FloosYo FloosYo

Privacy Policy

Last updated: May 7, 2026

This policy explains how FloosYo, a product of AttenYo LLC, handles your information when you use our mobile app and related services.

Who We Are

FloosYo ("FloosYo", "we", "us", "our") is a personal-finance mobile app operated by AttenYo LLC, a limited liability company organized in the United States. References to "the Service" mean the FloosYo iOS app, our website, and any related features we offer.

This Privacy Policy applies to information we collect through the Service. By using FloosYo, you confirm that you have read this policy and understand how we handle your information.

Information We Collect

We collect only what we need to operate the Service. Specifically:

  • Account information. Your name, email address, and hashed password.
  • App preferences. Locale, timezone, theme, country, default currency, financial goals, commitment level, reminder cadence, and similar in-app settings you choose.
  • Financial entries you create. Budgets, categories, expenses, amounts, currencies, dates, notes, and any text or voice transcripts you save. FloosYo does not connect to your bank. All financial data in FloosYo is what you enter manually or via the voice feature.
  • Voice and AI input. When you use voice entry, your spoken input is transcribed and the resulting text is sent to our AI provider for parsing. See "Voice and AI Processing" below.
  • Device and technical information. Device model, operating system version, app version, language, IP address, basic usage events, and server-side diagnostic logs. We use these to keep the Service running and to fix bugs.
  • Push notification tokens. If you enable push notifications, Apple issues a token that we store and use solely to send you notifications you have asked for.
  • Subscription and billing information. Handled by Apple through the iOS App Store. FloosYo receives subscription status, plan, transaction identifiers, and renewal dates from Apple. We do not see or store your card number.
  • Waitlist signups. If you join our waitlist before creating an account, we store the email address, country, and language you submit so we can notify you when access opens.
  • Support communications. If you contact us, we keep your messages so we can respond and improve the Service.

We do not collect biometric identifiers, contact lists, photos outside what you explicitly attach, or precise GPS location.

Voice and AI Processing

FloosYo's voice feature turns your spoken expense into structured data such as amount, category, and currency. The flow has two stages:

  • Speech-to-text on your device. Audio captured by the microphone is transcribed using Apple's built-in speech recognition (SFSpeechRecognizer). Depending on your device and language, Apple may process some audio on its own servers under Apple's privacy policy. FloosYo never stores your raw audio and never sends it to our own servers.
  • Text parsing by our AI provider. The resulting text transcript is sent over an encrypted connection to OpenAI (model in the GPT family) so it can be parsed into structured fields. Per our agreement with OpenAI, your content is not used to train their models. We retain only the parsed result and the fields you confirm.
  • AI output is offered to assist you with categorization and parsing. It is not financial advice and we do not make automated decisions that produce legal or similarly significant effects on you. You always review and confirm what gets saved.

If you do not want to use voice or AI features, simply do not use the voice button. All other parts of FloosYo work without it.

How We Use Your Information

We use the information we collect to:

  • Operate, maintain, and improve the FloosYo app and its features.
  • Authenticate you, secure your account, and prevent fraud or abuse.
  • Process your subscription, including free trials, renewals, and refunds.
  • Send you transactional messages (for example, password resets, billing receipts, and notifications you opted into).
  • Diagnose crashes, measure aggregate usage, and decide what to build next.
  • Comply with our legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not rent or share your financial data with advertisers, data brokers, or marketing networks.

Legal Bases for Processing (EEA, UK, and Similar Jurisdictions)

If you are in the European Economic Area, the United Kingdom, or another region that requires a stated legal basis, we rely on the following bases under the GDPR and equivalent laws:

  • Performance of a contract with you, to deliver the Service you signed up for.
  • Legitimate interests, such as keeping FloosYo secure, improving features, and preventing abuse, balanced against your rights.
  • Consent, where required (for example, for optional push notifications). You may withdraw consent at any time.
  • Legal obligations, where we must process information to comply with applicable law.

Service Providers and Subprocessors

We use a small set of trusted vendors to run the Service. They process your information only on our instructions and only for the purposes listed below.

  • Cloud hosting and database. Hosts our application and database in secure data centers with encryption at rest.
  • OpenAI. AI-assisted parsing of the text transcript produced by your spoken or typed expense input.
  • Apple. On-device and (depending on your device and language) server-side speech recognition for the voice feature, App Store in-app subscription billing, and delivery of push notifications you opted into.
  • PostHog (EU region). Privacy-focused product analytics for usage events. Hosted in the European Union.
  • Email provider. Sending transactional email such as receipts and password resets.

We do not allow these vendors to use your information for their own marketing or to train AI models on your content.

Data Retention

We keep your information only for as long as we need it:

  • Account and financial data: for as long as your account is active.
  • After you delete your account: we permanently delete your personal and financial data within 30 days, except where we must keep limited records to satisfy legal, tax, accounting, or fraud-prevention obligations.
  • Backups: may persist for a short additional period (typically up to 30 days) before being overwritten.
  • Support messages: retained for up to 24 months so we can serve you if you come back.
  • Aggregated and anonymized data: may be retained indefinitely. It cannot be used to identify you.

Data Security

We take security seriously and apply controls that match the sensitivity of your data:

  • Encryption in transit: all traffic between the app and our servers uses TLS 1.2 or higher.
  • Encryption at rest: our databases and backups are stored with encryption at rest using industry-standard algorithms provided by our cloud infrastructure, so the underlying disks and backup files cannot be read if the storage media are accessed directly.
  • Access control: only a limited number of authorized engineers can access production systems, and access is logged.
  • Authentication: passwords are stored as salted hashes; we never store them in plain text.

No system is perfectly secure. If we ever become aware of a breach affecting your data, we will notify you and the appropriate authorities as required by law.

Your Rights and Choices

Depending on where you live, you may have the following rights over your personal information:

  • Access a copy of the data we hold about you.
  • Correct data that is inaccurate or incomplete (you can edit most of it directly in the app).
  • Delete your account and the personal data associated with it.
  • Export your data in a portable, machine-readable format.
  • Object to or restrict certain processing.
  • Withdraw consent where we rely on it.
  • Lodge a complaint with your local data protection authority.

California residents: the California Consumer Privacy Act (CCPA/CPRA) gives you the rights above plus the right to know what categories of personal information we collect and the right to non-discrimination for exercising your rights. We do not sell or share your personal information for cross-context behavioral advertising.

Most rights can be exercised directly in the app. For anything else, email us at [email protected] from the address on your account and we will respond within 30 days.

Children's Privacy

FloosYo is not directed at children. We do not knowingly collect personal information from anyone under 13 in the United States or under 16 in the EEA and UK. If you believe a child has created an account, please contact us and we will delete the account and associated data.

International Data Transfers

FloosYo is operated from the United States, and our hosting and most service providers are located in the United States or the European Union. If you use the Service from another country, your information will be transferred to and processed in those locations.

Where required by law, we rely on appropriate transfer mechanisms (such as the European Commission's Standard Contractual Clauses) to protect your information when it leaves your region.

Changes to This Policy

We may update this Privacy Policy as the Service evolves or as the law changes. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app or by email. Your continued use of FloosYo after the changes take effect means you accept the updated policy.

Contact Us

If you have questions about this policy or how we handle your information, contact us at:

AttenYo LLC
Email: [email protected]