Privacy Policy

Account Information:When you sign up, we collect your email address and any referral code you provide. These are stored in our database to create and manage your account. We also use Firebase Authentication to handle your password securely – your password is not stored in plain text, but in an encrypted/hashed form via Firebase’s secure authentication system (we never see your actual password). This information is necessary to create your user account and verify your login details.

Mining Activity Data:When you are signed in and using the mining features of the app, we record the start and end times of your mining sessions and your device’s hash rate (processing power for mining, e.g. CPU/GPU speed). We log these metrics to enable core functionality – for example, to calculate your mining contributions and to display your mining performance. This data is stored in our database under your account.

Withdrawal Information:If you withdraw your mining earnings through the app, we collect the cryptocurrency wallet address you provide for the payout, any label or name you assign to that wallet, and the withdrawal amount. We store this information in our database and use it to process your withdrawal request and keep a record of transactions. Transaction records (like wallet addresses and amounts) may be retained for a period of time as part of our financial recordkeeping and fraud prevention measures (see Data Retention below).

Mining Earnings from Epicmine.io:The Moneyprinter App integrates with the third-party service Epicmine.io to retrieve your mining earnings. When you use Moneyprinter, our system queries Epicmine’s API to pull information about the coins you’ve mined. This may involve sending your mining identifier (such as your wallet address) to Epicmine’s servers to get your up-to-date balance. We do not share any more personal data with Epicmine than what is necessary to fetch your mining stats.

Local Settings (App Configuration):Any configuration settings or preferences you set within the app (for example, display preferences, mining toggles, or other local settings) are stored locally on your device. The app may save these preferences on your device’s local storage so that your chosen settings persist between sessions. We do not collect or upload your personal configuration settings to our servers. This means your local app preferences remain on your device and are not shared with us.

Usage and Analytics Data:We use Google Analytics to collect data about how users interact with our website (and possibly certain aspects of the app) in order to understand and improve the Service. Google Analytics may automatically collect information such as your device type, browser type, pages or screens viewed, time spent on pages, clicks and other usage statistics, and IP address. We have configured Google Analytics in compliance with privacy requirements — for example, IP addresses for users in the EU are anonymized or truncated before storage, and no personally identifying information like names is sent to Google. The data collected via Analytics cookies and similar technologies helps us analyze user behavior and preferences so we can improve our website and app (for instance, to identify popular features or troubleshoot technical issues). Please see Cookies and Tracking Technologies below for more detail on how Analytics works and your choices.

Device and Technical Data:In the course of using the app or website, we may collect certain technical information from your device for security and compatibility, such as your device’s operating system, app version, and unique device identifiers. This information is generally used to ensure the Service functions correctly on your device and to debug errors. We do not collect precise geolocation data or personal device content.

Communications:If you contact us (for example, via customer support email), we will collect the information you choose to provide in that communication (such as your contact details and the content of your inquiry). We will use this information to respond to you and resolve any issues.

We limit our collection of personal data to only what is necessary for the purposes set out in this Policy (data minimization). If we ever need to collect additional personal information, we will notify you and, if required, obtain your consent. We do not collect any sensitive personal categories such as government IDs, financial account numbers, or health/biometric data, etc. (and our Firebase backend explicitly prohibits sending sensitive data like payment info or authentication secrets).

Consent for Cookies:When you first visit our website from certain regions (like the EU/EEA), you will be presented with a cookie notice or banner asking you to consent to non-essential cookies (such as analytics cookies). We will not set analytics cookies unless you click “Accept” or otherwise give your consent, in compliance with applicable laws. If you opt out or decline, Google Analytics will be disabled or limited. For users outside those regions, by using our site, you consent to the use of cookies as described (where law permits implicit consent). In all cases, you can always control cookies through your browser settings. Most web browsers allow you to refuse new cookies, delete existing cookies, or notify you when new cookies are set. Please note that if you disable cookies entirely, some features of our Service (especially on the website) may not function properly (for example, you might not be able to stay logged in).

“Do Not Track” Signals:Some browsers offer a “Do Not Track” (DNT) setting that allows you to signal your privacy preference not to be tracked across websites. The Service does not currently respond to DNT signals, because there is no industry-standard mechanism to do so. We treat all visitors’ personal data in accordance with this Privacy Policy and the consents you have provided. If a universal standard for recognizing DNT is established in the future, we will follow it as required.

