Back

Privacy Policy

1. Responsible Party

Daniel Punke
Kiwittsmoor 70
22417 Hamburg, Germany
Email: hello@spendlog.dev

2. Data Collection

We collect and process the following personal data:

  • Account data: Email address (for authentication)
  • Usage data: IP address, browser type, access times (automatically collected)
  • Financial data: Transaction data, invoices, projects (provided by you)

3. Purpose of Data Processing

We process your data for the following purposes:

  • Providing and operating the service
  • User authentication and account management
  • Storing and syncing your financial data
  • Improving our service and user experience
  • Communication with users (support, updates)

4. Third-Party Services

We use the following third-party services:

  • Supabase: Database hosting and authentication (EU servers)
  • Cloudflare: CDN and hosting services (global)
  • PostHog: Analytics (only with your consent)

5. Legal Basis

The processing of your data is based on Art. 6 (1) GDPR:

  • Consent (Art. 6 (1) a GDPR) - for analytics cookies
  • Contract fulfillment (Art. 6 (1) b GDPR) - for service provision
  • Legitimate interests (Art. 6 (1) f GDPR) - for security and improvement

6. Data Storage Duration

We store your personal data only as long as necessary for the purposes stated or as required by law. Account data is deleted 30 days after account deletion.

7. Your Rights

Under GDPR, you have the following rights:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 (3) GDPR)
  • Right to lodge a complaint with a supervisory authority

To exercise your rights, please contact: hello@spendlog.dev

8. Cookies

We use cookies for analytics purposes (PostHog). These are only set with your explicit consent. You can withdraw your consent at any time by clearing your browser cookies or changing your cookie settings.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. All data transmission is encrypted via HTTPS.