Privacy Policy

This privacy policy applies to the Prosper application (hereby referred to as "Application"), including the mobile apps and web app, created by Agidus Interactive (hereby referred to as "Service Provider") as a Freemium service. This service is intended for use "AS IS".

Information Collection and Use

The Application collects information when you download and use it. This information may include information such as

• Account Data: Email address, Firebase UID, and authentication provider IDs used for account creation, sign-in, account management, and purchase recovery. Supported sign-in methods include email and password, Sign in with Google, and Sign in with Apple.
• User-Provided Planning Data: Financial planning inputs you enter into the Application (such as profiles, scenarios, assets, liabilities, incomes, expenses, and snapshots). This data stays on your device unless you sign in, in which case it is mirrored to your private cloud storage so you can recover it on another device (see "Cloud Data Sync" below).
• Device & Usage Data: Your device's Internet Protocol (IP) address, operating system, time and date of visits, and time spent in the Application.
• Advertising & Tracking IDs: Where permitted by your consent, advertising or similar device identifiers (for example, Google Advertising ID).
• Purchase & Subscription Data: RevenueCat app user identifiers, entitlement status, purchase origin, and limited transaction metadata used to unlock premium subscriptions, recover purchases after sign-in, and manage billing-linked features. We do not process or store sensitive payment or credit card details directly on our servers.

The Application does not gather precise information about the location of your mobile device.

The Service Provider uses third-party services that may receive data in connection with the operation and improvement of the Application. Analytics and usage data is only transmitted to third parties where you have given consent. The Service Provider may share your information with third parties in the ways described in this privacy statement.

The Service Provider may disclose User Provided and Automatically Collected Information:

• as required by law, such as to comply with a subpoena, or similar legal process;
• when they believe in good faith that disclosure is necessary to protect their rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
• with their trusted services providers who work on their behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.

Cloud Data Sync

The Application is local-first. By default, your planning data is stored only on the device where you enter it. If you choose to sign in, the Application mirrors your planning data to a private area of Cloud Firestore, keyed to your Firebase Auth user ID, so that you can recover it when signing in on another device.

Cloud-synced data may include:

• app-level general settings
• per-profile user settings and plan inputs
• snapshots you save within the Application

Cloud sync is optional and only occurs while you are signed in. Signing out stops cloud sync; local data on the device remains available unless you explicitly clear it. Security rules restrict access to each user's own records. Sensitive local secrets (such as PIN or biometric unlock state) are never synced.

Browser Storage and Similar Technologies

When you use the Application on the web, it stores data in your browser using local storage. No tracking cookies are used. The following categories of browser-side storage apply:

• Essential storage: The Application stores your financial planning data, app settings, and UI preferences locally in your browser by default. This is necessary for the Application to function. It also stores small preference flags to remember UI state across sessions (for example, whether you have dismissed notices or completed onboarding steps).
• Authentication and session storage: If you sign in, Firebase Authentication persists your session in the browser so you remain signed in across page reloads. This storage is only active when you choose to sign in.
• Analytics and measurement: If you consent to analytics, Google Analytics for Firebase may store identifiers in the browser to measure usage and app behaviour. This storage is only enabled after you explicitly accept analytics in the consent banner. You can withdraw consent at any time in Preferences.
• Billing and subscription identifiers: On web, RevenueCat may store an identifier in your browser to manage subscription state and entitlement recovery. This may happen if you open premium or pricing features, or when you sign in so the Application can check whether your account already has premium access and restore it across sessions or devices. This storage is not created for anonymous visitors on first load.

You can clear browser storage at any time using your browser's built-in tools (Settings → Privacy → Clear browsing data, or equivalent). Clearing storage will remove locally stored planning data unless it has been synced to the cloud.

Lawful Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the UK, our legal basis for collecting and using the personal data described above depends on the context:

• Contract: We process authentication and account-linked data to provide account services, premium purchase recovery, and related functionality that you request.
• Legal Obligation: We or our payment processors retain transaction and billing records where required for tax, accounting, fraud-prevention, or similar legal compliance purposes.
• Consent: We request your consent before processing non-essential analytics, diagnostics, or similar tracking data where consent is required.

International Data Transfers

Information collected may be transferred to, and processed in, the United States or other countries where our third-party service providers, such as Google, RevenueCat, and Paddle, operate. Where applicable, we rely on Data Processing Agreements (DPAs), Standard Contractual Clauses (SCCs), or other legally recognized safeguards used by those providers.

You can stop all collection of information by the Application easily by uninstalling it. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

Data Retention & User Rights

The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter to comply with legal obligations, enforce agreements, or resolve disputes.

If you reside in certain territories, including the EEA, you may have the following rights regarding your personal data:

• Right of Access & Portability: You can request a copy of your personal data.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure: You can request deletion of your account and related personal data, subject to any data we must retain for legal or billing reasons.
• Right to Object or Restrict: You may object to or request restriction of certain processing where applicable.

To exercise any of these rights, please contact us at agidusinteractive@gmail.com and we will respond in a reasonable time.

Signed-in users can also request account deletion directly from inside the Application's Preferences screen. Account deletion removes your authentication account and cloud-synced planning data. Billing, invoice, and tax records processed by Paddle or the app stores may be retained where required to comply with legal obligations. Cancelling an active subscription is handled through the store or billing provider where the purchase was made and is not automatic on account deletion.

The Service Provider does not use the Application to knowingly solicit data from or market to children under the age of 13.

The Service Provider is concerned about safeguarding the confidentiality of your information. The Service Provider provides physical, electronic, and procedural safeguards to protect information the Service Provider processes and maintains.

This Privacy Policy may be updated from time to time for any reason. The Service Provider will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.

This privacy policy is effective as of 2026-04-25

Where we rely on consent to process your data (such as for analytics), you will be asked to provide that consent explicitly before any such processing takes place. For processing that is necessary to deliver the service you requested — such as account creation or cloud sync — we rely on contract or legitimate interest as the legal basis, not on blanket consent. You may withdraw consent for analytics at any time from the Application's Preferences.

If you have any questions regarding privacy while using the Application, or have questions about the practices, please contact the Service Provider via email at agidusinteractive@gmail.com.

This privacy policy page was generated by App Privacy Policy Generator