Privacy Policy
Effective date: TBD — fill in before publishing Last updated: TBD
1. Who we are
Pocketz (the "App") is operated by Michael Ostrovskii ("we", "us", "our"), based in Israel. You can contact us at [email protected].
Pocketz is a virtual ledger for tracking allowances, chores, and family "currencies" between parents and children. Pocketz does not hold, process, or transfer real money. All balances are virtual entries within the App.
2. What information we collect
We collect only what is necessary to operate the App.
| Category | Examples | Purpose |
|---|---|---|
| Account identity | Username, password hash, optional email | Authentication, password recovery |
| Profile metadata | Display name, account names, currency labels | App functionality |
| Ledger data | Account balances, deposits, withdrawals, recurring rules | Core feature |
| Sharing data | Invite tokens, shared-user permissions | Account sharing |
| Device/session | JWT tokens, refresh tokens, blacklisted tokens, IP-derived rate-limit counters | Security |
| Diagnostics | Crash reports, error events, request IDs | Reliability (via Sentry, if enabled) |
| Analytics (if enabled) | Screen views, feature events | Product improvement |
We do not collect: payment card data, government IDs, biometric data (biometric auth is performed on-device only), location, contacts, advertising identifiers.
3. How we use the information
- Operate the App and provide the features you request.
- Authenticate you and protect your account (rate limits, token blacklist).
- Send transactional emails: account verification, password reset, security alerts. We do not send marketing email by default.
- Improve reliability (error tracking) and product quality (anonymous analytics, if you have consented).
We do not sell your data and do not use it for behavioral advertising.
4. Legal basis (EEA/UK users — GDPR)
| Purpose | Legal basis |
|---|---|
| Provide the App's features | Performance of contract (Art. 6(1)(b)) |
| Security, fraud prevention, rate limiting | Legitimate interests (Art. 6(1)(f)) |
| Transactional email | Performance of contract |
| Error tracking & analytics | Legitimate interests, with opt-out |
| Email verification | Consent (Art. 6(1)(a)) |
5. Sub-processors
We use the following service providers. They process data on our behalf under contract.
| Provider | Purpose | Region |
|---|---|---|
| Fly.io (servers located in the United States) | Backend hosting | Sharon District |
| SQLite on Fly.io persistent volumes | Managed PostgreSQL | Sharon District |
| Sentry | Error tracking | EU/US |
| Resend (transactional email only) | Transactional email | Sharon District |
| Sentry (crash and error reports only — no behavioral analytics) | Product analytics (optional) | Sharon District |
| Apple / Google | App distribution, push notifications | Global |
6. Data retention
- Active accounts: retained while the account exists.
- Deleted accounts: purged within 30 days, except where law requires longer retention.
- Audit logs (security/financial events): retained for 30 months for abuse investigation.
- Backups: retained for 30 days; deletion requests propagate on the next backup rotation.
7. Your rights
You may:
- Access the data we hold about you.
- Correct inaccurate data (most fields are editable in-app).
- Delete your account and associated data.
- Export your data in a machine-readable format.
- Object to certain processing, withdraw consent, or lodge a complaint with your data protection authority.
Send requests to [email protected]. We respond within 30 days.
8. Children
Pocketz is designed to be used with parental involvement. We do not
knowingly collect personal data from children under 13 (or under 16 in the
EEA) without verifiable parental consent. See COPPA_ASSESSMENT.md for our
operational stance.
If you believe a child has provided us data without parental consent, contact [email protected] and we will delete it.
9. Security
We use industry-standard measures: TLS in transit, password hashing with bcrypt, JWT with a server-side blacklist, rate limiting, security headers, audit logging. No system is perfectly secure; we will notify affected users of any breach within 72 hours where required.
10. International transfers
Where data is transferred outside the EEA/UK, we rely on Standard Contractual Clauses or equivalent safeguards.
11. Changes
We will notify you in-app and by email (where available) of material changes at least 14 days before they take effect.
12. Contact
Michael Ostrovskii — [email protected] — Dov Hoz 17, Apt 5, Kfar Saba 4435617, Israel