smoosh-legal

Privacy Policy Last updated: 2026-01-10

Smoosh (“we”, “us”, “our”) respects your privacy. This Privacy Policy explains what data we collect, how we use it, and your choices.

Controller Smoosh is operated by Spandan Mohanty, Aachen, Germany. Contact: smoosh.corp@gmail.com

1) Information we collect

• Subscription data you add: service name/provider, price, billing period, next billing date, category, notes, payment method, reminders, and custom branding (if provided).
• Account identifiers: a pseudonymous identifier generated by the app.
• Usage data: basic analytics events (e.g., onboarding completed, subscription created), if analytics are enabled.
• Diagnostics: crash reports and performance data (if enabled). Crash reports may include device model, OS version, app version, and error logs.

We do not collect your bank or payment card details. Purchases are handled by Apple/Google in-app purchases.

2) How we use data

• Provide app features (tracking subscriptions, reminders, reports).
• Sync data across sessions.
• Improve app reliability and performance.
• Optional analytics to understand product usage.

3) Legal basis (GDPR/UK GDPR) We process data on these bases:

• Contract: to provide the app features you request.
• Legitimate interests: to improve reliability and prevent abuse.
• Consent: for analytics and optional diagnostics where you can opt in/out.

4) Your rights Depending on your location, you may have rights to:

• Access, correct, or delete your data.
• Object to processing or restrict processing.
• Receive a copy of your data (portability).
• Withdraw consent at any time (where we rely on consent).
• Lodge a complaint with a supervisory authority. To exercise rights, contact smoosh.corp@gmail.com. We respond within 30 days and may need to verify your identity.

5) Sharing and third parties We use trusted service providers to operate the app:

• Supabase (database and authentication)
• Sentry (crash reporting)
• PostHog (analytics, optional)
• Apple/Google (in-app purchases)

We do not sell your personal information.

6) Data retention We retain data as long as needed to provide the service. If you delete the app without deleting your account, your data may remain until you request deletion. You can delete your account and associated data from within the app (or by contacting us).

7) Your choices

• You can edit or delete subscriptions at any time.
• Analytics is off by default and can be changed in Settings (if available).
• You can request account deletion.

8) International transfers Our providers may process data outside your country. Where required, we rely on safeguards such as standard contractual clauses. We aim to host data in the EU where available.

9) Security We use reasonable technical and organizational measures to protect data, including encryption in transit, access controls, and least-privilege access.

10) Children Smoosh is not intended for children under the minimum age in your country (typically 13 or 16 in the EEA). We do not knowingly collect data from children.

11) Contact For questions or requests, contact: smoosh.corp@gmail.com