1. Information We Collect

1.1 Information You Provide

Account Information

When you create an account, we collect:

• Email address
• Password (stored only as a secure hash, never in plain text)

Support Communications

If you contact us for support, we collect:

• Email correspondence
• Any information you choose to provide in your messages

1.2 Information Collected Automatically

Usage Data

When you use the Service, we may collect:

• Pages and features you access
• Actions you take (such as data exports)
• Time and date of your activities
• Session duration

Device and Technical Information

• Browser type and version
• Operating system
• IP address (used for security and general location, not precise tracking)
• Device identifiers

Cookies and Similar Technologies

We use cookies to:

• Maintain your login session
• Remember your preferences (such as table column visibility and page size)
• Ensure security of your account

We use essential cookies only. We do not use advertising or tracking cookies.

1.3 Analytics

We use PostHog for product analytics to understand how users interact with the Service. PostHog collects:

• Anonymized usage events (login, logout, exports)
• Session information
• Feature usage patterns

PostHog data is used solely for improving the Service and is not shared with third parties for advertising purposes.

2. How We Use Your Information

We use collected information to:

• Provide the Service: Create and manage your account, authenticate access, and deliver features
• Improve the Service: Analyze usage patterns, identify bugs, and develop new features
• Communicate with you: Respond to support requests, send service announcements, and notify you of important changes
• Ensure security: Detect fraud, prevent abuse, and protect user accounts
• Comply with legal obligations: Meet regulatory requirements and respond to legal requests

We do not sell your personal information. We do not use your information for advertising purposes.

3. How We Share Your Information

3.1 Service Providers

We share information with third-party service providers who help us operate the Service:

These providers are contractually required to protect your data and use it only for the services they provide to us.

3.2 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal process or government requests
• Enforce our Terms of Service
• Protect the rights, property, or safety of our users or the public
• Detect and prevent fraud or security issues

3.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

3.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

4. Data Security

We implement appropriate security measures to protect your information:

• Password security: Passwords are hashed using Argon2, an industry-standard algorithm
• Session security: Session tokens use cryptographically secure random generation
• Transport security: All data is transmitted over HTTPS/TLS encryption
• Cookie security: Session cookies are HTTPOnly, Secure, and SameSite-protected
• Access controls: Database access is restricted to authorized systems only
• Regular backups: Account data has point-in-time recovery capability

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your information as follows:

You may request deletion of your account and personal data at any time (see Section 7).

6. Cookies

6.1 Cookies We Use

6.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies will prevent you from logging into the Service.

We do not use:

• Advertising cookies
• Third-party tracking cookies
• Cross-site tracking

7. Your Rights and Choices

7.1 Access and Portability

You can access your account information through your account settings. You may request a copy of your personal data by contacting us.

7.2 Correction

You can update your email address and password through your account settings.

7.3 Deletion

You can request deletion of your account and personal data by contacting us at privacy@walletsout.com. We will process deletion requests within 30 days, except where we are required to retain data for legal purposes.

7.4 Marketing Communications

We may occasionally send marketing communications about product updates or offers. You can opt out at any time by contacting us at privacy@walletsout.com or using the unsubscribe link in any marketing email. Transactional communications (account-related, security notices, service updates) are not affected by marketing preferences.

8. Regional Privacy Rights

8.1 European Union (GDPR)

If you are in the EU/EEA, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data ("right to be forgotten")
• Restrict or object to processing
• Data portability
• Lodge a complaint with your local data protection authority

Legal Basis for Processing: We process your data based on:

• Contract performance (providing the Service)
• Legitimate interests (security, service improvement)
• Consent (where specifically obtained)

Data Controller: Wallets Out is the data controller for your personal information.

8.2 California (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising your rights

Categories of Information Collected: Identifiers (email), internet activity (usage data), inferences (preferences).

We do not sell or share personal information for cross-context behavioral advertising as defined by California law.

8.3 Other Jurisdictions

We comply with applicable data protection laws in all jurisdictions where we operate. Contact us for information about your specific rights.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately and we will delete such information.

10. International Data Transfers

Your information may be processed in the United States or other countries where our service providers operate. When we transfer data internationally, we use appropriate safeguards such as standard contractual clauses.

11. Third-Party Links

The Service may contain links to third-party websites. This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Updating the "Last updated" date at the top of this policy
• Sending an email notification for significant changes
• Displaying a notice within the Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: privacy@walletsout.com

Support: support@walletsout.com

Website: https://walletsout.com

We will respond to your inquiry within 30 days.