Privacy Policy

Monfly ("we", "our", "us") provides a personal finance dashboard that helps individuals track expenses, plan budgets, and visualize financial decisions. This Privacy Policy describes how we handle the personal information of users ("you") who interact with the service.

By creating an account or using Monfly you agree to the practices described here. If you do not agree, please discontinue use of the service.

We only collect what is necessary to operate the dashboard. The categories below reflect the data currently handled by Monfly:

• Account data: name, email address, and a securely hashed password used to authenticate your sessions.
• Financial entries: transactions, categories, budgets, pots, recurring bills, cards, and monthly summaries that you create inside Monfly.
• Preferences: interface preferences such as theme, locale, font display, and haptic feedback.
• Operational data: minimal request metadata (timestamps, rate-limit counters) required to keep the service stable and secure.

Monfly does not connect directly to your bank accounts. All financial entries exist because you entered or imported them manually.

We use the information above strictly to:

• Authenticate you and keep your workspace private.
• Render dashboards, charts, reports, and forecasts from the entries you create.
• Operate the platform safely (rate limiting, abuse prevention, debugging).
• Communicate transactional information related to your account when strictly necessary.

We do not sell your personal data, and we do not use your financial entries to train third-party advertising models.

Where applicable (for example under the GDPR or comparable regimes), we rely on the following legal bases: performance of the contract you accept by signing up, our legitimate interest in keeping the service operational and secure, your consent for optional features, and legal obligations.

Account and financial data is stored in a managed PostgreSQL database. Sessions are issued through encrypted, signed cookies. Passwords are hashed with bcrypt before being persisted.

We retain your data while your account is active. When you delete your account, the associated records are removed from our active systems within a reasonable period, except where retention is required to comply with legal obligations.

No online service can be guaranteed to be 100% secure, but we follow widely accepted practices to reduce the risk of unauthorized access.

Monfly relies on a small number of infrastructure providers (hosting, database, email delivery, error tracking) that process data only on our behalf and under contractual obligations. We do not share your information with advertisers.

We use a session cookie to keep you logged in and minimal local storage to remember interface preferences. Monfly does not use third-party advertising or cross-site tracking cookies.

Depending on your jurisdiction you may have the right to:

• Access a copy of the data we hold about you.
• Correct inaccurate or incomplete information.
• Delete your account and associated workspace data.
• Object to certain processing activities.
• Export your data in a machine-readable format.

You can exercise most of these rights directly inside the application. For everything else, contact us at the address listed below.

Monfly is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

We may update this Privacy Policy as the product evolves. The "last updated" date at the top reflects the most recent revision. Material changes will be communicated through the application or by email when appropriate.

For privacy-related questions, write to mrluisfeer@gmail.com or visit the contact page.