Privacy Policy

Last updated: April 28, 2026

This policy explains how FloosYo, a product of AttenYo LLC, handles your information when you use our mobile app and related services.

Who We Are

FloosYo ("FloosYo", "we", "us", "our") is a personal-finance mobile app operated by AttenYo LLC, a limited liability company organized in the United States. References to "the Service" mean the FloosYo iOS app, our website, and any related features we offer.

This Privacy Policy applies to information we collect through the Service. By using FloosYo, you confirm that you have read this policy and understand how we handle your information.

Information We Collect

We collect only what we need to operate the Service. Specifically:

  • Account information. Your name, email address, hashed password, locale, timezone, and theme preference.
  • Financial entries you create. Budgets, categories, expenses, amounts, currencies, dates, notes, and any text or voice transcripts you save. FloosYo does not connect to your bank. All financial data in FloosYo is what you enter manually or via the voice feature.
  • Voice and AI input. When you use voice entry, the audio you record is sent to our AI provider for real-time transcription and parsing. See "Voice and AI Processing" below.
  • Device and technical information. Device model, operating system version, app version, language, IP address, crash diagnostics, and basic usage events. We use these to keep the Service running and to fix bugs.
  • Push notification tokens. If you enable push notifications, Apple issues a token that we store and use solely to send you notifications you have asked for.
  • Subscription and billing information. Handled by our payment provider, Polar (Polar Software Inc.). FloosYo receives subscription status, plan, and renewal dates. We do not see or store your full card number.
  • Support communications. If you contact us, we keep your messages so we can respond and improve the Service.

We do not collect biometric identifiers, contact lists, photos outside what you explicitly attach, or precise GPS location.

Voice and AI Processing

FloosYo's voice feature uses an artificial-intelligence service (currently OpenAI, model in the GPT family) to turn your spoken expense into structured data such as amount, category, and currency.

  • Audio captured by the voice feature is transmitted over an encrypted connection to OpenAI for processing.
  • Per our agreement with OpenAI, your voice and content are not used to train their models.
  • We do not store the raw audio on our servers. We retain only the parsed result (for example, the text and the expense fields you confirmed).
  • AI output is offered to assist you with categorization and parsing. It is not financial advice and we do not make automated decisions that produce legal or similarly significant effects on you. You always review and confirm what gets saved.

If you do not want to use voice or AI features, simply do not use the voice button. All other parts of FloosYo work without it.

How We Use Your Information

We use the information we collect to:

  • Operate, maintain, and improve the FloosYo app and its features.
  • Authenticate you, secure your account, and prevent fraud or abuse.
  • Process your subscription, including free trials, renewals, and refunds.
  • Send you transactional messages (for example, password resets, billing receipts, and notifications you opted into).
  • Diagnose crashes, measure aggregate usage, and decide what to build next.
  • Comply with our legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not rent or share your financial data with advertisers, data brokers, or marketing networks.

Legal Bases for Processing (EEA, UK, and Similar Jurisdictions)

If you are in the European Economic Area, the United Kingdom, or another region that requires a stated legal basis, we rely on the following bases under the GDPR and equivalent laws:

  • Performance of a contract with you, to deliver the Service you signed up for.
  • Legitimate interests, such as keeping FloosYo secure, improving features, and preventing abuse, balanced against your rights.
  • Consent, where required (for example, for optional push notifications). You may withdraw consent at any time.
  • Legal obligations, where we must process information to comply with applicable law.

Service Providers and Subprocessors

We use a small set of trusted vendors to run the Service. They process your information only on our instructions and only for the purposes listed below.

  • Cloud hosting and database. Hosts our application and database in secure data centers.
  • OpenAI. Voice transcription and AI-assisted parsing of your spoken or typed expense input.
  • Polar (Polar Software Inc.). Subscription billing, payment processing, and tax handling.
  • PostHog (EU region). Privacy-focused product analytics for crash and usage events. Hosted in the European Union.
  • Apple Push Notification service. Delivery of push notifications you opted into.
  • Email provider. Sending transactional email such as receipts and password resets.

We do not allow these vendors to use your information for their own marketing or to train AI models on your content.

Data Retention

We keep your information only for as long as we need it:

  • Account and financial data: for as long as your account is active.
  • After you delete your account: we permanently delete your personal and financial data within 30 days, except where we must keep limited records to satisfy legal, tax, accounting, or fraud-prevention obligations.
  • Backups: may persist for a short additional period (typically up to 30 days) before being overwritten.
  • Support messages: retained for up to 24 months so we can serve you if you come back.
  • Aggregated and anonymized data: may be retained indefinitely. It cannot be used to identify you.

Data Security

We take security seriously and apply controls that match the sensitivity of your data:

  • Encryption in transit: all traffic between the app and our servers uses TLS 1.2 or higher.
  • Encryption at rest: our databases and backups are encrypted using industry-standard algorithms.
  • Application-level encryption for sensitive financial fields: your budgets, expenses, and reports are encrypted at the application layer so that even an attacker with database access cannot read your numbers in plain text.
  • Access control: only a limited number of authorized engineers can access production systems, and access is logged.
  • Authentication: passwords are stored as salted hashes; we never store them in plain text.

No system is perfectly secure. If we ever become aware of a breach affecting your data, we will notify you and the appropriate authorities as required by law.

Your Rights and Choices

Depending on where you live, you may have the following rights over your personal information:

  • Access a copy of the data we hold about you.
  • Correct data that is inaccurate or incomplete (you can edit most of it directly in the app).
  • Delete your account and the personal data associated with it.
  • Export your data in a portable, machine-readable format.
  • Object to or restrict certain processing.
  • Withdraw consent where we rely on it.
  • Lodge a complaint with your local data protection authority.

California residents: the California Consumer Privacy Act (CCPA/CPRA) gives you the rights above plus the right to know what categories of personal information we collect and the right to non-discrimination for exercising your rights. We do not sell or share your personal information for cross-context behavioral advertising.

Most rights can be exercised directly in the app. For anything else, email us at [email protected] from the address on your account and we will respond within 30 days.

Children's Privacy

FloosYo is not directed at children. We do not knowingly collect personal information from anyone under 13 in the United States or under 16 in the EEA and UK. If you believe a child has created an account, please contact us and we will delete the account and associated data.

International Data Transfers

FloosYo is operated from the United States, and our hosting and most service providers are located in the United States or the European Union. If you use the Service from another country, your information will be transferred to and processed in those locations.

Where required by law, we rely on appropriate transfer mechanisms (such as the European Commission's Standard Contractual Clauses) to protect your information when it leaves your region.

Changes to This Policy

We may update this Privacy Policy as the Service evolves or as the law changes. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app or by email. Your continued use of FloosYo after the changes take effect means you accept the updated policy.

Contact Us

If you have questions about this policy or how we handle your information, contact us at:

AttenYo LLC
Email: [email protected]