Privacy Policy

Effective Date: February 7, 2026
Last Updated: February 7, 2026

    CompoundCalc ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application CompoundCalc (the "App"). This policy applies to users worldwide and complies with applicable data protection laws including GDPR (EU/EEA), UK GDPR, CCPA/CPRA (California, USA), LGPD (Brazil), DPDPA (India), and other international privacy regulations.

1. Data Controller

For the purposes of applicable data protection laws, the data controller responsible for your personal data is:

CompoundCalc
Developer: [Your Full Legal Name]
Address: [Your Address, City, Country]
App Package: com.ondran.compoundcalc
Email: 0ndr4N@proton.me

2. Information We Collect

We collect information automatically when you use the App through the following third-party services:

2.1 Information Collected Automatically

Category	Data Types	Purpose
Device Information	Device type, model, operating system version, unique device identifiers (Advertising ID, App Instance ID), language settings, time zone	App functionality, analytics, advertising
Usage Data	App interactions, screens viewed, session duration, feature usage, in-app events (e.g., calculations performed, mode switches, scenario saves)	Analytics, app improvement
Network Information	IP address (used for approximate geolocation), network type, carrier	Geolocation for ads, analytics
Crash Data	Crash logs, stack traces, device state at time of crash	Bug fixing, app stability
Performance Data	App startup time, calculation duration, network request latency	Performance optimization
Advertising Data	Ad interactions, impressions, clicks, advertising identifiers	Personalized/non-personalized advertising

2.2 Information Stored Locally on Your Device

The App stores the following data locally on your device only. This data is never transmitted to our servers or any third party:

Calculation inputs and saved scenarios — stored in a local database (Room/SQLite) on your device
App preferences — theme mode, language, currency, and other settings stored in SharedPreferences
Biometric lock preference — a boolean flag indicating whether biometric authentication is enabled; no biometric data (fingerprints, face data) is ever collected, stored, or transmitted by the App. Biometric verification is handled entirely by the Android operating system.

2.3 Information We Do NOT Collect

Name, email address, or other direct contact information
Payment or financial information directly (all payment processing is handled by Google Play; see Section 5.7)
Precise GPS location
Photos, contacts, or other device content
Biometric data (fingerprints, face data) — biometric authentication is handled entirely by the Android OS
Health or medical information
Your actual financial calculations, balances, or investment data — all calculations are performed locally on your device

3. How We Use Your Information

We use the collected information for the following purposes:

App Functionality: To provide and maintain the App's features, including compound interest calculations, scenario management, and result exports
Analytics: To understand how users interact with the App and improve user experience
Advertising: To display advertisements, including personalized ads (with your consent where required)
Crash Reporting: To identify and fix bugs and improve app stability
Performance Monitoring: To optimize app performance across different devices, including tracking calculation speed and app responsiveness
Push Notifications: To deliver milestone notifications and relevant updates (only when you opt in)
Remote Configuration: To deliver feature updates and configuration changes without requiring an app update

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:

Processing Activity	Legal Basis
Personalized advertising	Consent (Article 6(1)(a) GDPR)
Non-personalized advertising	Consent (Article 6(1)(a) GDPR) for storage on device
Analytics (Firebase Analytics)	Consent (Article 6(1)(a) GDPR)
Crash reporting (Firebase Crashlytics)	Consent (Article 6(1)(a) GDPR)
Performance monitoring (Firebase Performance)	Consent (Article 6(1)(a) GDPR)
Push notifications (Firebase Cloud Messaging)	Consent (Article 6(1)(a) GDPR) — notifications are sent only when you opt in via system permission and App settings
In-app messaging (Firebase In-App Messaging)	Consent (Article 6(1)(a) GDPR)
App configuration (Firebase Remote Config)	Legitimate Interest (Article 6(1)(f) GDPR) — delivering feature flags and configuration for proper app operation
In-app purchases (Google Play Billing)	Contract Performance (Article 6(1)(b) GDPR) — necessary for fulfilling purchase transactions you initiate
Essential app functionality	Legitimate Interest (Article 6(1)(f) GDPR) — ensuring proper operation, security, and stability of the App

    Your Right to Withdraw Consent: You have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can manage your consent preferences through the App's settings menu ("Manage Consent" option).