Google Analytics:For more information on how Google Analytics collects and processes data, you can review Google’s privacy documentation. Google acts as our service provider for analytics, meaning it processes the data on our behalf and cannot use the data for its own purposes except as needed to provide the analytics service. You can opt-out of Google Analytics by using Google’s opt-out browser add-on or by adjusting your cookie settings as described above. We have configured Google Analytics with a limited data retention period – currently, user-level and event data are retained for no more than 14 months before being automatically deleted from Analytics reports , in line with Google Analytics’s default privacy-focused settings.

Providing and Maintaining the Service:We use some data to create and maintain your account, allow you to log in (email/password authentication), and to let you use the Moneyprinter App’s features. For example, we use your mining activity data (start/end times, hash rate) to run the mining algorithm and credit your account with the appropriate mining rewards. Your withdrawal information (wallet address and amount) is used to execute your withdrawal transactions and deliver your mined cryptocurrency to you. Essentially, all core features of the app rely on processing the data described above. We process these data to provide the services you have requested.

Tracking Earnings and Performance:We use the data from Epicmine (mining earnings) together with your mining activity logs to show you real-time statistics of your mining performance and earnings. This usage ensures transparency so you can monitor your progress. It also helps us verify that mining rewards are correctly attributed. In addition, mining logs may be used to prevent abuse (for example, detecting bots or unauthorized multiple accounts) as part of maintaining a fair service.

Improving and Optimizing the Service:Usage data and analytics information help us understand how our users interact with Moneyprinter. We analyze these data to identify trends or problems (for instance, if a particular app feature is frequently causing errors, or if users drop off at a certain step in the process). This analysis allows us to improve user experience, add new features, and optimize performance. For example, we might use aggregated hash rate statistics to plan for server capacity, or website traffic data to improve content on our site. We may also use feedback or communication data (like support inquiries) to fix issues or enhance our offerings.

Communication and Customer Support:We may use your email address to send you important administrative or transactional communications. These include emails for verifying your account, notices about important updates to the app or this Privacy Policy, confirmations of your withdrawals or transactions, and responses to any inquiries you send us. We will not send you marketing or promotional emails unless you have explicitly opted in to such communications. Using your contact information to communicate service-related information is necessary to keep you informed about your account and the Service’s operation.

Referrals and Rewards: If you signed up with a referral code, we use that information to credit the referrer (if applicable) or to apply any sign-up bonus that may be part of a referral program. This may involve associating your account with the account of the person who referred you. We may also generate referral codes for you to share; if someone else signs up with your code, we will link you in our system for reward purposes. These uses are all part of providing the referral feature you engage with.

Security and Fraud Prevention:We use personal data to protect the security of the Service, our users, and others. This includes monitoring accounts and usage for potential malicious or fraudulent activity. For example, we might analyze mining activity patterns to detect cheating or use IP address and device information to prevent duplicate or fake accounts (each user is only allowed one account per our Terms). If we suspect fraud or a violation of our Terms, we may use relevant data to investigate and take appropriate action. Processing data for security purposes may rely on our legitimate interest in keeping our Service safe and secure.

Compliance with Legal Obligations:We may process and retain certain data as required by applicable laws or regulations. For instance, for coin withdrawals, we might need to maintain records of those transactions for a certain period to comply with regulations. If law enforcement or regulatory authorities legally require information, we may use your data to comply with those orders (after careful verification and only to the extent required by law). Additionally, if we are under a legal obligation to block certain users (e.g. sanctions), we will use data like your country to fulfill those obligations.

Enforcing Terms and Policies: We may use your information as necessary to enforce our Terms of Service or other legal agreements, and to prevent misuse of the Service. This can include using data to shut down accounts that violate our rules or to cooperate with the resolution of any disputes.

We will not use your personal information for purposes that are incompatible with the above, unless we obtain your consent or have a lawful basis for the new use. We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you without human intervention – any important decisions regarding your account (such as suspension for policy violations) involve human review.

