penny.
EN App holen

Privacy Policy

Last updated: March 2026

Penny ("we", "us") takes your privacy seriously. This policy explains how we collect, use, and protect your personal data in compliance with the EU General Data Protection Regulation (GDPR / DSGVO) and the German Telecommunications-Telemedia Data Protection Act (TTDSG).

1. Data Controller

The data controller within the meaning of Art. 4(7) GDPR is:

m12k GmbH
[Address]
Germany
Email: privacy@pennyfinance.de

2. Data We Collect

We collect the following categories of personal data:

  • Account data: email address, name, language preference, and timezone — collected during registration. Legal basis: Art. 6(1)(b) GDPR (contract performance).
  • Financial data: transaction history, account balances, IBAN (masked), and spending categories — accessed via Tink with your explicit consent. Legal basis: Art. 6(1)(a) GDPR (consent).
  • Conversation data: messages you send to Penny and AI-generated responses, stored to provide conversation history. Legal basis: Art. 6(1)(b) GDPR (contract performance).
  • Usage data: app interactions, feature usage, crash reports (via Firebase Crashlytics), and device information (OS version, device model). Legal basis: Art. 6(1)(f) GDPR (legitimate interest in service stability).
  • Payment data: subscription status and purchase history, managed via RevenueCat / Apple App Store / Google Play Store. We never see or store your full payment details, credit card numbers, or bank account information for billing. Legal basis: Art. 6(1)(b) GDPR (contract performance).
  • Push notification tokens: device tokens for sending push notifications, only with your explicit permission. Legal basis: Art. 6(1)(a) GDPR (consent).

3. How We Use Your Data

  • To provide AI-powered financial coaching and spending analysis
  • To sync and categorize your bank transactions
  • To generate proactive financial insights (with your permission)
  • To process payments for premium subscriptions
  • To send push notifications about your finances (with your permission)
  • To monitor app stability and fix crashes (Firebase Crashlytics)
  • To improve the service based on aggregated, anonymized usage patterns

4. Data Processors (Sub-processors)

We share personal data with the following processors, all bound by Data Processing Agreements (Art. 28 GDPR):

Processor Purpose Location
Tink Germany GmbH Bank data access (BaFin-licensed, PSD2) EU (Sweden/Germany)
Supabase Inc. Database hosting, authentication EU (Frankfurt, Germany)
Anthropic PBC AI processing (chat responses) USA*
RevenueCat Inc. Subscription management USA*
Google LLC (Firebase) Push notifications, crash reporting EU (Frankfurt)*
Railway Corp. API server hosting EU

* For US-based processors, data transfers are protected by EU Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR and/or the EU-US Data Privacy Framework where applicable.

Anthropic specifically: Your conversation data sent to Anthropic's API is processed solely to generate responses and is not used to train AI models, per Anthropic's commercial API terms.

We never sell your personal data to third parties.

5. International Data Transfers

Your data is primarily stored on EU-based servers in Frankfurt, Germany. Where data is transferred to processors outside the EU/EEA (notably Anthropic and RevenueCat in the USA), we ensure an adequate level of protection through:

  • EU Standard Contractual Clauses (SCCs) — Art. 46(2)(c) GDPR
  • EU-US Data Privacy Framework adequacy decision — where the processor is certified
  • Additional technical measures (encryption in transit and at rest)

6. Data Storage & Security

We implement appropriate technical and organizational measures to protect your data (Art. 32 GDPR):

  • All data is encrypted in transit (TLS 1.2+) and at rest
  • Database hosted on EU servers (Supabase, Frankfurt) with Row Level Security
  • Bank credentials are never stored by Penny — Tink handles all bank authentication
  • Access to production systems is restricted and logged
  • Authentication tokens are stored securely on-device (iOS Keychain / Android Keystore)

7. Automated Decision-Making & Profiling

Penny uses AI to analyze your spending and generate personalized insights. This constitutes profiling within the meaning of Art. 22 GDPR. However:

  • No automated decisions with legal or similarly significant effects are made
  • AI-generated insights are informational only — you are never automatically approved or denied any service based on AI analysis
  • Transaction categorization is automated but does not produce legal effects
  • You can request human review of any AI-generated analysis by contacting us

8. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right of access (Art. 15) — request a copy of your personal data
  • Right to rectification (Art. 16) — correct inaccurate data
  • Right to erasure (Art. 17) — request deletion of your data ("right to be forgotten")
  • Right to restrict processing (Art. 18) — limit how we use your data
  • Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
  • Right to object (Art. 21) — object to processing based on legitimate interest
  • Right to withdraw consent (Art. 7(3)) — withdraw consent at any time without affecting prior processing

To exercise any of these rights, email privacy@pennyfinance.de. We will respond within 30 days (extendable by 60 days for complex requests, with notice).

You can also delete your account directly in the App, which triggers automatic erasure of all personal data within 30 days.

9. Data Retention

  • Account data: retained for as long as your account is active
  • Financial data: retained while your bank is connected; deleted when you disconnect or delete your account
  • Conversation history: retained while your account is active; deleted upon account deletion
  • Crash reports: retained for 90 days
  • Upon account deletion: all personal data is erased within 30 days, except where retention is required by law (e.g., tax records under AO §147: up to 10 years)

Anonymized, aggregated data that cannot be linked to you may be retained indefinitely for service improvement.

10. Cookies & Tracking

The Penny mobile app does not use cookies. The Penny website (penny.finance) does not use tracking cookies or third-party analytics. We do not engage in cross-site tracking or behavioral advertising.

Firebase Crashlytics collects anonymous crash data to improve app stability. This is based on our legitimate interest (Art. 6(1)(f) GDPR) in maintaining a stable service. You can opt out by disabling crash reporting in your device settings.

11. Children's Privacy

Penny is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a person under 18, we will delete it promptly.

12. Changes to This Policy

We will notify you of material changes to this policy at least 14 days in advance via email or in-app notification. Non-material changes (e.g., formatting, clarifications) may be made without notice. The "Last updated" date at the top will always reflect the current version.

13. Contact & Supervisory Authority

For privacy inquiries or to exercise your rights:

m12k GmbH
Data Protection: privacy@pennyfinance.de

You have the right to lodge a complaint with a supervisory authority. The competent authority in Germany is:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153, 53117 Bonn
www.bfdi.bund.de

Or the state data protection authority (Landesdatenschutzbeauftragte) of the federal state where our company is registered.