Cashinator
We take the protection of your personal data very seriously. We ensure compliance with data protection regulations through technical and organizational measures. This document describes how we process data within the Cashinator App and the website www.cashinator.de (hereinafter referred to as the Cashinator Website).
With this privacy policy, we want to inform you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as "data"). Personal data includes all information related to you personally, such as your name, address, email address, or user behavior. This privacy policy applies to all data processing operations carried out by us, both as part of our core activities and for the online media we provide.
Responsible for data processing is:
Daniel Mikus
Oderberger Str. 39
10435 Berlin
Germany
Further contact options can be found in the Imprint.
The Cashinator app requires the following permissions, fully detailed below. Most of these permissions require explicit consent from the user before they can be used by the app.
On iOS, you will explicitly be asked for consent regarding specific permissions, allowing you to make direct decisions in each case. The complete list of permissions corresponds exactly to the list found under “Permissions for the Cashinator App on Android.”
The data you enter in the app is stored exclusively for synchronization purposes between multiple devices on a server located in Germany (see section "Hosting"). This data cannot be associated with your identity. We have no means of linking this data to you personally and do not combine it with other data sources. In case of errors or issues, you may send us two keys stored on your device, which allow access to your specific Journey or Group. The legal basis for this can be found in the "Contact" section.
The Cashinator app contains a link to the Cashinator websites, whose privacy policies are described in this document.
In the Cashinator app, you can manually enter a location for a transaction during your journey, or allow the app to automatically determine and add the location using the device's GPS signal. You can individually select which details of the identified location should be included, such as city, country, postal code, street, and specific latitude and longitude. The GPS signal and derived location information are read only after explicit user consent and then stored along with the corresponding transaction on the Cashinator servers.
Sensitive GPS information stored on the servers is neither shared with third parties nor used for additional analysis or tracking purposes outside your personal app instance. Due to the deliberate avoidance of registration and login within the Cashinator app, the stored location information cannot be linked to your identity.
Location data is only accessible to persons with access to the associated Journey or Group. All stored location data can be viewed, manually modified, or deleted at any time within the app. No version history of changed data is stored, nor is this planned for the future.
Once consented, GPS sensor data is read only at the exact moment the user initiates a new expense entry or taps the button to capture the current location. Cashinator never reads location data in the background without the user's knowledge.
Data recorded through the use of the Cashinator app, visiting this website, or contacting us, will generally only be transmitted to third parties if this is legally required, stipulated by a court order, or if disclosure is necessary in case of attacks on the internet infrastructure of the Cashinator app for legal or criminal prosecution purposes. Data will not be shared for other commercial or non-commercial purposes.
According to GDPR, you have the following rights, which you can exercise at any time by contacting the responsible party indicated in section 1 of this privacy policy:
[1] We inform you in advance that neither this website, the app, nor connected servers process personal data. Registration is neither required nor possible. The data you enter in the app is stored exclusively on servers located in Germany (see section “Hosting”) and is only visible to you. Data is not shared with third parties. If you share groups or journeys with other users, this data is visible only to people who have a temporary access code. The code remains valid for only a few days.
[2] We do not store any personal data on the website or within the Cashinator app, so this aspect is irrelevant. If you have any further questions, you can contact us using the contact information provided in section 1.
[3] Deletion of your data on our end is only possible if you provide us with your key pair (see below). Without this key pair, we cannot establish a connection between you and the data to be deleted. Alternatively, you can independently delete your data by removing your groups, journeys, and backups on your device—provided you have not previously shared them with third parties.
You have the right to withdraw your consent for the processing of your data at any time, with effect for the future. This specifically concerns the storage and use of cookies for analytics and marketing purposes. You can withdraw your consent via the Cookie settings on our website or by deleting the cookies in your browser.
The collection and storage of server log files (e.g., IP address, access times, pages visited) is based on our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in ensuring technical security and analyzing errors. There is no right to object in this case, as this processing is absolutely necessary for the operation of the website.
We do not permanently store personal data. Server log files collected for technical security purposes are automatically deleted after 30 days. Cookies and analysis tools have different retention periods, which you can view in the cookie settings and delete anytime through your browser.
If you submit a support request to us via email and provide personal data (such as a key pair for accessing your data entered in the app), we only retain your data for as long as necessary to respond to your request. Once your request has been completed, your data will be deleted. We also delete your data if we no longer require it or if you request its deletion. This means that—unless otherwise stated in specific privacy notices within this Privacy Policy—we will delete your data:
However, if we are required to retain your data (or certain parts of it) for other purposes—such as compliance with statutory retention obligations (typically 6 years for business correspondence or 10 years for accounting records), or for the establishment, exercise, or defense of legal claims arising from contractual relationships (up to 4 years), or if the data is necessary to protect the rights of another natural or legal person—we will delete (that part of) your data only after these retention periods have expired. Until such time, we restrict the processing of this data solely to fulfilling these retention obligations.
Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored on your device. Cookies primarily enable the exchange of information between your device and our website.
When visiting our website, we use so-called persistent cookies. Persistent cookies remain stored even after you close your browser. This enables our website to recognize your device upon your next visit.
These cookies store information such as your cookie preferences on our website, so we don't have to repeatedly ask for your consent to use cookies. Cashinator does not store personally identifiable information in cookies on this website. However, cookies placed may document and store your browsing behavior through our partners (see below). This data may be used for statistical, marketing, and personalization purposes. We maintain statistics on the use of our website to continually improve our offering and tailor it to your needs.
