Privacy Policy

Information about the processing of your personal data

1. Privacy at a Glance

General Notes

The following notes provide a simple overview of what happens to your personal data when you use this website or use our JustFin service. Personal data is any data that can be used to personally identify you.

Data Collection on this Website

Data processing is carried out by the website operator. You can find their contact details in the legal notice. Imprint

2. Responsible Party

Alexander Angierski
Altpieschen 11b
01127 Dresden
E-Mail: team@justfin.app

3. What Data We Collect

3.1 Account Data

Email address (for login and communication)
Password (stored encrypted)
Optional: Phone number (for WhatsApp integration)

3.2 Financial Data

Income and expenses
Categories and descriptions
Uploaded receipts and invoices
Budget settings and savings goals

3.3 Usage Data

WhatsApp messages (only for service provision)
Voice messages (deleted after processing)
Technical logs (IP address, access time)

4. Data Processing by Third Parties

        ⚠️ Important Note: To provide our services, we use external providers that may process data outside the EU.
      

4.1 OpenAI (USA)

We use OpenAI for AI-powered processing of messages and receipts.

Purpose: Automatic categorization, receipt recognition, chat functions
Data: Message texts, receipt contents (anonymized where possible)
Legal Basis: EU Standard Contractual Clauses, Art. 49 (1)(a) GDPR
Privacy Policy: OpenAI Privacy Policy

4.2 Twilio (USA)

We use Twilio for WhatsApp integration.

Purpose: Receiving and sending WhatsApp messages
Data: Phone number, message contents
Legal Basis: EU Standard Contractual Clauses
Privacy Policy: Twilio Privacy Policy

4.3 Meta / WhatsApp

By using WhatsApp as a communication channel, data is transmitted to Meta. Please refer to the WhatsApp Privacy Policy. WhatsApp Privacy Policy.

5. Your Rights

You have the right at any time to:

Information about your stored data (Art. 15 GDPR)
Rectification of incorrect data (Art. 16 GDPR)
Deletion of your data (Art. 17 GDPR)
Restriction of processing (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Object to processing (Art. 21 GDPR)

To exercise your rights, please contact: team@justfin.app

6. Data Deletion

You can request the deletion of all your data at any time. We will comply with your request within 30 days. Certain data may need to be stored longer due to legal retention periods.

7. Data Security

We take the following technical measures to protect your data:

Encrypted transmission (HTTPS/TLS)
Passwords are stored hashed (bcrypt)
Regular security updates
Access restrictions and logging

8. Cookies and Sessions

We use technically necessary cookies for login and session management. These cookies are required for the operation of the website and cannot be disabled.

Session Cookie: For authentication after login
Storage duration: Until logout or session expiration

9. Right to Complain

You have the right to file a complaint with a data protection supervisory authority about our processing of personal data.

Competent supervisory authority in Saxony:
Sächsischer Datenschutzbeauftragter
Devrientstraße 5, 01067 Dresden
www.saechsdsb.de

10. Changes

We reserve the right to adapt this privacy policy to adapt it to changed legal situations or when the service changes. The current version can always be found on this page.

Last updated: December 2025