Contractual Necessity: Most of our data processing is based on our contract with you. When you sign up and agree to our Terms, a contract is formed. We need to process your personal data (like account info, mining data, withdrawals) to provide the services that you request – this is considered performance of a contract under GDPR. Without this data, we cannot fulfill our obligations to you (for example, we cannot create your account or facilitate your mining earnings).

Consent: For certain types of processing, we rely on your consent. For example, we ask for your consent to use cookies and Google Analytics for analytics/tracking purposes (if you’re in a jurisdiction where consent is required). If we ever want to send marketing communications or collect additional data not covered by another legal basis, we would do so based on your consent. Where we process data based on consent, you have the right to withdraw that consent at any time (see Your Rights below) – withdrawing consent will not affect the lawfulness of processing before the withdrawal.

Legitimate Interests: We may process your data for purposes that are in our legitimate business interests, as long as those interests are not overridden by your fundamental rights and freedoms. For instance, it is our legitimate interest to secure our App and prevent fraud, to improve our product, and to engage in limited analytics to understand usage. We rely on these interests to process data like mining logs for fraud detection or usage data for performance improvements. When we use data for our legitimate interests, we take into account your privacy rights and ensure adequate safeguards so that your privacy is not unjustifiably impacted.

Legal Obligation: In some cases, we have a legal obligation to process certain data. For example, as noted, regulations might require us to keep transaction records and associated personal data for a set time. If we receive a lawful request (such as a subpoena or court order) to disclose data, we may do so to comply with that legal obligation.
In summary, we only process personal data when we have one of the above legal justifications. Often, the same data may be processed under multiple bases. For example, your email is processed under contract (to provide you an account), and also under legitimate interests (to send you security alerts, which you expect as part of using the service). If we ask you for personal data, we will tell you whether providing it is mandatory and what the consequences are if you do not provide it. Generally, not providing certain data (like not providing an email) will mean we cannot offer you an account or the related Service feature.

Service Providers (Processors): We use third-party companies to help operate and support our Service. These service providers act under our instructions and perform services on our behalf (they are “data processors” under GDPR, or “service providers” under CCPA). Key service providers we use include:

Google Firebase (Google Cloud): We rely on Google’s Firebase platform for our app’s backend infrastructure. Firebase Authentication stores your email and hashed password securely, and we may also use Firebase’s database or cloud storage to store other account-related data. In doing so, Google acts as our data processor – Google processes this data only on our behalf and not for its own purposes. Google is contractually bound by Data Processing and Security Terms to protect user data and comply with privacy laws. Firebase is a trusted service with industry-standard security certifications (e.g. ISO 27001, SOC 2), which helps ensure your data is handled safely. We share data like your account info and mining records with Firebase’s servers to the extent needed for storage and retrieval.

Google Analytics: As described, we use Google Analytics to collect website/app usage statistics. Google LLC (located in the USA) is our service provider for analytics. Information like your device identifiers, browser, and site usage data is automatically collected by Google Analytics when you use our Service. This allows us to generate reports on traffic and interactions (e.g., total users, popular pages). Google Analytics data is generally aggregated and not identifiable to a specific person in our reports. We have disabled any data sharing settings in Google Analytics that would allow Google to use the data for its own advertising or benchmarking. In effect, Google is processing the data solely to provide analytics to us, consistent with Google’s role as a service provider.

Epicmine API: In order to retrieve your mining earnings, our app communicates with the Epicmine.io API. This means we send a query that includes your relevant identifier to Epicmine, and Epicmine returns your mining statistics to us. Epicmine is an independent data controller for any data it processes; however, it receives only limited personal data from us (no name or contact info, just technical mining identifiers). We do not share your email or other account info with Epicmine. We encourage you to review Epicmine’s own privacy policy to understand how they handle data. We are simply using their service to pull data on your behalf. The information returned from Epicmine (your earnings) is treated as part of your personal data in our system and is protected accordingly.

Email and Support Tools: If we use a third-party email service to send communications, then your email address and content of emails might pass through that service. Similarly, if we use a customer support ticketing system or chat service, any personal data in your support requests could be stored with that provider. We will ensure any such providers are reputable and contractually obligated to protect your data. (As of now, support is handled via direct email, but this is a general disclosure in case we implement support tools.)

Business Partners: We currently do not share personal information with any third-party business partners for their independent use. If in the future we partner with, say, a rewards program or another app for a joint feature, we will update this Policy and, if necessary, ask for your consent before sharing your information.

Legal Compliance and Protection: We may disclose your information to third parties if we reasonably believe that such disclosure is required to (a) comply with any applicable law, regulation, legal process, or governmental request (such as a court order or subpoena), (b) enforce our Terms and other agreements, (c) detect, prevent, or otherwise address fraud, security, or technical issues, or (d) protect the rights, property, or safety of our users, the public, or Epicenter Labs Ltd. For example, if law enforcement provides a lawful order to obtain data about a user involved in criminal activity, we may be obligated to comply after verifying the request’s legitimacy. We will ensure any request is legally valid and will only disclose the minimum necessary data. Additionally, if we receive a request from a government or law enforcement entity, we will require appropriate legal process (such as a court order) before providing any user data, unless there is an emergency involving imminent harm.

Corporate Transactions: In the event that Epicenter Labs Ltd (or the Moneyprinter App business) is involved in a merger, acquisition, sale of assets, bankruptcy, or reorganization, your personal data may be among the assets transferred to the buyer or successor entity. We would only do this subject to strict confidentiality arrangements and only to allow continuity of the Service. The new owner would be required to honor the commitments we have made in this Privacy Policy. We will notify you (for example, via email or a notice on our website) of any such change in ownership or control of your personal information, as required by law.

When we share information with service providers, we do so under agreements that require them to protect your data and use it only for the purposes we specify . For instance, our contracts with service providers include data protection clauses (Standard Contractual Clauses or equivalent, where needed) and confidentiality obligations. They cannot legally use your data for their own marketing or share it with others (in GDPR terms, they can only process it on our documented instructions).

We also want to reiterate that we do not sell your personal data. We do not provide your information to third parties in exchange for money. Moreover, we do not share your personal information for targeted advertising or similar “sharing” as defined under the California Consumer Privacy Act (CCPA). Because we do not sell or share personal information in those ways, we do not provide a “Do Not Sell My Personal Information” link (as it is not applicable). If this ever changes, we will update this Policy and provide appropriate opt-out mechanisms.

Google/Firebase Data Transfers: Google has committed to compliance with cross-border data protection frameworks. Google LLC is certified under the EU-U.S. Data Privacy Framework (DPF) and the Swiss-U.S. DPF . This means that for personal data transferred from the EU/EEA to the United States, Google ensures an adequate level of protection in line with EU legal requirements. (The DPF replaced the invalidated Privacy Shield, and provides a mechanism for compliant data transfer as of 2023.) Additionally, Google, as our data processor, is bound by Standard Contractual Clauses with us, which are EU-approved model clauses that legally commit recipients to protect personal data.

Other Transfers: When we transfer personal data to BVI (a jurisdiction which currently does not have an EU adequacy decision) or any other country not deemed adequate by the EU, we will ensure appropriate safeguards are in place. Typically, this means we implement Standard Contractual Clauses (SCCs) as part of our contracts with service providers or partners, obligating them to protect EU personal data to GDPR standards. In some cases, we may rely on your explicit consent for certain transfers, or on other derogations permitted by law (for example, if a transfer is necessary to perform a contract with you).

Your Acknowledgement:By using the Service or submitting information to us, you understand that your personal data may be transferred internationally. Different countries may have different data protection laws than your country, and your data may be subject to lawful access by courts, law enforcement, or other authorities in those jurisdictions. However, wherever your data is processed, we will take steps to protect it in line with this Policy and applicable law.

Data Storage Locations:Our servers (or those of our cloud infrastructure providers) may be located in multiple regions. We currently utilize reputable cloud services to host data. If we primarily store data in a certain region (e.g., United States for Firebase), we will update this Policy once that is confirmed. Regardless of location, we maintain the same protections on your data.

Account Information (Email, Referral Code, etc.): We retain your core account details for as long as you maintain an active account with us. If you choose to delete your account or request that we delete it, we will remove or anonymize your personal information from our live systems within a reasonable time after your request (usually within 30 days, unless a different timeframe is required by law). We may retain your email address or account identifier for a period after deletion in our backups or archives, or to keep a record that you had an account (to prevent re-registering under the same email as a fraud measure). Any such retained data will be safeguarded and eventually purged or anonymized as well, in accordance with our backup retention schedule.