5. Third-Party Services

The App uses the following third-party services that may collect and process your data:

5.1 Google AdMob

We use Google AdMob to display native and interstitial advertisements in the App.

Provider: Google LLC
Data collected: Advertising ID, device information, IP address, ad interaction data
Purpose: Serving personalized or non-personalized advertisements
Ad formats used: Native ads, interstitial ads
Note: Ads can be permanently removed by purchasing the "Remove Ads" in-app purchase
Privacy Policy: https://policies.google.com/privacy
How Google uses data: https://policies.google.com/technologies/partner-sites

5.2 Firebase Analytics (Google Analytics for Firebase)

We use Firebase Analytics to understand how users interact with the App.

Provider: Google LLC
Data collected: App Instance ID, device information, usage data, IP address (for geolocation), in-app events (calculations performed, mode switches, scenario saves/loads, theme and language changes)
Purpose: Analytics, understanding user behavior, improving the App
Default state: Disabled until consent is granted
Privacy Policy: https://firebase.google.com/support/privacy

5.3 Firebase Crashlytics

We use Firebase Crashlytics to collect crash reports and improve app stability.

Provider: Google LLC
Data collected: Crash logs, stack traces, device state, Crashlytics Installation ID
Purpose: Identifying and fixing bugs, improving app stability
Default state: Disabled until consent is granted (also disabled in debug builds)
Privacy Policy: https://firebase.google.com/support/privacy

5.4 Firebase Performance Monitoring

We use Firebase Performance Monitoring to measure app performance, including calculation speed and UI responsiveness.

Provider: Google LLC
Data collected: App startup time, custom performance traces (calculation duration), network request latency, device information
Purpose: Optimizing app performance across different devices
Default state: Disabled until consent is granted
Privacy Policy: https://firebase.google.com/support/privacy

5.5 Firebase Cloud Messaging

We use Firebase Cloud Messaging (FCM) to send push notifications such as milestone achievement alerts.

Provider: Google LLC
Data collected: FCM registration token, device type, app version
Purpose: Delivering push notifications you have opted in to receive
Default state: Auto-init disabled until consent is granted; notifications require explicit Android system permission (Android 13+)
Privacy Policy: https://firebase.google.com/support/privacy

5.6 Firebase Remote Config & In-App Messaging

We use Firebase Remote Config to dynamically configure app behavior and feature flags. Firebase In-App Messaging is used to deliver contextual messages within the App.

Provider: Google LLC
Data collected: App Instance ID, device platform, app version, country (derived from IP)
Purpose: Delivering configuration updates, feature flags, and in-app messages without requiring an app update
Default state: Remote Config activated after consent; In-App Messaging auto-collection disabled until consent is granted
Privacy Policy: https://firebase.google.com/support/privacy

5.7 Google Play Billing

We use Google Play Billing to process in-app purchases (specifically the "Remove Ads" purchase). We do not directly collect or store your payment details — all payment processing is handled by Google Play.

Provider: Google LLC
Data collected by us: Purchase tokens, product IDs, purchase state (used to verify and fulfill the ad-free entitlement)
Data collected by Google Play: Payment method details, billing address, transaction history (processed under Google's own privacy policy)
Purpose: Processing in-app purchases, verifying ad-free entitlement
Privacy Policy: https://policies.google.com/privacy

6. Advertising

6.1 Types of Advertisements

Depending on your consent preferences and location, you may see:

Personalized Ads: Tailored to your interests based on your activity across apps and websites (with consent in EEA/UK)
Non-Personalized Ads: Not based on your past behavior but may use contextual information
Limited Ads: Minimal data processing for advertising purposes

The App displays native ads (integrated within the app content) and interstitial ads (full-screen ads shown between screens). You can permanently remove all ads by purchasing the "Remove Ads" option in the App's settings.

