📋 1. Overview

Welcome to Mssarifi ("the App"), a personal and family expense tracking application developed by Mohamed Younies ("we", "us", or "our"). We are committed to protecting your privacy and handling your personal data responsibly.

This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application available on Google Play and the Apple App Store. By using Mssarifi, you agree to the practices described in this policy.

📊 2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and profile picture (when you sign in via Google or Apple Sign-In).
• Financial Data: Transaction amounts, categories, notes, and dates that you manually enter into the app.
• Family Sharing Data: Family group link codes and associated member information when you use the family sharing feature.
• Profile Information: Display name and avatar preferences you set in your profile.

2.2 Information Collected Automatically

• Device Information: Device type, operating system version, and app version for compatibility and troubleshooting.
• Usage Data: Feature usage patterns to help us improve the app experience (anonymized and aggregated).
• Crash Reports: Technical crash logs to identify and fix issues (via Firebase Crashlytics).

2.3 Information We Do NOT Collect

• We do not collect bank account numbers, credit card details, or any direct financial institution credentials.
• We do not access your contacts, camera, microphone, or location data.
• We do not use tracking technologies for advertising purposes.

⚙️ 3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide Core Services: Enable expense tracking, data visualization, and statistical analysis of your spending habits.
• Family Sharing: Facilitate real-time synchronization of expenses between linked family members.
• Cloud Backup: Securely store your data so it is accessible across your devices.
• App Improvement: Analyze anonymized usage data to improve features, performance, and user experience.
• Bug Fixes: Use crash reports to identify and resolve technical issues.
• Communication: Respond to your support requests and send critical service updates (no marketing emails).

🗄️ 4. Data Storage & Retention

Your data is stored securely using Google Firebase (Cloud Firestore and Firebase Authentication), which provides enterprise-grade security, encryption at rest, and encryption in transit.

• Storage Location: Data is stored on Google Cloud servers, typically in the United States or the EU, in accordance with Google Firebase's infrastructure.
• Retention Period: Your data is retained for as long as your account is active. If you delete your account, all associated data will be permanently removed within 30 days.
• Local Data: Certain preferences (such as theme and language settings) are stored locally on your device using SharedPreferences and are not transmitted to any server.

🤝 5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information to any third party.

We may share data only in the following limited circumstances:

• Family Members: When you voluntarily link your account with family members, your expense data is shared with the linked accounts in your family group.
• Service Providers: We use Google Firebase for authentication, database, and crash reporting. Google processes data in accordance with their Privacy Policy.
• Legal Requirements: We may disclose information if required by law, court order, or governmental regulation.

🔒 6. Data Security

We take the security of your data seriously and implement the following measures:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest on Firebase servers.
• Authentication: Secure sign-in via Google Sign-In and Apple Sign-In with industry-standard OAuth 2.0 protocols.
• Access Controls: Firebase Security Rules ensure users can only access their own data and data shared within their family group.
• No Passwords Stored: We never store your passwords. Authentication is handled entirely by Google or Apple's secure identity providers.

While we implement industry-standard security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but strive to protect your information to the best of our ability.

✅ 7. Your Rights

You have the following rights regarding your personal data:

• Access: You can view all your data directly within the app at any time.
• Correction: You can edit your profile information and transactions within the app.
• Deletion: You can request complete deletion of your account and all associated data by contacting us. Data will be permanently deleted within 30 days of your request.
• Data Portability: You can request an export of your data by contacting our support team.
• Withdraw Consent: You can stop using the app at any time. You may also unlink your family sharing at any time.

To exercise any of these rights, please contact us using the information provided below.

👧 8. Children's Privacy

Mssarifi is not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately and we will take steps to delete such information.

📝 9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app features. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page.
• Notify users through an in-app notification or update notice.

We encourage you to review this policy periodically to stay informed about how we are protecting your information.

📧 10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: