Privacy
# Privacy Policy
**Effective date:** 11.05.2026
**Last updated:** 11.05.2026
## 1. Introduction
This Privacy Policy explains how famly ("we", "us", or "our") collects, uses, and shares information when you use our mobile application ("the App"). famly is a family budgeting app that lets members of a household share expenses, recurring templates, and category budgets.
By using the App, you agree to the practices described in this Policy. If you do not agree, please do not use the App.
**Controller:**
Hakan Yigit Unac
Email: unachakanyigit@gmail.com
---
## 2. Information we collect
We collect only what we need to operate the App. We do not sell your data, and we do not show third-party advertising.
### 2.1 Account information (provided by you via Sign in with Apple)
When you sign in with your Apple ID we receive, from Apple:
- A stable user identifier
- The email address you choose to share with us (real or Apple's private relay address)
- Your first and last name, if you choose to share them
We store this information in our authentication database (see "Service providers" below) so we can sign you back in on subsequent launches.
### 2.2 Profile information
After sign-in, you create a profile that may include:
- First name and last name (optional, editable)
- A profile color used to identify your transactions in the family ledger
- An avatar image, if you upload one
### 2.3 Family and financial data
When you create or join a family, the App stores:
- The family name and base currency
- The list of family members and their roles (admin or member)
- Pending join requests and invite codes
- Transactions you create: amount, category, description, date, whether the transaction is shared, who added it
- Recurring templates: name, amount, category, frequency, next-run date
- Categories: name, icon, color
Transactions and templates are visible to every member of your family.
### 2.4 Subscription data (via RevenueCat and Apple)
When you start a free trial or purchase a subscription:
- Apple processes the payment. We never see your full payment-card details.
- RevenueCat (our subscription-management provider) issues you an anonymous identifier and stores your subscription status (active, expired, in grace period, trial, etc.) so the App can verify your entitlement on each device.
- We do not store your billing address, card number, or any other Apple ID payment details.
### 2.5 Automatically collected technical data
We collect a minimal set of technical signals to keep the App running:
- Device model, OS version, and App version (for crash and compatibility reporting)
- A randomly generated installation identifier
- Approximate region inferred from your Apple ID locale (used to localize prices and dates)
- Diagnostic logs for crashes and errors
We do not collect precise location, contacts, photos, microphone, or camera data unless you explicitly grant such access for a feature that needs it (currently: the App does not request any of these).
### 2.6 What we do NOT collect
- We do not collect your contacts, calendars, photos library, or microphone/camera data.
- We do not collect precise GPS location.
- We do not use advertising trackers or third-party analytics SDKs that profile you across apps.
- We do not sell, rent, or trade your personal information.
---
## 3. How we use your information
We use your information to:
- Authenticate you and keep you signed in
- Provide the family-shared ledger, recurring templates, and analytics
- Process and verify your subscription status (via RevenueCat and Apple)
- Send transactional and in-app notifications relevant to your family (e.g., a new transaction was added)
- Detect and fix crashes, security issues, and abuse
- Comply with legal obligations
---
## 4. Service providers
We share specific information with the following processors so we can operate the App. Each processor is bound by a data-processing agreement and uses your data only on our instructions.
| Processor | Purpose | Data received | More info |
| --- | --- | --- | --- |
| **Apple (Sign in with Apple, App Store, Push Notifications)** | Authentication, payment processing, push delivery | Apple ID identifier, email (real or relay), subscription transactions, device push token | https://www.apple.com/legal/privacy/ |
| **Supabase, Inc.** | Authenticated database & storage hosting our profile, family, transaction, and avatar data | Account identifier, profile fields, family/transaction/template records, uploaded avatar images | https://supabase.com/privacy |
| **RevenueCat, Inc.** | Subscription state management and receipt validation | Anonymous user identifier, App Store transaction receipts, subscription status events | https://www.revenuecat.com/privacy |
Apple and these processors operate globally and may store data in regions outside your home country. Where they are subject to international transfer rules (e.g., EU → US), they rely on the safeguards described in their own policies (Standard Contractual Clauses, EU-U.S. Data Privacy Framework, etc.).