Mining Activity Data (Sessions and Hash Rate): These logs are kept as part of your account history to provide you with ongoing access to your performance statistics. We generally retain mining session data for as long as your account exists, so that you (and we) have a continuous record of your mining contributions and can verify earnings. However, if storage constraints or other considerations arise, we may aggregate or delete older mining logs that are no longer needed. For example, we might keep detailed mining session records for a certain number of months and then only retain summary data thereafter. We ensure that any such policies still allow accurate calculation of your entitled earnings. If you delete your account, mining activity data will be deleted or anonymized alongside your account (except to the extent needed for recordkeeping as noted below).

Withdrawal and Transaction Records: Records of cryptocurrency withdrawals (wallet addresses, labels, amounts, and dates) are important from both a service and a legal standpoint. We retain these records for a minimum of five (5) years after the transaction, even if you delete your account, in order to comply with potential financial regulations, tax and accounting requirements, and anti-fraud obligations.

Local Configuration Data: Since settings and preferences are stored on your device and not on our servers, we do not have direct control over their “retention.” You can clear or reset the Moneyprinter App data on your device at any time, which would delete those local preferences. If you uninstall the app, those local settings are removed from your device. We do not have a copy of this data to retain or delete on our end.

Analytics Data: Data collected via Google Analytics and similar tools is retained according to Google’s settings and our configuration. As mentioned, our Google Analytics data retention setting is currently no more than 14 months for user-level data, meaning analytics data about your visits is automatically deleted from Google’s servers after that period. We typically analyze trends on an aggregate level and do not store raw analytics logs ourselves outside of Google Analytics. Any aggregated analytics reports we keep (which do not identify individuals) may be retained longer for historical analysis.

Communications and Support: If you contact us via email or support channels, we may retain that correspondence for a period of time to assist you and for our records. Typically, support emails are kept for up to 1-2 years, unless we are legally required to retain them longer (for example, if a particular complaint must be retained under consumer protection laws), or if they are needed to establish our rights (like if a dispute arises).

Backup and Archival Copies: Like most companies, we perform periodic data backups for disaster recovery. Backup media are retained for a certain duration (often a rolling period such as 30-90 days) and then overwritten or deleted. It’s possible that your personal data could remain in encrypted backups after it’s removed from our active databases. We secure those backups and restrict access. If we restore a backup that contains data previously deleted at your request, we will re-delete that information promptly. We also eventually delete or anonymize older backups in line with our retention policies.

When the retention period for a piece of personal data expires, or if you ask us to delete your data and we have no ongoing legitimate reason to keep it, we will ensure the data is securely deleted or anonymized. Anonymization means we remove personally identifying elements so that the data can no longer be linked to you (for example, we might keep aggregated mining statistics that no longer reference individual users). We periodically review the data we hold and erase or anonymize personal data that is no longer necessary for any purpose .

If there are any pieces of data we cannot fully delete due to technical constraints or legal requirements, we will isolate that data and ensure it is not actively processed anymore, and we will remove it as soon as possible.

Encryption: All network communication to and from the Moneyprinter App and website is encrypted using Transport Layer Security (TLS). This means that when you enter personal data (like your login credentials) or view your information through the app or site, the data is transmitted securely over the internet. We also employ encryption at rest for stored data where applicable, especially for sensitive data. For example, passwords are stored only in hashed form (using Firebase Authentication’s secure hashing), and database fields may be encrypted depending on sensitivity.

Access Controls: Access to personal data within our organization is limited on a need-to-know basis. Only authorized personnel who require your information to perform their duties (e.g., technical staff or customer support responding to your inquiry) can access it. All staff are bound by confidentiality obligations. We also ensure that our service providers (like Google) have robust access controls in place on their end.

Security Testing and Updates:We regularly update our application and backend systems to address security vulnerabilities. We utilize Firebase and other cloud services that are maintained with the latest security patches. We may perform periodic security audits or penetration testing (directly or via third parties) to identify and fix potential weaknesses.

