Privacy Policy for Allospend

Last Updated: January 14, 2026

Overview

Allospend ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our NFC payment and group relationship management app.

Information We Collect

Personal Information

• Account Information: Name, email address, phone number, date of birth
• Profile Data: Username, profile preferences, group memberships
• Payment Information: Payment provider handles (Cash App, Venmo, PayPal usernames)
• Device Information: Device tokens for notifications, app version, platform

NFC Data

• Dummii Sticker Identifiers: Unique identifiers for your NFC stickers
• Payment Links: Temporary payment URLs created through NFC
• Tag Activation Data: Information about Dummii Sticker activation and usage

Group and Financial Data

• Group Information: Group names, member lists, group settings
• Expense Data: Expense amounts, descriptions, categories, payment status
• Communication: Group messages, reminders, notifications
• Relationship Analytics: Group health metrics and insights

Technical Data

• Usage Analytics: App usage patterns, feature interactions
• Error Logs: Technical errors and performance data
• Network Information: API requests and server communication

How We Use Your Information

Core App Functionality

• Account Management: Create and manage your user account
• Group Management: Create, join, and manage payment groups
• Payment Processing: Facilitate payments through third-party providers
• NFC Operations: Activate and manage NFC payment stickers
• Communication: Send notifications and group messages

Service Improvement

• Analytics: Improve app performance and user experience
• Feature Development: Develop new features based on usage patterns
• Bug Fixes: Identify and resolve technical issues

Legal Compliance

• Age Verification: Ensure users are 18 years or older
• Fraud Prevention: Detect and prevent fraudulent activity
• Legal Requirements: Comply with applicable laws and regulations

Data Sharing and Third Parties

Payment Providers

We integrate with third-party payment services:

• Cash App: For Cash App payments
• Venmo: For Venmo payments
• PayPal: For PayPal payments

These services have their own privacy policies and terms of service.

Service Providers

We use trusted service providers for:

• Hosting: Vercel (app hosting and API)
• Database: MongoDB Atlas (data storage)
• Notifications: Apple Push Notification Service
• Email: SendGrid (email delivery)

Legal Requirements

We may share your information when required by law, to protect our rights, or to prevent fraud.

Data Security

Protection Measures

• Encryption: All data is encrypted in transit and at rest
• Authentication: Secure login with biometric authentication
• Access Controls: Limited access to personal information
• Regular Audits: Security assessments and updates

NFC Security

• Tag Encryption: NFC data is encrypted and secure
• Temporary Links: Payment links expire automatically
• User Control: You control which Dummii Stickers are activated

Data Retention

Account Data

• Active Accounts: Retained while your account is active
• Inactive Accounts: Deleted after 12 months of inactivity
• Deletion Requests: Processed within 30 days

NFC Data

• Tag Information: Retained while stickers are active
• Payment Links: Automatically deleted after use or expiration
• Deactivation: NFC data deleted when stickers are deactivated

Analytics Data

• Usage Analytics: Retained for 2 years
• Error Logs: Retained for 90 days
• Aggregated Data: May be retained indefinitely in anonymized form

Your Rights

Access and Control

• View Data: Request a copy of your personal information
• Update Information: Modify your account information
• Delete Account: Request complete account deletion
• Data Portability: Export your data in a standard format

Communication Preferences

• Notifications: Control push notification settings
• Email Preferences: Manage email communication
• Group Messages: Control group messaging settings

Age Requirements

Minimum Age

Minimum Age

• 18+ Requirement: You must be at least 18 years old to use Allospend.
• No Minors: We do not knowingly collect information from children under 18.
• Age Verification: We may verify your age through various methods.

Changes to This Policy

Updates

• Notification: We will notify you of significant changes
• Review: Please review this policy periodically
• Acceptance: Continued use constitutes acceptance of changes

Contact Information

Questions and Concerns

• Email: privacy@allospend.app
• Support: support@allospend.app

Data Protection Officer

For GDPR-related inquiries, contact our Data Protection Officer at privacy@allospend.app

---

Effective Date: January 14, 2026