oioTrack

Welcome to oioTrack (“oioTrack,” “we,” “us,” or “our”), a service provided by TQC Solution JSC. This Privacy Policy is designed to inform you about how we handle your information in connection with your use of the oioTrack mobile application (the “Service”). It explains what data we collect, why we collect it, how it is used and protected, and the rights and choices you have regarding your information.

oioTrack is built to make managing and splitting expenses within groups simple and transparent. Unlike services designed for individual file storage, the core function of oioTrack is collaborative. It requires processing the financial information you and your group members provide to calculate balances and show who owes whom. Our commitment is to handle this data with the utmost care, security, and transparency.

By using our Service, you agree to the collection and use of information in accordance with this policy. We are dedicated to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. 

This section details the specific categories of data we collect to provide and improve the Service. We believe in data minimization, collecting only what is essential for oioTrack to function effectively and securely. 

To use oioTrack, you need to create an account and provide information that is essential for the service to work. This includes:

• Account Information: When you register, we collect your name, email address, and password (which is securely hashed). You may also optionally provide a profile picture.  

• User-Generated Content: The core of oioTrack is the content you create and share within your groups. This includes:

  • Group Information: Names and descriptions of the groups you create or join.

  • Expense Details: For each expense you log, we collect the amount, currency, description, category, and date.

  • Receipt Images: You have the option to upload images of receipts as proof of purchase.

  • Payment Records: When you record a payment to settle a debt with another member, we collect the details of that settlement.

• Communications with Us: If you contact our customer support, we collect your name, email address, and the content of your communications to assist you.

When you use the oioTrack application, we automatically collect certain technical and usage information to ensure the app functions correctly, to maintain security, and to analyze performance for future improvements. This includes:

• Device and Usage Information: We collect data about your device and your interaction with our Service. This includes your device's unique identifier (Device ID), IP Address, operating system type and version, device model, the oioTrack app version, and language settings. We also gather aggregated usage analytics, such as which features are used most frequently and general interaction patterns.   

• Crash and Performance Data: If the app encounters an error, we automatically collect diagnostic information, including crash reports, to help our developers identify and fix bugs and stability issues. 

To make signing up easier, we allow you to register using third-party services.

• Third-Party Logins: If you choose to sign up or log in using a third-party service like Google or Apple, we will collect your account identifier (email address) from that service to authenticate your identity. We do not receive your password from these services. 

Transparency is key to the trust you place in us. Unlike a purely local utility, oioTrack is a networked service, and it's important to understand how your data is handled.

• Necessary Processing: To calculate balances and split expenses, our servers must process the financial data you and your group members enter. This processing is the core function of the app.

• Shared by Design: The expense information you add to a group (amount, description, your name) is, by design, visible to all other members of that group. This transparency is essential for the group to manage its finances.

• User Control: You control the information you add. You can edit or delete expenses you have created, and you manage your own account information.

We are committed to ensuring you have control over your personal data. In accordance with applicable data protection laws, you have several rights concerning the information we hold about you. These rights apply to the operational data we collect as detailed in Section I.B.

• Right to Access: You have the right to request a copy of the personal data we hold about you.

• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

• Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (where applicable) and there is no other legal ground for processing.

• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances, for example, if you contest the accuracy of the data.

• Right to Object to Processing: You have the right to object to our processing of your personal data where we are relying on a legitimate interest as our legal basis.

• Right to Data Portability: Where applicable, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. We will respond to your request in accordance with applicable law.

Our data sharing practices are guided by the collaborative nature of the service and our commitment to your privacy.

We only share the limited operational data described in Section I.B with the following categories of recipients for specific, necessary purposes:

• With Other Group Members: The primary instance of data sharing is with the other members of your groups. When you add an expense to a group, details such as the description, amount, and your name will be visible to everyone in that group. This is a fundamental aspect of the service.

• With Service Providers: We share operational data with trusted third-party vendors who perform services on our behalf, such as cloud hosting (for storing data and receipts), data analysis, and crash reporting. These providers are contractually bound to protect your data and are only permitted to use it for the specific purposes we have authorized.  

• For Legal and Law Enforcement Purposes: We may disclose your information if required by law or in the good faith belief that such action is necessary to comply with a legal obligation or a valid request from a governmental authority.  

• In Connection with Business Transfers: If TQC Solution JSC is involved in a merger, acquisition, or sale of assets, your operational data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

We do not sell your personal data to third parties for advertising or marketing purposes.

TQC Solution JSC operates globally, which means that the operational data we collect may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country.

However, we take steps to ensure that your personal data receives an adequate level of protection wherever it is processed. We do this by implementing appropriate safeguards for cross-border transfers, as required by applicable law. For transfers of personal data from the European Economic Area (EEA), the UK, and Switzerland to other countries, we rely on mechanisms such as the European Commission's Standard Contractual Clauses (SCCs) to ensure that the data is protected to the same standard as it would be within Europe. 

We take the security of your data very seriously and have implemented robust technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or misuse. These measures include data encryption in transit and at rest, strict access controls for our internal systems, regular security audits, and strong password requirements.  

By working together, we can ensure a secure environment for both the operational data we manage and the personal content you control.

We retain your personal data for as long as necessary to provide you with the Service and for the purposes set out in this policy.

• Account Data: We retain your account information and the content in your groups as long as your account is active.

• Inactive Accounts: If an account remains inactive for a period of one year, we may disable it. If it remains inactive for a further year after being disabled, we will delete the account and the associated personal data, unless we are legally required to retain it for a longer period.  

• Operational Data: We retain other operational data, such as analytics and crash logs, for the limited periods specified in the table in Section II.

If you have any questions, comments, or concerns about this Privacy Policy, our data practices, or your rights, please do not hesitate to contact us.

The data controller responsible for your information is TQC Solution JSC.

Please contact directly at: developer@tqcsolution.com

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.

If we make a material change to the policy one that significantly alters how we handle your personal data we will provide you with prominent notice in advance of the change taking effect. This may include an in-app notification or other appropriate means of communication. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after the effective date of the revised policy will constitute your acceptance of the changes.