SideStacks ("we", "us", "our") is an Australian business registered in Western Australia, trading as SideStacks (ABN 19 813 173 221). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the SideStacks mobile application ("the App").
We are committed to complying with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), the UK General Data Protection Regulation (UK GDPR), and the EU General Data Protection Regulation (GDPR) where applicable.
We collect the following categories of information:
Account Information — When you register, we collect your name, email address, and password (stored as a secure hash). If you sign in with Google or Apple, we receive your name and email address from those providers. If you sign in with multiple providers using the same email address, your accounts are automatically linked under a single profile.
Financial Data — Income entries, expense entries, transaction notes, categories, invoice details, and client information that you enter into the App. This data is stored on your account and is not shared with third parties for marketing purposes.
Mileage and Location Data — If you use the mileage tracking feature, we record trip distances and dates that you log manually. We do not collect continuous GPS or background location data.
Profile Photo — If you upload a profile photo, it is stored securely in Firebase Storage and associated with your account.
Usage Data — We may collect anonymous usage analytics (e.g. which screens are visited) to improve the App. This data does not identify you personally.
Device Information — We may collect device type, operating system version, and app version for diagnostic and support purposes.
We use your information to:
• Provide and maintain the App and its features
• Authenticate your account and keep it secure
• Generate AI-powered financial summaries and insights (your data is sent to OpenAI's API for processing — see Section 4)
• Process in-app purchase subscriptions via RevenueCat
• Send optional push notifications about your financial activity
• Respond to your support requests
• Improve and develop new features
• Comply with our legal obligations
If you are located in the UK or European Economic Area, we process your personal data on the following legal bases:
• Contract — processing necessary to provide the App under our Terms of Service
• Legitimate Interests — improving the App, preventing fraud, and maintaining security
• Consent — for optional push notifications; you may withdraw consent at any time in your device settings
• Legal Obligation — where required by applicable law
We use the following third-party services that may receive your data:
Firebase (Google LLC) — We use Firebase Authentication, Firestore (database), Firebase Storage, and Firebase App Check to store your account and financial data and to protect the App from unauthorised access. Data is stored in Google's cloud infrastructure. Google's privacy policy applies: https://policies.google.com/privacy
OpenAI — When you use the AI Summary feature, selected financial data from your stacks is sent to OpenAI's API to generate insights. OpenAI does not use API data to train its models. OpenAI's privacy policy: https://openai.com/policies/privacy-policy
RevenueCat — We use RevenueCat to manage in-app subscriptions. RevenueCat may receive your user ID and purchase events. RevenueCat's privacy policy: https://www.revenuecat.com/privacy
Apple / Google — In-app purchases are processed by Apple (App Store) or Google (Play Store) under their respective privacy policies.
We do not sell your personal information to third parties.
We retain your personal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.
You may request deletion of your data at any time by contacting us (see Section 11).
Depending on your location, you may have the following rights:
• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete data
• Deletion — request deletion of your personal data ("right to be forgotten")
• Portability — request your data in a structured, machine-readable format
• Objection — object to certain processing of your data
• Restriction — request that we restrict processing of your data
• Withdraw Consent — where processing is based on consent, withdraw at any time
Australian residents may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au. UK residents may contact the Information Commissioner's Office (ICO) at www.ico.org.uk.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (TLS), secure Firebase security rules, and access controls.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
The App is not directed to children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
Your data may be processed and stored in countries outside your own, including the United States (where Google and OpenAI servers are located). Where required by law, we ensure appropriate safeguards are in place for such transfers, including standard contractual clauses.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the App and, where appropriate, by sending you an email notification. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
SideStacks Support
Email: [email protected]
Website: https://sidestacks.app