Legal

Privacy Policy

Last updated: 8 July 2026 · Effective: 8 July 2026

Version 1.0 · Written in English. If we publish a translation and it conflicts with this English version, the English version governs.

This Privacy Policy explains what personal data KoiFi collects, why we collect it, how we use and protect it, who we share it with, and the rights you have. We built KoiFi to keep your financial life on your device first — privacy is a design principle, not an afterthought.

The short version. Your financial data lives on your device first and syncs encrypted. Every bank and wallet connection is read-only — we can never move your money. We do not sell your personal data. We use a small set of trusted providers to run the app (hosting, AI, payments, crash reporting), listed in Section 6.

Contents

  1. 1. Who we are
  2. 2. Scope
  3. 3. Information we collect
  4. 4. How & why we use it
  5. 5. AI features
  6. 6. Sharing & providers
  7. 7. International transfers
  8. 8. Data retention
  9. 9. Security
  10. 10. Your rights
  11. 11. Children
  12. 12. Cookies & local storage
  13. 13. Third-party links
  14. 14. Changes
  15. 15. Contact

1Who we are

KoiFi (“KoiFi”, “we”, “us”, “our”) is a personal-finance application built in Ukraine. The data controller responsible for your personal data is Private Entrepreneur Liudmyla Oganova, 44-50 Oresta Vaskyla St., Apt. 40, Kyiv 03179, Ukraine.

For any privacy question or to exercise your rights, contact us at hello@koifi.app (privacy requests: privacy@koifi.app). Data-protection matters are handled by our privacy team at that address.

2Scope

This Policy applies to the KoiFi mobile apps (iOS and Android), the koifi.app website and waitlist, and related services (together, the “Service”). It does not apply to third-party services you connect to KoiFi (such as your bank or a blockchain), which are governed by their own privacy policies.

3Information we collect

a. Information you give us

b. Information from your connected accounts

c. Information collected automatically

d. Billing information

Subscriptions are purchased and processed by Apple and Google through their in-app purchase systems (managed for us via our subscription provider). We receive your subscription status (tier, renewal, entitlement) but not your full card number or payment credentials — those are handled by the app stores.

Sensitive data. Financial information is sensitive. We ask you not to enter special-category data (such as health, political, or religious information) into free-text fields. If you choose to, you consent to our processing it to provide the Service.

4How & why we use your information — and our legal bases

Where the GDPR (and Ukraine's Law “On Personal Data Protection”) applies, we rely on the legal bases below.

We use data to…Legal basis
Create your account and provide the core app (tracking, budgets, portfolios, goals, sync)Performance of a contract
Import data from bank/wallet connections you set upContract / your consent
Run AI features you invokeConsent / contract
Process subscriptions and prevent payment fraudContract / legitimate interests
Keep the Service secure, stable and free of abuse; debug crashesLegitimate interests
Send service and security notices; respond to supportContract / legitimate interests
Send optional product news or push notificationsConsent (withdrawable anytime)
Comply with legal, tax and accounting obligationsLegal obligation
Waitlist sign-up and launch updatesConsent

We only use your information for the purposes described here or purposes compatible with them, and we practice data minimization.

5AI features

KoiFi includes an AI companion and AI-assisted features (for example, categorizing transactions, reading receipts, and answering questions). When you use these features, the relevant content — such as your message or a snapshot of the data needed to answer — is sent through our secure server to our AI provider (Anthropic) to generate a response.

6How we share information — and our providers

We do not sell your personal data and we do not share it for cross-context behavioral advertising. We share information only with the service providers (processors) that help us run KoiFi, and only as needed. Each is bound by a data-processing agreement.

ProviderPurpose
SupabaseCloud hosting, database, authentication, encrypted sync
AnthropicAI companion and AI-assisted features
RevenueCat + Apple / GoogleSubscription management, in-app purchases, app delivery
Apple (APNs) / Google (FCM)Push notifications
SentryCrash and error monitoring (financial values scrubbed)
ResendTransactional and waitlist emails
CoinGecko, Alpha Vantage, Fixer.ioMarket prices, FX rates, news (reference data)
Google (Google Analytics)Aggregate usage analytics (cookie-based, consent-gated)
Your bank / aggregatorRead-only import of accounts and transactions you connect

We may also disclose information (a) to comply with law, legal process or a lawful government request; (b) to enforce our terms or protect the rights, safety and property of KoiFi, our users or others; and (c) in connection with a merger, acquisition or asset sale, in which case we will notify you and this Policy will continue to protect your data.

7International data transfers

KoiFi is built in Ukraine and some of our providers operate outside your country, including in the EU/EEA, the United Kingdom and the United States. Where we transfer personal data across borders, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, UK IDTA/addendum, or an adequacy decision, as applicable. You may request a copy of the relevant safeguards using the contact details below.

8Data retention

We keep personal data only as long as needed for the purposes above:

9Security

We use technical and organizational measures appropriate to the sensitivity of financial data, including:

No method of transmission or storage is 100% secure. You are responsible for keeping your device and credentials safe; please use a strong password and enable device security. If a breach affects your rights, we will notify you and the relevant authority as required by law.

10Your rights

Subject to applicable law, you have the right to:

To exercise any right, email hello@koifi.app (or privacy@koifi.app). We respond within the timeframe required by law (generally one month under the GDPR). You may also lodge a complaint with your local data protection authority — in Ukraine, the Ukrainian Parliament Commissioner for Human Rights (Ombudsman); in the EU, your national supervisory authority.

US residents: where the CCPA/CPRA or similar state laws apply, you have rights to know, delete, correct and opt out of “sale”/“sharing” (we do not sell or share your data as those terms are defined), and not to be discriminated against for exercising them.

11Children

KoiFi is intended for adults and is not directed to children under 18 (and in any case not to children under the age of digital consent in your country). We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

12Cookies & local storage

The koifi.app website uses your browser's local storage to remember your language choice and waitlist status (essential; not cookies). We also use Google Analytics, which sets cookies to measure aggregate usage. Where consent is required (for example in the EU/EEA, the UK and Ukraine), we ask for it before setting non-essential analytics cookies, and you may decline or withdraw consent at any time without affecting essential functionality. We do not use advertising or cross-site tracking cookies. The mobile app stores data locally on your device to work offline.

The Service may link to or integrate with third-party sites and services (your bank, blockchains, app stores, news sources). We are not responsible for their content or privacy practices; review their policies before using them.

14Changes to this Policy

We may update this Policy as the Service evolves or the law changes. We will post the new version here with an updated “Last updated” date and, for material changes, provide additional notice (in-app or by email). Your continued use after changes take effect means you accept the updated Policy.

15Contact us

Questions, requests, or complaints about privacy:

KoiFi — Private Entrepreneur Liudmyla Oganova
44-50 Oresta Vaskyla St., Apt. 40, Kyiv 03179, Ukraine
Email: hello@koifi.app · Privacy: privacy@koifi.app


See also our Terms & Conditions. This document is provided for transparency and does not itself constitute legal advice.