Privacy Policy

Last updated: 25 May 2026

This Privacy Policy explains what information Talverra ("we", "us") collects from you, how we use it, and the rights you have over it. It applies to the Talverra mobile app and any future web experience under the talverra.app domain (collectively, the "Service").

Short version: We collect only what we need to run the app for you. We don't sell your data, we don't use it for advertising, and you can delete everything at any time.

1. What we collect

1.1 Account information

When you create an account, we collect:

Email address — to sign you in and contact you about your account.
Display name — only what you choose to enter.
Authentication identifiers — if you sign in with Apple or Google, we receive a stable user identifier from those providers (but not your password).

1.2 Financial information you choose to enter

Talverra is a personal-finance tool. You enter information about yourself directly. We do not access your bank or card accounts automatically. The information you may enter includes:

Account balances (a number you type).
Bills, due dates, amounts, and payment history.
Monthly take-home pay (optional).
Financial goals, budget categories, and check-in preferences.

None of this is sent to anyone except your own private storage in our backend.

1.3 Onboarding answers

When you go through onboarding we ask you what areas of personal finance you want help with, your life situation, and your goals. This is used to personalize the dashboard and recommendations. We may use aggregate, non-identifying versions of these answers to understand what people use the app for.

1.4 Subscription state

If you subscribe to Talverra Plus or Premium, we store your subscription status (active / expired / cancelled), the product you bought, and renewal information. Billing itself runs through Apple or Google — we never see your card number.

1.5 Diagnostic information

Like any modern app, we collect minimal diagnostic information for stability:

Crash reports (no personal data attached).
App version and operating system version.

2. What we do NOT collect

Your bank login credentials. If you ever connect a bank account through a future Plaid integration, Plaid handles those credentials directly — we receive only the access token Plaid issues.
Your card numbers. Subscription payments run through Apple Pay / Google Pay.
Location data. We don't ask for it and we don't use it.
Your contacts, photos, or microphone. The app doesn't request these permissions.
Advertising identifiers (IDFA, AAID). We don't track you across other apps.

3. How we use your information

To run the Service — show your bills, calculate your projections, send reminders you've configured.
To improve the Service — in aggregate and de-identified form only.
To contact you — for important account or service notices.
To enforce our Terms of Service and prevent abuse.

We do not sell your information, share it with advertisers, use it for ad targeting, or feed it into AI training data.

4. Where your data lives

Your data is stored in Google Cloud Firestore in the United States (us-central1 region). Authentication is handled by Firebase Authentication. Both are services operated by Google LLC. Their security and privacy practices are described at cloud.google.com/security and policies.google.com/privacy.

If you live outside the United States, your data will be transferred to and processed in the United States. By using Talverra, you consent to that transfer.

5. Third parties we share data with

We share information with a small number of service providers, only as needed to run the Service:

Firebase / Google Cloud (database, authentication, cloud functions) — Google LLC.
RevenueCat (subscription state management) — RevenueCat, Inc. Subscription events flow from Apple/Google → RevenueCat → our webhook. RevenueCat's privacy policy.
Apple / Google — when you sign in with Apple or Google, or pay through their stores.
Finnhub (stock-quote API) — only when you view market widgets. No personal data is sent.
Plaid (bank-account connectivity) — only if you opt in to a future bank-link feature. Plaid receives the credentials you enter and returns an access token; we never see the credentials.
Method Financial (biller connectivity) — only if you opt in to a future biller-link feature. Same model as Plaid.

We do not sell or rent your personal information to anyone.

6. Your rights and choices

6.1 Delete your account

You can delete your account at any time from Settings → Account & Security. When you do, we hard-delete your bills, settings, and onboarding answers. Your top-level account record is kept as a deletion marker (a single timestamp) to prevent re-creating an account with the same email — but no personal data beyond that marker remains.

6.2 Export your data

You can export your bills as a CSV file from Settings → Export All Bills.

6.3 California residents (CCPA)

If you're a California resident, you have the right to:

Know what categories of personal information we've collected about you.
Request deletion of your personal information.
Opt out of the "sale" of your personal information. (We don't sell personal information, so there's nothing to opt out of, but you have the right anyway.)
Be free from discrimination for exercising any of these rights.

To exercise any of these rights, email support@talverra.app from the address tied to your account.

6.4 EU / UK residents (GDPR)

If you're in the European Union, United Kingdom, or Switzerland, you have the rights of access, rectification, erasure, restriction of processing, data portability, and objection. Email support@talverra.app and we'll respond within 30 days.

The legal basis on which we process your data is your consent (you signed up) and the performance of a contract (you're using the Service).

6.5 Push notifications and biometric lock

You can disable bill reminders and other push notifications at any time from Settings → Notifications. You can disable Face ID / Touch ID lock from Settings → Account & Security.

7. Children

Talverra is not directed at children under 13. We don't knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, email support@talverra.app and we'll delete the account.

8. Security

We use Firebase's built-in security rules to ensure that one user can never read or write another user's data. Communications between the app and our backend are encrypted end-to-end using TLS. We rely on Apple, Google, and our underlying cloud providers to maintain the underlying infrastructure security.

No system is perfectly secure, however. If you suspect your account has been compromised, change your password immediately and email support@talverra.app.

9. How long we keep your data

While your account is active — we keep all the data you entered.
After you delete your account — we delete your bills, settings, and onboarding answers immediately. The deletion marker described in section 6.1 stays indefinitely so no one can recreate an account under the same Firebase Auth identity.
Subscription / billing records — kept for as long as legally required for tax and refund purposes (typically 7 years in the US).
Backups — Firebase rolls automated backups for disaster recovery. Backups are encrypted and inaccessible to staff in the ordinary course of business; deleted data is purged from backups within 90 days.

10. Changes to this policy

We'll update this page if we change how we handle your data. If the change is material, we'll let you know in the app and ask you to acknowledge the new version before you continue using Talverra. The "Last updated" date at the top of this page is the source of truth for the current version.

11. Contact us

Email: support@talverra.app

For feedback or feature requests: feedback@talverra.app

This policy was last updated on 25 May 2026. Earlier versions are kept in our source control history.