the app removes it.)

9. International data transfers

Firebase processing may transfer data outside the EEA (e.g., to the US). Google relies on Standard Contractual Clauses and other safeguards under GDPR. See Firebase Privacy & Security for details.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective date" at the top will reflect the latest revision. For significant changes, we'll show an in-app notice on next app open. Continued use of Homvo after a policy update means you accept the changes.

11. Contact

For privacy questions, data requests, or any other inquiry:

• Email: grabarski.soft@gmail.com
• Developer: Mateusz Grabarski (MatGraSoft)
• Country: Poland