6.2 Managing Ad Preferences

You can manage your advertising preferences through:

In-App Settings: Access "Manage Consent" in the App's settings menu (bottom sheet)
In-App Purchase: Purchase "Remove Ads" to permanently disable all advertisements
Device Settings:
- Android: Settings → Google → Ads → Reset advertising ID or Opt out of Ads Personalization
Google Ad Settings: https://adssettings.google.com

7. Cookies and Similar Technologies

The App and its third-party services use cookies, SDKs, and similar technologies to:

Store user preferences and consent choices
Enable advertising functionality
Collect analytics data
Prevent fraud

In the EEA/UK, we obtain your consent before using non-essential cookies and similar technologies, in compliance with the ePrivacy Directive. We use Google's User Messaging Platform (UMP SDK) implementing the IAB Transparency and Consent Framework (TCF v2.3) to manage consent.

We may share your information in the following circumstances:

8.1 Third-Party Service Providers

We share data with Google LLC (as described in Section 5) for advertising, analytics, crash reporting, performance monitoring, push notifications, app configuration, in-app messaging, and in-app purchase processing. Google acts as a data processor on our behalf and also as an independent controller for certain processing activities (including payment processing via Google Play).

8.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

8.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

8.4 What We Do NOT Do

We do not sell your personal information
We do not share your data for purposes unrelated to the App's functionality
We do not transmit your financial calculations, saved scenarios, or investment data to any server

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where Google's servers are located.

For EEA/UK Users

When we transfer your data outside the EEA/UK, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs): Google uses EU-approved Standard Contractual Clauses for data transfers
Adequacy Decisions: Transfers to countries with adequate data protection (as determined by the European Commission)
EU-US Data Privacy Framework: Google LLC is certified under the EU-US Data Privacy Framework

10. Data Retention

We retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Data Type	Retention Period
Analytics data	26 months (Google Analytics default)
Crash reports	90 days
Performance traces	90 days
Advertising data	Varies by Google's policies
Consent preferences	Until you withdraw consent or uninstall the App
Push notification tokens (FCM)	Until token is refreshed or you uninstall the App
Purchase data (entitlements)	Duration of account activity or as required by tax/legal obligations
Local data (scenarios, preferences)	Stored on your device until you clear app data or uninstall

You can request deletion of your data at any time by contacting us (see Section 15).

11. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

11.1 Rights for All Users

Access: Request information about what data we collect
Deletion: Request deletion of your personal data
Opt-Out of Personalized Ads: Disable personalized advertising

11.2 Additional Rights for EEA/UK Users (GDPR/UK GDPR)

Right of Access: Obtain confirmation and a copy of your personal data
Right to Rectification: Correct inaccurate personal data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
Right to Lodge a Complaint: File a complaint with your local data protection authority
Right Related to Automated Decision-Making: Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you (Article 22 GDPR). Personalized advertising delivered through Google AdMob involves profiling; you can opt out via the consent management options in the App's settings.

How to Exercise Your Rights (EEA/UK): Use the "Manage Consent" option in the App's settings to modify your consent preferences, or contact us at 0ndr4N@proton.me.

11.3 Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by CPRA):

Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing: We do not sell your personal information. Personalized advertising through Google AdMob may constitute "sharing" under CPRA; you can opt out of personalized ads at any time through the App's consent settings or device settings
Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by CPRA
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information Collected (CCPA):

Identifiers (device identifiers, IP address)
Internet or electronic network activity (usage data, ad interactions)
Geolocation data (approximate, derived from IP address)
Inferences (derived from the above to create a profile)

11.4 Rights for Brazilian Users (LGPD)

Under Brazil's Lei Geral de Proteção de Dados (LGPD), we process your data based on consent (Article 7, I, LGPD) for advertising and analytics, and legitimate interest (Article 7, IX, LGPD) for essential app functionality. You have the following rights:

Confirmation of processing and access to data
Correction of incomplete or inaccurate data
Anonymization, blocking, or deletion of unnecessary data
Data portability
Information about sharing with third parties
Withdrawal of consent
Filing a complaint with the ANPD (Autoridade Nacional de Proteção de Dados)

11.5 Rights for Indian Users (DPDPA)

Under India's Digital Personal Data Protection Act (DPDPA), you have rights including:

Right to access information about your personal data
Right to correction and erasure
Right to grievance redressal
Right to nominate another person to exercise rights on your behalf

11.6 How to Exercise Your Rights

To exercise any of your privacy rights, you can:

In-App: Navigate to Settings → Manage Consent (for consent-related preferences)
Email: Send a request to 0ndr4N@proton.me

We will respond to your request within the timeframe required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

12. Children's Privacy

The App is not directed to children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages.

