Data privacy statement of Cashinator App
and Cashinator website

Last update: 2024/01/14

I (Daniel Mikus) take the protection of your personal data very seriously. I ensure technically and organisationally that Cashinator complies with the data protection regulations. This document describes how I can use the information provided in the Cashinator app and the website www.cashinator.net (in the the following "Cashinator website").

Regarding: Cashinator app

Cashinator app authorizations for Android

Cashinator requires the following permissions, which are detailed in full here. Most of these permissions require explicit user consent before they can be utilized by the app.

• ACCESS_COARSE_LOCATION (Coarse Location Access):
  If you wish, Cashinator can enter the location of an expense for you automatically. Cashinator utilizes device location services, calculating the device's position based on provider data and surrounding WLAN networks.
• ACCESS_FINE_LOCATION (Fine Location Access):
  In addition to coarse location (see ACCESS_COARSE_LOCATION), upon explicit user permission, Cashinator performs more accurate position determination through the device's GPS module when creating new expenses. See also "Usage of Location Data in the App".
• ACCESS_NETWORK_STATE (Access Network State):
  Required to establish secure communication with Cashinator servers.
• BILLING (In-App Purchases):
  If you want to purchase additional trips/groups or support Cashinator's development with tips, access to in-app purchase processing provided by Android and Apple is necessary. Cashinator does not store any payment methods, credit card information, or associated personal data. All payments are exclusively handled by Apple and Android.
• CAMERA (Access Camera):
  Needed to scan the barcode from another device to join its displayed trip or group. Starting from App version 3.3, one or more photos (e.g., receipts, invoices, or restaurant bills) can also be added to an expense. These photos can be taken directly from within the app.
• FLASHLIGHT (Flashlight):
  Required to use the camera (see CAMERA).
• FOREGROUND_SERVICE (Run in Foreground):
  Needed to ensure that certain functions can run in the foreground, even when the app is minimized. For example, to receive notifications in the Android status bar and when entering new expenses from friends.
• INTERNET (Access Internet - Retrieve data/Access all networks):
  Required for synchronization purposes between multiple devices and the database on a database server.
• READ_APP_BADGE, UPDATE_BADGE, UPDATE_COUNT (Read and Update App Badge):
  Allows the app to read and set notification badges on the app icon.
• READ_EXTERNAL_STORAGE (Read Files):
  Once a PDF for vacation evaluation is requested, the previously saved PDF file is read from the external storage area to display it using a corresponding PDF viewer. From App version 3.3, the storage area is used to read photos of expenses, which are stored in it.
• WRITE_EXTERNAL_STORAGE (Write Files):
  Once a PDF for vacation evaluation is requested, this PDF file is written to the external storage area of the smartphone. The user is actively asked for the corresponding permission. From App version 3.3, the storage area is also used to secure expense photos.
• READ_MEDIA_IMAGES (Read Images and Photos):
  Allows the app to access images and photos in media files to add them to expenses (see CAMERA).
• RECEIVE (Receive Cloud to Device Messaging):
  Enables the Cashinator app to receive push notifications directed at it (facilitating real-time entry of new expenses).
• VIBRATE (Control Vibration):
  Allows the app to control the vibration feature of the device for nice haptic feedback (You can switch this off in the settings, if you wish).
• WAKE_LOCK (Prevent Sleeping):
  When displaying a barcode, prevents the device from dimming the screen.

Cashinator app authorizations for iOS

Under iOS, you are explicitly asked to agree to certain rights, so that you can decide when specific functionalities are called. The complete list of permissions corresponds to the list under the point "Permissions of the Cashinator app for Android".

Storing usage data of the App

The data you enter into the app is used exclusively for the purpose of synchronization between several devices on a server. This data cannot be linked to your identity. I have no way of assigning this data to your person and do not share this data with others.

Links to websites within the app

The Cashinator app contains a link to the Cashinator website whose privacy policy statement is given in this document.

Use of location data in the app

In the Cashinator app, you have the option to either manually enter the location for an expense on your journey or automatically assess the GPS signal of the device. It can be selected individually which information of the determined location should be taken over. Information such as city, country, postal code, street and specific longitudes and latitudes are available. The GPS signal and location information are read and stored on Cashinator servers only after giving explicite permission.

Sensitive GPS information stored on the servers will not be shared with third parties, nor used for further analysis or tracking purposes outside the personal app instance. By consistently avoiding registration and logins within the Cashinator app the location information stored on the servers cannot be assigned to your identity.

Location data is only accessible to those people who have access to the associated journey or group. All stored location data can be viewed at any time in the app at any time, and can be manually changed and deleted. A historization of changed data does not take place and is also not intended.

If activated, GPS sensor data is read at the exact moment when the user initiates the entry of a new expense or when he presses the button to capture the current location. Cashinator never reads location data in the background without the user's knowledge.

Regarding: Cashinator app and Cashinator website

Disclosure of data to third parties

Data logged when using the Cashinator app or when entering the Cashinator website will only be transmitted to third parties if this is required by law, determined by a court order or if disclosure is necessary in the event of attacks on the Internet infrastructure of the Cashinator app for legal or criminal prosecution. They are not passed on for other non-commercial or commercial purposes.

Google Analytics

Both the Cashinator app and the Cashinator website use Google Analytics. Google Analytics collects statistics about page views or app errors in order to continuously improve the app.

The information generated regarding the use of the Cashinator app is transmitted to a Google server in the USA with an anonymous IP address and stored there. The IP anonymization feature in Analytics sets the last octet for IPv4 IP addresses and the last 80 bits in memory for IPv6 addresses to zero. As a result, the exact IP address of the user is not stored.

Google will use this information to evaluate your use of the Cashinator app and the Cashinator website in order to compile corresponding reports for the operator (Daniel Mikus). Google may also transfer this information to third parties.

This usage data forms the basis for statistical, anonymous evaluations, so that trends can be identified that can be used to improve the offer accordingly.

Changes to the data protection declaration

In the course of the further development of the Cashinator app and the Cashinator website or new legal requirements, changes to this data protection declaration may become necessary. Daniel Mikus reserves the right to update these provisions at any time in compliance with the applicable data protection laws.

I will inform users within the app of any changes relevant to data protection.

Regarding: Cashinator website

Usage of cookies

Cookies are text files, usually consisting of letters and numbers, which are stored on your computer when you visit certain websites. In the course of the Google Analytics Plugin, the Cashinator website uses cookies in order to compile statistics on page accesses (see Google Analytics). The Cashinator website, on the other hand, does not generate own cookies. The operator Daniel Mikus does not have any possibilities to uniquely identify you.