We do not share your data with advertising networks, data brokers, or any party not listed above.
---
## 5. Where your data is stored
Your data is stored in our Supabase project, which currently uses data centers operated by Supabase's infrastructure providers. Subscription records are stored by RevenueCat in their cloud infrastructure. Payment records are held by Apple.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, your data may be transferred to and processed in the United States and other countries. Such transfers rely on the safeguards described in the privacy policies of our processors (e.g., Standard Contractual Clauses).
---
## 6. How long we keep your data
- **Active account data**: kept while your account exists and your family is active.
- **Deleted family**: when a family admin deletes the family, the family record and all its transactions are deleted. Member profiles persist until each member individually deletes their account.
- **Deleted account**: when you delete your account, your profile, your transactions, your templates, and your subscription mapping are deleted within 30 days. Anonymized logs and backups may persist for up to 90 days before being purged.
- **Subscription receipts**: kept by Apple and RevenueCat for the duration required by tax and accounting rules in their respective jurisdictions.
You can request deletion at any time using the in-app "Delete account" flow or by emailing unachakanyigit@gmail.com.
---
## 7. Your rights
Depending on where you live, you may have the following rights:
- **Access** — Ask us what personal information we hold about you.
- **Rectification** — Ask us to correct inaccurate or incomplete data.
- **Erasure ("right to be forgotten")** — Ask us to delete your data.
- **Restriction / objection** — Ask us to limit or stop certain processing.
- **Data portability** — Receive a copy of your data in a structured, machine-readable format.
- **Withdraw consent** — Where we rely on your consent (e.g., push notifications), you can withdraw it any time without affecting the legality of prior processing.
- **Lodge a complaint** — File a complaint with your local data protection authority.
To exercise these rights, email **unachakanyigit@gmail.com** with your Apple ID email (or the relay address you signed up with). We will respond within 30 days.
### California residents (CCPA/CPRA)
We do not sell or share your personal information for cross-context behavioral advertising. As a California resident you have the right to know, delete, correct, and limit the use of sensitive personal information. To exercise these rights, contact us at the email above.
### EU/UK residents (GDPR / UK GDPR)
Our lawful bases for processing are:
- **Contract** — to provide the App and its features you sign up for.
- **Legitimate interests** — to keep the App secure, prevent abuse, and improve reliability.
- **Consent** — for optional features such as push notifications.
- **Legal obligation** — to comply with tax, anti-fraud, and other regulations.
---
## 8. Children
The App is not intended for children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from such children. If you believe a child has provided personal information to us, contact us at unachakanyigit@gmail.com and we will delete the data.
Families using famly should treat the shared ledger as visible to all members; do not include information about minors that you would not be comfortable sharing within the household.
---
## 9. Security
We protect your data using:
- HTTPS (TLS 1.2+) for all network traffic
- Row-level security in Supabase that restricts each family's data to its members
- Sign in with Apple, which keeps your authentication credentials at Apple (we never see your Apple ID password)
- Encryption of data at rest in our database
No system is perfectly secure. If we become aware of a security incident affecting your data, we will notify you and the relevant authorities as required by law.
---
## 10. Cookies and tracking
The App is a native iOS application. It does not use cookies. We do not use ad-tracking SDKs.
If we publish a marketing website in the future, that website may use a minimal cookie set (e.g., for analytics consent) and will carry its own cookie policy.
---
## 11. Changes to this Policy
We may update this Policy from time to time. When we make material changes, we will:
- Update the "Last updated" date at the top
- Notify you in-app or by email before the changes take effect
- Continue to apply the prior version to any data we collected under it, where required
---
## 12. Contact
Questions, requests, or complaints? Email us at:
**unachakanyigit@gmail.com**
For physical mail, contact us at the address listed at the top of this Policy.
Yorumlar
Yorum Gönder