COPPA Compliance (United States)

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 years of age. If you believe we have collected information from a child under 13, please contact us immediately at 0ndr4N@proton.me and we will promptly delete such information.

Children's Privacy in the EEA/UK (Article 8 GDPR)

In the EEA/UK, we do not knowingly process personal data of children under the age of digital consent as set by each member state (ranging from 13 to 16 years) without parental consent. The App is designed for users aged 13 and above.

13. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit (HTTPS/TLS)
Secure data storage by our third-party service providers
Local data storage on your device (financial calculations and scenarios never leave your device)
All Firebase services disabled by default in the Android manifest, enabled only after explicit user consent
Biometric authentication option using the Android system's secure biometric APIs (no biometric data is accessible to the App)

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

We will update the "Last Updated" date at the top of this policy
For material changes, we will notify you through the App or other means
Where processing is based on consent, we will seek your renewed consent for material changes before continuing such processing

We encourage you to review this Privacy Policy periodically for any changes.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: 0ndr4N@proton.me

Subject Line Suggestions:

For data access requests: "Data Access Request - CompoundCalc"
For data deletion requests: "Data Deletion Request - CompoundCalc"
For privacy concerns: "Privacy Inquiry - CompoundCalc"

We will respond to all legitimate requests within the timeframe required by applicable law.

16. Jurisdiction-Specific Provisions

16.1 European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland:

We process your data in accordance with GDPR and UK GDPR
You have the right to lodge a complaint with your local Data Protection Authority
We use Google's User Messaging Platform (UMP) implementing IAB TCF v2.3 to obtain and manage your consent
You can withdraw consent at any time through the App's settings ("Manage Consent")
All Firebase services (Analytics, Crashlytics, Performance, FCM, In-App Messaging) are disabled by default and only enabled after you provide consent

16.2 United States

If you are located in the United States:

California: CCPA/CPRA rights apply (see Section 11.3)
Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and other states: If you are a resident of these states, you may have rights including access, deletion, correction, and opt-out of targeted advertising under your respective state privacy law. To exercise these rights, contact us at 0ndr4N@proton.me
We do not sell your personal information
We do not share personal information for cross-context behavioral advertising without consent where required

16.3 Brazil

If you are located in Brazil, your data is processed in accordance with the Lei Geral de Proteção de Dados (LGPD). You may contact us or the ANPD (Autoridade Nacional de Proteção de Dados) with any concerns.

16.4 India

If you are located in India, your data is processed in accordance with applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA) as it comes into effect.

16.5 Canada

If you are located in Canada, your data is processed in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to access your personal information, request corrections, and withdraw consent. To file a complaint, you may contact the Office of the Privacy Commissioner of Canada.

16.6 Japan

If you are located in Japan, your data is processed in accordance with the Act on Protection of Personal Information (APPI). You have the right to request disclosure, correction, suspension of use, or deletion of your personal data. Cross-border transfers are conducted under appropriate safeguards as required by APPI.

16.7 South Korea

If you are located in South Korea, your data is processed in accordance with the Personal Information Protection Act (PIPA). You have the right to access, correct, delete, and suspend processing of your personal data. We ensure that cross-border data transfers comply with PIPA requirements.

16.8 Australia

If you are located in Australia, your data is processed in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs). You have the right to access and correct your personal information. To file a complaint, you may contact the Office of the Australian Information Commissioner (OAIC).

16.9 Other Jurisdictions

If you are located in a jurisdiction not specifically mentioned above, we will process your data in accordance with applicable local laws. If there is a conflict between this Privacy Policy and local law, the local law shall prevail.