Monitoring and Logging:Our systems log access and actions to provide an audit trail in case of any issues. We monitor for suspicious activities or anomalies that might indicate a security threat or misuse of the Service. This helps us respond quickly to potential incidents.

Organizational Policies:We have internal policies for data handling, encryption of devices, and incident response. Our team is trained on best practices for data protection and privacy. We treat user data as confidential and have measures in place to prevent unauthorized viewing or sharing of your data internally.

While we strive to protect your information with these rigorous measures, it’s important to understand that no method of transmission over the internet, or method of electronic storage, is 100% secure. We cannot guarantee absolute security of data. In particular, no software is perfectly secure against all hackers or cyberattacks. However, we do our best to protect your personal data, and we partner with top-tier infrastructure providers (like Google Firebase) who also implement strong security controls. We also have processes to notify users and authorities (when required by law) in the event of certain types of data breaches.

In the unfortunate event of a security breach that affects your personal data, we will act promptly to contain and investigate the issue. We will also notify you and any applicable regulatory bodies as required by law. Our incident response plan includes steps for remediation and preventing future occurrences.

In summary, we employ industry-standard security practices and continually work to enhance our protections. Nevertheless, by using the Service, you acknowledge that there are inherent risks in transmitting data over the internet, and we cannot warrant the security of information on a 100% basis. We recommend that you also take precautions, such as using a strong, unique password for the Moneyprinter App, not sharing your account credentials, and keeping your devices secure.

Right to Access:You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the data we hold about you. We will provide you with a summary of your personal information in our files, and supplementary details such as the purposes of processing, the categories of data, and the recipients with whom it’s shared, as required by law. For example, you can request a copy of the account data and logs we have associated with your account. (Under CCPA, this is known as the “Right to Know” what personal information is collected, used, and shared.)

Right to Rectification (Correction):We want to ensure that your personal data is accurate and up-to-date. If you find that any information we hold about you is incorrect or incomplete (for example, you change your email address or notice an error in your profile), you have the right to request that we correct or update it. Most basic account info can be updated by you through the app interface (if applicable). For any other corrections, contact us and we will rectify the information as soon as possible. (Similarly, California residents have the right to request correction of inaccurate personal information under the CPRA amendment.)

Right to Deletion:You have the right to request deletion of your personal data (the “Right to be Forgotten”), subject to certain exceptions. This means you can ask us to delete the personal information we have collected from you. For Moneyprinter, this typically involves deleting your account and associated data. Upon verification of your identity and your request, we will delete your account data from our active systems, unless a legal exception applies. Exceptions: We may not be able to fulfill a deletion request if retaining the information is necessary, for example, to complete a transaction you initiated, to detect security incidents or prevent fraud, to comply with a legal obligation, or other exceptions provided by law. We will inform you if any such exception applies. If we must retain certain data (like transaction records for legal compliance), we will isolate it from active use and only keep it for the required period (see Data Retention above). Deletion requests will be honored within the timeframes required by law (generally within one month under GDPR, and within 45 days under CCPA – with the possibility of a 45-day extension, of which we would inform you).

Right to Restrict Processing:In certain circumstances (for instance, if you contest the accuracy of your data or object to our processing), you have the right to request that we restrict processing of your data. This means we would mark the data so that it is only stored and not actively used for any purpose until the issue is resolved. If you request restriction, and your case meets the criteria under GDPR, we will put your data on hold aside from necessary processing (like making sure no further changes happen to it).

Right to Object: You have the right to object to our processing of your personal data in some situations. For example, if we process your data based on legitimate interests, you can object to that processing if you believe it impacts your rights. You also have the absolute right to object to your data being used for direct marketing purposes. We currently do not use your data for marketing without consent, but if we ever do, we will honor any opt-out or objection immediately. If you raise an objection, we will evaluate whether we have compelling legitimate grounds to continue the processing and let you know the outcome. Generally, we will stop the processing you objected to, unless an exemption applies.

Right to Data Portability:You have the right to receive your personal data that you provided to us, in a structured, commonly used, and machine-readable format, and to have that data transmitted to another controller (if technically feasible), under the conditions of GDPR. In plain terms, we can provide you with a file of your basic account information and data so that you can move it to another service if you wish. This typically applies to data processed by automated means under consent or contract. If you need such portable copy, let us know and we will work to accommodate it in a reasonable format (e.g., JSON or CSV file).

