Simplony
Sign inGet Started

Privacy Policy

Last updated: April 11, 2026

This Privacy Policy describes how Simplony (“we”, “us”, “our”) collects, uses, and protects your personal information when you use Simplony (the “Service”).

1. What Information We Collect

Account Data

When you create an account, we collect your email address, display name, and password (stored as a cryptographic hash — we never see your plain-text password).

User-Submitted Content

The Service allows you to enter financial information such as transaction descriptions and amounts, budget categories and limits, debt and reminder details, and text, voice input, or images submitted through AI assistant features. We do not connect to your bank accounts or retrieve data from external financial institutions.

Automatically Collected Data

We use an error monitoring service to track application errors and performance. Limited account and technical information may be processed as needed to keep the Service reliable, secure, and easier to support.

Analytics and Marketing Data (Only With Your Consent)

We may use analytics and marketing tools, but only if you explicitly consent through our cookie banner. These tools are not active by default. You can change or withdraw your consent at any time. See our Cookie Policy for details.

Payment Data

If you subscribe to a paid plan, payment processing is handled by a third-party payment processor. We do not store your credit card number. The payment processor may collect payment method details, billing address, and transaction history under their own privacy policy.

2. How We Use Your Information

We use your information to provide, operate, and maintain the Service, process your financial data for dashboards and insights, power AI assistant features, process payments, send transactional emails, monitor errors, and comply with legal obligations. We do not sell your personal information to third parties.

3. AI Processing

The Service includes AI-powered features provided by a third-party AI model. When you use AI features, your prompts and relevant financial context are sent to the AI provider. AI responses are not guaranteed to be accurate. We do not use your data to train AI models. AI features require explicit user interaction.

The AI assistant does not provide financial, legal, or tax advice. See the AI and Financial Disclaimer for details.

4. Third-Party Services

We use third-party service providers to operate the Service. These include providers for:

  • Cloud hosting and database— stores your account and financial data securely
  • Authentication and security— manages login sessions and bot protection
  • Payment processing— handles subscription billing (we never see your full card number)
  • AI services— powers the financial assistant and categorisation features
  • Error monitoring— helps us detect and fix issues using only the information needed to provide and improve the Service
  • Email delivery— sends transactional emails such as notification digests
  • Analytics and marketing— only active with your explicit consent

These providers process data on our behalf under their own privacy policies. We only share the minimum data necessary for each service to function. For a full list of providers, you may contact us.

5. Cookies and Consent

We use strictly necessary cookies (authentication, security) which are always active, plus optional analytics and marketing cookies which are denied by default. You can manage your preferences through the cookie banner at any time. For full details, see our Cookie Policy.

6. International Data Transfers

Your data may be processed in countries outside the EEA, including the United States, where our service providers operate. We rely on appropriate safeguards such as Standard Contractual Clauses (SCCs).

7. Data Retention

We retain your data while your account is active. Account and financial data is deleted upon account deletion. Error monitoring data is retained for approximately 90 days. Payment records are retained as required by tax and accounting laws.

8. Data Security

We protect your data with encrypted connections (HTTPS/TLS), Row-Level Security ensuring users can only access their own data, hashed passwords, and PII stripping from error reports. No system is 100% secure — if we become aware of a breach, we will notify you and relevant authorities as required by law.

9. Your Rights

If you are in the EEA, UK, or a jurisdiction with similar data protection laws, you have the right to access, rectify, erase, restrict, and port your data, as well as object to processing and withdraw consent at any time.

To exercise any of these rights, contact us. We will respond within 30 days.

10. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the “Last updated” date. Your continued use of the Service after changes constitutes acceptance.

12. Contact

If you have questions about this Privacy Policy, please contact us.