Privacy Policy

Last updated: March 26, 2026

Your privacy is our priority

At Nivenzo™ (www.nivenzo.app), we are committed to protecting the privacy and security of your personal and financial data. This Privacy Policy describes what information we collect, how we use it, how we protect it, and the rights you have over it.

The data controller is Arisneudy Santana Pozo, individual and owner of Nivenzo™, domiciled in the Dominican Republic.

📋 1. Information we collect

1.1 Account data

When you register, we collect:

Full name
Email address
Profile photo (optional, via Google OAuth or manual upload)
Timezone and language preference
Preferred currency

1.2 Financial data

The financial data you enter in Nivenzo™ is provided by you voluntarily and manually. This includes:

Financial accounts (names and balances of bank accounts, cards, cash, investments, savings)
Income and expense transactions (amounts, dates, categories, descriptions)
Debts (credit cards, loans, mortgages) with interest rates and payments
Monthly budgets by category
Savings goals with target amounts and deadlines
Scheduled and recurring payments
Shared finance information with a partner (if enabled)

⚠️ Important: Nivenzo™ does not connect to your real bank accounts or access your banking credentials. We have no access to your card numbers, banking passwords, or financial institution login information. All financial information is manually entered by the user.

1.3 Donation data

If you make a voluntary donation to Nivenzo™, we collect the following data through PayPal:

Payer email (provided by PayPal)
Payer name (provided by PayPal)
Donation amount and currency
PayPal order and capture IDs (for reference and refunds)
Payment method used (PayPal, card, etc.)
Transaction date and time

⚠️ Important: Nivenzo™ does not store credit or debit card numbers. All payments are securely processed by PayPal. We only store the data necessary to generate receipts and process refunds.

1.4 Technical data

We automatically collect limited technical data:

IP address (anonymized for analytics)
Browser type, operating system, and device
Pages visited and general usage patterns
Push subscriptions (if you enable notifications)
Application performance and error data

🎯 2. How we use your information

We use your information exclusively for the following purposes:

Service delivery: Enabling you to record, organize, and analyze your personal finances.
Personalization: Adapting the experience based on your currency, language, timezone, and preferences.
Notifications: Sending payment reminders, budget alerts, and notifications you configure.
Reports: Generating analysis, charts, and exportable reports of your finances.
Security: Protecting your account, detecting suspicious activity, and preventing fraud.
Service improvement: Analyzing aggregate usage patterns (not individual) to improve the Platform.
Communications: Sending you important service updates (never spam or third-party marketing).

✅ Our commitment: We never use your financial data to build advertising profiles, sell to third parties, or for any purpose other than providing you the service you requested.

🔒 3. Data storage and security

We implement multiple layers of security to protect your information:

🔒

Encryption in transit

TLS/SSL 1.3 on all communications between your device and our servers

🛡️

Row Level Security (RLS)

Database-level policies ensuring you can only access your own data

🔐

Secure password hashing

bcrypt algorithm with salt; we never store passwords in plain text

☁️

AWS Infrastructure

Amazon Web Services servers via Supabase with AES-256 encryption at rest

🌐

Cloudflare

Reverse proxy, global CDN, WAF firewall, and DDoS attack protection

🔑

OAuth 2.0

Secure authentication with Google; we never see or store your Google password

We do not store credit card numbers, banking passwords, PINs, or financial institution access credentials.

🤝 4. Information sharing with third parties

✅ We do not sell, rent, or share your personal or financial information with third parties for commercial, advertising, or marketing purposes.

We only share strictly necessary data with the following service providers:

Service	Purpose	Data processed
Supabase	Database & authentication	Account and financial data
Vercel	Hosting, CDN & deployment	Access logs (anonymized)
Cloudflare	Proxy, CDN & DDoS security	IP address, HTTP headers
Resend	Transactional emails	Email and name
Google OAuth	Secure sign-in	Email, name, profile photo

These providers process data under confidentiality and data processing agreements, and only have access to the minimum information necessary to fulfill their function.

Additionally, we may disclose information if required by law to comply with legal processes, court orders, or requests from competent authorities.

👤 5. Your data rights

As a Nivenzo™ user, you have the following rights regarding your personal information, in compliance with international data protection best practices:

👁️

Access

View all your personal and financial information stored on the Platform.

✏️

Rectification

Correct inaccurate or incomplete data directly from your profile or settings.

📥

Portability

Export all your data in PDF or Excel format for personal use.

🗑️

Erasure

Request the complete and permanent deletion of your account and all associated data.

🔕

Revocation

Revoke push notification and communication permissions at any time.

⛔

Objection

Object to the processing of your data for specific purposes.

⏸️

Restriction

Request temporary restriction of data processing while a complaint is being resolved.

To exercise any of these rights, you can do so from your account Settings or contact us directly through the channels listed at the end of this policy.

🍪 6. Cookies and local storage

Nivenzo™ uses minimal, essential storage technologies:

6.1 Session cookies (essential)

Necessary to keep your session securely active.
Automatically deleted when you log out or they expire.
Do not contain personally identifiable information.

6.2 Local storage (LocalStorage)

Visual theme preference (light/dark mode).
Language preference.
Cache data for improved offline experience.

6.3 Service Worker

Progressive Web App (PWA) functionality for offline use.
Push notification management.
Static resource caching for better performance.

✅ No tracking: We do not use tracking cookies, advertising cookies, tracking pixels, or invasive analytics tools. We do not integrate ad networks or retargeting services.

🕐 7. Data retention

Active account: We retain your data as long as your account is active and the service is used.
Inactive account: We may contact you after 12 months of inactivity before proceeding with deletion.
Account deletion: All your data is permanently and irreversibly deleted within a maximum of 30 business days.
Encrypted backups: Backups that may contain your data are automatically deleted after 90 days.
Anonymized data: We may retain completely anonymized statistical data that cannot identify any user.

🌍 8. International data transfers

Your data may be processed on servers located outside the Dominican Republic through our service providers (AWS in the US, Vercel in the US, Cloudflare global). These providers comply with international data protection standards and operate under data processing agreements that guarantee an adequate level of protection.

👶 9. Children

Nivenzo™ is not directed at children under 18. We do not knowingly collect information from minors. If we discover that we have collected data from a minor without verifiable parental or guardian consent, we will delete such information immediately.

If you are a parent or guardian and believe a minor has provided information to Nivenzo™, please contact us immediately so we can take the necessary measures.

🔄 10. Changes to this policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or legal requirements. When we make changes:

Significant changes will be notified through the Platform, by email, or through a visible banner.
The "last updated" date at the top of this document will be updated.
Continued use of the service after publication of changes implies acceptance of the new policy.
A history of previous versions of this policy will be maintained and made available.

📞 11. Contact and complaints

If you have questions about this policy, wish to exercise your data rights, or need to report a security incident, you can contact us:

🌐

Official platform

www.nivenzo.app

👤

Data controller

Arisneudy Santana Pozo

🔗

Controller website

arpozo.com

We commit to responding to all requests within a maximum of 15 business days.

📋 Executive summary

✓

Your financial data is yours. We never sell or share it for commercial purposes.

✓

We do not connect to your real bank accounts. Everything is manually entered.

✓

We use bank-level encryption (AES-256, TLS 1.3, bcrypt).

✓

You can export or delete all your data at any time.

✓

We do not use tracking or advertising cookies.

✓

Row Level Security ensures no one else can see your data.

Protected by

Owner: Arisneudy Santana Pozo · Dominican Republic