1. Introduction
At PlatAI Studio ("we", "our", "the Company"), we are committed to protecting your privacy and complying with all applicable data protection laws, including the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy describes how PlatAI ("the Application", "the Service") collects, uses, stores, shares, and protects your personal information when you use our mobile financial management application.
By using PlatAI, you agree to the practices described in this Privacy Policy. If you do not agree with this policy, we ask that you do not use the Application.
2. Data Controller
PlatAI Studio
Email: help@plataistudio.com
Website: plataistudio.com
3. Information We Collect
3.1 Information You Provide Directly
- Account Information: Name, email address, password (encrypted) when you create an account.
- Financial Data: Transactions (income and expenses), dates, amounts, categories, descriptive notes, recurring subscriptions.
- Shared Spaces: Information about financial spaces shared with other users, including permissions and roles.
- User Preferences: Language settings, notification preferences, custom categories.
3.2 Automatically Collected Information
- Device Information: Device model, operating system and version, unique device identifiers (UDID), network information.
- Usage Data: Features used, usage frequency, time in app, interactions with specific features, system errors.
- Technical Log Data: Error logs, performance data, diagnostic information to improve app stability.
3.3 Cookies and Similar Technologies
We use cookies and local storage technologies to:
- Keep you logged in
- Remember your preferences
- Analyze app usage
- Improve performance and user experience
4. How We Use Your Information
We use the collected information for the following legitimate purposes:
| Purpose | Legal Basis |
|---|---|
| Provide and maintain the financial management service | Contract performance |
| Authenticate users and manage accounts | Contract performance |
| Synchronize data across devices | Contract performance |
| Improve and optimize the application | Legitimate interest |
| Send important service notifications | Contract performance |
| Prevent fraud and maintain security | Legal obligation / Legitimate interest |
| Comply with legal obligations | Legal obligation |
5. Data Processing
Your data is processed securely to provide the application's functionalities, including:
- Storage and synchronization of financial transactions
- Generation of analysis and visualizations of your data
- Budget calculations and projections
- Management of shared spaces with other users
All data is processed securely and in accordance with this Privacy Policy.
6. Sharing Information with Third Parties
We share limited information with third parties only in the following circumstances:
6.1 Service Providers
We may share information with trusted service providers who help us operate the application, such as:
- Authentication and user management services
- Cloud storage services
- Infrastructure and hosting services
- Analytics and diagnostic services
Shared data is strictly limited to what is necessary to provide the service.
📋 Data Processing Agreements
All our service providers are contractually obligated to protect your information and may only use it to provide services on our behalf.
6.2 Legal Requirements
We may disclose your information if required by law, court order, or to:
- Comply with legal processes
- Protect the rights, property, or safety of PlatAI Studio, our users, or others
- Prevent fraud or illegal activities
- Respond to government requests
6.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.
6.4 With Your Consent
We may share your information with additional third parties when you give us your explicit consent to do so.
7. Data Storage and Security
7.1 Storage Location
- Local Storage: Primary data stored on your device in encrypted form.
- Cloud Storage: Synchronized copies stored on secure servers with appropriate security measures.
🌍 International Data Transfers
Your data may be transferred and processed in countries outside your country of residence, including the United States. We implement appropriate safeguards, such as EU Standard Contractual Clauses, to protect your data during these transfers.
7.2 Security Measures
We implement appropriate technical and organizational security measures, including:
- Encryption in transit: TLS/SSL for all communications
- Encryption at rest: Sensitive data encrypted in databases
- Secure authentication: Passwords hashed using secure algorithms (bcrypt)
- Access control: Limited access to authorized personnel
- Security monitoring: Detection and response to security incidents
- Regular audits: Periodic security reviews
7.3 Data Retention
We retain your personal information for as long as your account is active or as necessary to provide our services. Specifically:
- Active account data: Until you request deletion or account closure
- Transaction data: Until you request deletion or account closure
- Audit and security logs: Up to 90 days after account closure
- Legally required data: As required by applicable law (generally 5-7 years for financial records)
8. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
8.1 GDPR Rights (EU/EEA Users)
- Right of Access: Obtain a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restriction of Processing: Restrict how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to the processing of your data
- Right to Withdraw Consent: At any time when processing is based on consent
- Right to Lodge a Complaint: With a data protection authority
8.2 CCPA Rights (California Users)
- Right to Know: What personal information we collect and how it is used
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt out of the sale of personal information (note: we do not sell personal information)
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights
8.3 How to Exercise Your Rights
To exercise any of these rights, you can:
- Send an email to: help@plataistudio.com
- Use the settings options within the application
- Visit our data deletion pages:
We will respond to your request within 30 days. We may need to verify your identity before processing your request.
9. Privacy of Minors
PlatAI is not directed to persons under 16 years of age (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from minors.
If you are a parent or guardian and believe that your child under 16 has provided us with personal information, contact us immediately. We will delete such information from our records as soon as possible.
10. Service Features
10.1 Shared Spaces
When you share a financial space with other users:
- Space members can view transactions and data added to the shared space
- You control what information you share in each space
- You can leave a shared space at any time
- Space administrators can invite or remove members
10.2 Cross-Device Synchronization
Your data is automatically synchronized across all devices where you are logged in. You can disable synchronization in the app settings.
11. Third-Party Links
PlatAI may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We recommend that you read the privacy policies of any third-party websites you visit.
12. Changes to this Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements.
- The "Last updated" date at the beginning of this policy indicates when it was last revised
- Material changes will be notified through a prominent notification in the app or by email
- Your continued use of PlatAI after changes constitutes your acceptance of the updated policy
We recommend that you review this policy periodically to stay informed about how we protect your information.
13. Jurisdiction-Specific Disclosures
13.1 United Kingdom Users
For users in the United Kingdom, PlatAI Studio acts as a data controller under UK GDPR. You can contact the Information Commissioner's Office (ICO) if you have concerns about how we handle your data.
13.2 Brazil Users
For Brazilian users, we comply with the Lei Geral de Proteção de Dados (LGPD). Your rights include access, correction, deletion, portability, and revocation of consent.
13.3 Australia Users
For Australian users, we comply with the Australian Privacy Principles (APPs). You can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
14. Legal Basis for Processing (GDPR)
We process your personal data under the following legal bases:
- Contract Performance: To provide the service you requested
- Consent: For optional features such as AI analysis
- Legitimate Interest: To improve our service and prevent fraud
- Legal Obligation: To comply with applicable laws and regulations
15. Data Breach Notification
In the unlikely event of a security breach affecting your personal data:
- We will notify relevant authorities within 72 hours
- We will notify you without undue delay if there is a high risk to your rights
- We will take immediate action to mitigate the impact
Questions or Concerns?
If you have questions about this Privacy Policy or how we handle your personal data, contact us:
Email: help@plataistudio.com
Website: plataistudio.com
We will respond to all inquiries within 30 business days.