Right to Withdraw Consent:If we are processing any of your personal data based on your consent, you have the right to withdraw that consent at any time. For example, if you have given consent for Google Analytics cookies, you can withdraw it by updating your cookie settings on our site (or by using browser controls to block those cookies). If you have consented to receive marketing emails, you can unsubscribe at any time (though, as noted, we are not sending marketing emails without consent). Withdrawing consent will not affect the lawfulness of any processing done before the withdrawal. If you withdraw consent for a particular feature or service, we may not be able to provide that feature (for instance, if you withdraw consent for analytics, you might see less personalized content, etc., but core features will remain unaffected).

Right not to be subject to Automated Decisions:As mentioned, we do not use automated decision-making without human oversight for anything that produces legal or similarly significant effects. If that changes, you would have the right to object and seek human review of any such decision.

Right to Non-Discrimination (CCPA):If you are a California resident, you have the right not to receive discriminatory treatment by us for the exercise of any of your privacy rights. This means we will not deny you service, give you a different level or quality of service, or charge you a different price just because you exercised your rights under the CCPA. We provide the same Service to all users on equal terms, regardless of your privacy choices. (Note: In certain cases, if you ask us to delete data that is necessary to provide the Service, we may not be able to continue providing you that Service – for example, deleting your account. But this is a consequence of you opting to delete data, not a discriminatory action on our part. We will inform you if such a situation arises.)

Additional California Rights:California consumers also have the right to request, up to two times per 12-month period, a report detailing the categories of personal information we have collected, the categories of sources of that information, the business purpose for collection, the categories of personal information disclosed for a business purpose, and the categories of third parties with whom information was shared (all covering the prior 12 months). We aim to provide this information in a general form through this Privacy Policy, but you may request a more personalized report and we will provide it to the extent required by law. As stated earlier, California residents have the Right to Opt-Out of Sale or Sharing of personal information, but since we do not sell or share data for behavioral advertising, this right is more of a formality in our case. We treat any such request as a confirmation that we do not engage in those practices.

Right to Lodge a Complaint:If you believe that we have infringed your privacy rights or violated any data protection law, you have the right to lodge a complaint with a supervisory authority. For EU users, this would be your country’s Data Protection Authority (DPA). For example, if you are in France, you can complain to the CNIL; if in Germany, to your state’s DPA. If you are in the UK, you can contact the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns directly before you do this – so please consider reaching out to us first, and we will do our best to resolve the issue. For California residents, if you have concerns about how we handled your CCPA request, you may contact the California Attorney General’s office.

We will not charge you for exercising your rights unless the requests are manifestly unfounded or excessive (for example, repetitive requests), in which case we may charge a reasonable fee or refuse to act. We will respond to your verified request as soon as we can and within the timeframe required by law. Under GDPR, we generally have one month to respond (which can be extended by two further months for complex requests, but we will inform you if that is the case). Under CCPA, we have 45 days to respond to access or deletion requests (with a possible 45-day extension with notice). Our goal is to handle requests much faster than these outer limits.

How to Exercise Your Rights:To exercise any of your rights, please contact us via email at moneyprinterapp@gmail.com. In your request, please specify which right you are exercising and provide us with enough information to verify your identity. For example, we may ask you to send the request from the email associated with your Moneyprinter account or ask for some identifying information to ensure we are dealing with the correct individual. This verification step is important to protect your data from unauthorized access (we wouldn’t want someone else to be able to get your data or delete your account by pretending to be you). For certain requests, especially under CCPA, we may use a tiered verification process based on the sensitivity of the data requested. If you have an authorized agent making a request on your behalf (for California residents), we will need proof of authorization (e.g., a written permission from you or a power of attorney, plus verification of the agent’s identity).

We will confirm receipt of your request and keep you updated on its status. If we need more information to process your request, we will let you know promptly. Once we have enough information, we will proceed to fulfill your request or explain any reasons we cannot comply (such as a legal exception).

Rest assured, we are committed to enabling your privacy rights and will not retaliate or deny you services for exercising them, in accordance with best practices and regulations . Our aim is to be transparent and helpful in addressing any privacy inquiries you have.