Cookies can also be categorized according to their purpose:
The Cashinator app and Cashinator websites do not create their own cookies, meaning that the operator has no means of clearly identifying you. Instead, only a data record is stored in your browser's Local Storage, which saves your cookie preferences, so you are not repeatedly asked about privacy settings on each page.
The Cashinator app itself does not use cookies in a way that stores personal data or shares it with third parties. However, the Google-based analytics tool Firebase Analytics stores data on servers in the USA. This data is used to improve the app and identify errors. It measures which features are used and how often, how long the app remains open, which devices are used and which devices have stability issues. This data is not personal, anonymous, and does not create cross-references to other websites or allow conclusions about your identity.
To provide our websites and store backup and synchronization data within the Cashinator app, we use one or more hosting provider whose servers store our websites and make them accessible on the internet (hosting). These providers may process all data transmitted via your browser when you access our website. This includes, in particular, your IP address, which is necessary for the provider to deliver our website content to your browser, as well as any inputs you make via our website. Additionally, our hosting providers may collect:
The above-mentioned data is stored as log files on our provider's servers. This is necessary to ensure the stability and security of our website. Backup and synchronization data from the Cashinator app are also stored on our provider’s servers in a database system. This data is protected from unauthorized access by the hosting provider using appropriate encryption methods.
If you contact us via email, social media, phone, fax, mail, or through other personal means, providing us with personal data such as your name, telephone number, or email address, or any further details about yourself or your inquiry, we will process this information to respond to your request within the scope of our pre-contractual or contractual relationship.
We use services for displaying online advertisements. These services collect certain user data through cookies or pixels. This includes information such as the referring website from which you accessed our website (the referrer), pages of our website that you visited, the duration of your visit, and interactions you made on our site. Additionally, data about your browser, computer system, and device type is collected. Demographic information such as age or gender may also be recorded in pseudonymous form through these services. If you have consented to location tracking, your location data may also be processed, depending on the provider. To collect and store this data, the respective service places a cookie or tracking pixel on your device, which also records your assigned IP address. However, this IP address is shortened using IP masking, ensuring it cannot be directly associated with your visit to our website. Generally, no clear data such as names or email addresses are stored by these services unless you are a member of a social network offering such services and your profile is merged with the aforementioned data.
The collected data is analyzed by the service provider to generate reports with statistical insights about the number of visitors generated through advertisements and the success of advertising campaigns. These reports contain, among other things, the total number of users redirected to our website via advertisements, information on devices and browsers used, user locations, and the times when advertisements were clicked. However, these reports do not include information that would allow personal identification of individual users.
Please note that depending on the service provider's location, the data collected through the service may be transferred and processed outside the European Union. In this case, there is a risk that the data protection standards required by the GDPR may not be fully met, making it difficult or impossible to enforce your rights.
To measure and statistically analyze traffic on our website, we use web analytics services. These services collect data on how you arrived at our website (referrer), which pages of our website you visited, how long you stayed, and the interactions you made. Additionally, information about your browser, computer system, and device type is collected. Demographic data, such as age or gender, may also be captured in pseudonymous form. If you have consented to the collection of your location data, this information may also be processed depending on the provider.
To collect and store this data, the web analytics service we use typically places a cookie on your device, through which your assigned IP address is recorded. However, your IP address is shortened through an IP-masking process, ensuring it can no longer be associated directly with your visit to our website. Furthermore, no personally identifiable data such as your name or email address is stored. Neither we nor the service provider knows the identity of visitors to our website.
The service provider may use cookies to create pseudonymous usage profiles by gathering information from different devices.
Please note that depending on the service provider's location (listed below), data collected by the service may be transferred and processed outside the European Union. In such cases, there is a risk that the data protection standards required by the GDPR may not be fully upheld, making it difficult or impossible for you to enforce your rights.
We maintain profiles on the social networks listed below. When you visit one of these profiles, data described below will be collected and processed by the respective platform provider. Generally, this data is collected for advertising and market research purposes, and usage profiles are created based on this data. These profiles can include information independent of the device you use, particularly if you are a member of the platform and logged into your account. The providers may use these profiles to display interest-based advertisements. You have the right to object to the creation of such user profiles, and you must contact the respective provider directly to exercise this right.
If you have an account with one of the providers listed below and are logged in when visiting our website, the respective provider may collect data about your browsing behavior on our site. To prevent such linking of your data, you can log out of the provider's service before visiting our website.
Details on the purpose and extent of data collection by each provider can be found in their respective privacy policies, linked below.
Please note that depending on the provider’s country of operation, data collected through their platforms may be transferred and processed outside the European Union. In such cases, there is a risk that the data protection standards required by GDPR may not be fully upheld, making it difficult or impossible to enforce your rights.
We implement technical and organizational measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. These measures are intended to safeguard your data from accidental or deliberate manipulation, partial or total loss, destruction, or unauthorized third-party access.
We reserve the right to modify this Privacy Policy to reflect changes to our practices or to comply with updated legal or regulatory requirements. As such, we encourage you to periodically review this Privacy Policy.
This Privacy Policy is currently valid and effective as of March 2025. Due to changes in applicable laws or official regulations, it may be necessary to amend this Privacy Policy accordingly.
Google Play and the Google Play logo are trademarks of Google LLC. Apple, the Apple logo, iPhone, and iPad are trademarks of Apple Inc., registered in the U.S. and other countries and regions. App Store is a service mark of Apple Inc.