Back
WeZioo • Privacy Policy

Privacy Policy

Last updated: October 5, 2025

This policy explains what data we collect, why, how we use it and the rights you have, in accordance with GDPR and app store requirements.

1. Who is responsible?

The data controller is: Jeremy TETU (NexOps Consulting), whose registered office is located in Pegomas. Email: contact@wezioo.com.

2. Policy scope

This policy applies to the WeZioo mobile application, our associated websites (e.g. wezioo.com) and related services (support, notifications, subscriptions).

3. Data we collect

  • Identity & account: name, email address, authentication credentials (via Apple, Google or email/password), profile photo (if provided).
  • App data: expenses, transfers, categories, recurring transactions, currency, preferences, relationships/sharing (e.g. couples), attachments you add.
  • Subscriptions & payments: technical information related to in-app purchases (product identifiers, receipts/validation tokens, subscription status) — the transaction is processed by the App Store or Google Play, not by WeZioo.
  • Devices & diagnostics: device model, OS, advertising/notification identifiers (e.g. push notification tokens), technical logs, performance, crash reports.
  • Support: content of your requests, attachments, metadata.
  • Location: only if you authorize it and if a feature requires it (e.g. currency-related suggestions), otherwise not collected.

We do not collect your bank account details. In case of connection to a third-party banking aggregator (e.g. Powens), data is processed according to their policies and your specific authorizations.

4. Where does the data come from?

  • Directly from you: when creating an account, using the app and your interactions with support.
  • Platforms: Apple App Store / Google Play for in-app purchase validation and subscription status.
  • Subcontractors: authentication, notification, database and analytics services (see section 6).

5. Purposes & legal bases

Legal bases (GDPR art. 6)

Contract, Legitimate interest, Consent, Legal obligation.

  • Provide the service (contract): create/maintain your account, synchronize your data, ensure functionalities (expenses, transfers, recurring transactions, multi-currency, etc.).
  • Subscriptions (contract/legal obligation): enable purchase, validate eligibility, manage status and billing via Apple/Google.
  • Security & integrity (legitimate interest/obligation): prevention of abuse/fraud, incident diagnosis, logging.
  • Notifications (legitimate interest/consent depending on platform): reminders, alerts, service messages. You can manage your preferences in the OS.
  • Product improvement & stats (legitimate interest/consent): anonymized/aggregated measurements. When required, we ask for your consent.
  • Legal compliance (obligation): responses to authorities when required by law.

6. Sharing & processors

We do not sell your data. We only share it with:

  • Technical providers (hosting, database, authentication, analytics, crash) — e.g. Google Firebase (Auth, Firestore, Storage, Cloud Functions), Google Crashlytics/Analytics.
  • Subscription managementApple App Store, Google Play (purchases) and RevenueCat (subscription mediation/validation).
  • Push notifications — e.g. Expo/FCM/APNs.
  • Support — ticketing/messaging tools if used.
  • Voluntary sharing: with your loved ones/partners if you invite them to WeZioo (relationships/shared spaces).
  • Authorities: if required by law.

Our service providers act on WeZioo's instructions, under GDPR-compliant contracts.

7. Transfers outside EU/EEA

Some data may be processed outside the EU/EEA (e.g. United States). When this is the case, we implement appropriate safeguards: Standard Contractual Clauses (SCC) from the European Commission and additional measures, where applicable.

8. Retention periods

  • Account & content: for the duration of use, then deletion or anonymization within a reasonable time after closure.
  • Logs & security: short durations necessary for diagnosis (generally 3 to 12 months).
  • Subscriptions: proof of purchase and necessary elements retained according to legal obligations (e.g. accounting/tax).
  • Support: time to process the request then limited archiving.

9. Security

We implement appropriate technical and organizational measures (encryption in transit, access controls, backups, logging, development best practices). As no system is infallible, we recommend that you protect your device and credentials.

10. Your rights (GDPR)

You can exercise: right of access, rectification, erasure, limitation, objection, portability, and, where applicable, withdrawal of consent. To do so, contact us at contact@wezioo.com specifying your request and the address associated with the account.

You can also set guidelines on the fate of your data after your death when local law permits.

11. Cookies & trackers

Mobile application: no cookies in the browser sense, but technical identifiers may be used for connection, security, notifications or usage measurement (compliant with Apple/Google rules). You can manage certain consents in the app or in OS settings (notifications, advertising identifier).

12. Children

WeZioo is not intended for children below the age required by local law. We do not knowingly collect data from children without appropriate consent. If you believe a child has provided us with data, contact us for deletion.

13. Modifications

We may update this policy for legal, technical or operational reasons. If changes are substantial, we will inform you by appropriate means. The "last updated" date above reflects the current version.

14. Contact & complaints

Contact: contact@wezioo.com

Supervisory authority: you can lodge a complaint with the CNIL (France) or your local data protection authority.

Transparency: this policy covers Firebase, RevenueCat, App Store / Google Play, push notifications and analytics, in order to meet platform and GDPR requirements.