Hamoney (hereinafter "the App") processes personal information for the following purposes:
The App collects the following personal information:
| Category | Items Collected | Collection Method |
|---|---|---|
| Identity Information | Email, nickname | Social login (Kakao/Google/Apple) + registration input |
| Profile | Profile picture | Upload from gallery/camera → stored in AWS S3 |
| Authentication Information | OAuth tokens (access/refresh) | Auto-generated during social login |
| Account Book Data | Expense amount, date, description, memo, category, payment method, receipt image | User direct input + receipt photo capture |
| Budget Data | Category-specific budget amounts | User direct input |
| Account Book Information | Account book name, profile image, currency, start date, member list, invitation code | User direct input/settings |
| Device Information | Device model, OS name, OS version, app version | Auto-collected via device_info_plus/package_info_plus |
| Social Login Information | Social provider key, email, registration timestamp | Auto-collected during social login |
Personal information is retained and used for the following periods:
| Item | Retention Period | Basis |
|---|---|---|
| Member information (email, nickname, profile) | Service usage period + 30 days after account deletion | Dispute resolution, legal obligations |
| Account book data (expenses, budget) | Service usage period + 30 days after account deletion | Data recovery possibility upon user request |
| OAuth tokens | Service usage period | Authentication maintenance |
| Error logs (SigNoz) | Maximum 30 days | Performance monitoring |
| S3 stored images | Service usage period + 30 days after account deletion | Data recovery possibility |
After the retention period expires, personal information is destroyed without delay. However, if retention is required by law, the information is retained for the applicable period.
The App does not provide personal information to third parties except in the following cases:
| Service | Purpose | Data Shared |
|---|---|---|
| Kakao SDK | Social login | Email, authentication token |
| Google OAuth | Social login | Email, authentication token |
| Apple Sign In | Social login | Email, identity token |
| Google Gemini API | Receipt OCR/parsing | Receipt image (may include store name, amount, etc.) |
| AWS S3 (ap-northeast-2) | Image storage | Profile picture, receipt image, account book icon |
| SigNoz | Error tracking/monitoring | User ID, email, nickname, device model, OS, app version, error information |
| Firebase Core | App basic infrastructure | Minimal initialization data (no analytics/crash reporting) |
Personal information is not provided to third parties for purposes other than those listed above without explicit user consent.
The App entrusts personal information processing to the following vendors for service provision:
| Processor | Entrusted Task | Entrusted Information |
|---|---|---|
| Amazon Web Services (AWS) | Image storage and management | Profile picture, receipt image, account book icon |
| Google Cloud (Gemini API) | Receipt OCR processing | Receipt image |
| SigNoz | Error log collection and analysis | User ID, email, nickname, device information, error information |
Processors manage personal information securely in accordance with the Personal Information Protection Act and do not use personal information for purposes other than those entrusted.
Users may exercise the following rights:
To exercise the above rights, please contact the following:
Data Protection Officer: Sang-Min Seo
Email: belloo.planet@gmail.com
When making a request, you must submit identification documents or other proof of identity.
Users must provide accurate personal information and immediately notify us of any changes. Users are responsible for any damages resulting from providing false information.
The App implements the following measures to ensure the safety of personal information:
Profile information (email, nickname) is stored locally in SharedPreferences on the app, which relies on device encryption. Security may be compromised if the device is rooted or jailbroken.
If you have any inquiries regarding personal information protection, please contact the following Data Protection Officer:
Name: Sang-Min Seo
Email: belloo.planet@gmail.com
The Data Protection Officer will promptly address complaints related to personal information processing.
If you suffer damages due to personal information infringement, you may file a complaint with the following organizations:
This Privacy Policy is effective as of February 17, 2026.
If this Privacy Policy is modified, changes will be announced through the app's notice section.
The App transfers personal information overseas as follows:
| Service | Transfer Country | Information Transferred | Legal Basis |
|---|---|---|---|
| Google Gemini API | United States | Receipt image | User consent |
| AWS S3 | South Korea (ap-northeast-2) | Profile picture, receipt image, account book icon | User consent |
| Google OAuth / Apple Sign In | United States | Email, authentication token | User consent |
When transferring personal information overseas, the information is protected in accordance with the personal information protection laws of the respective countries.
Personal information is destroyed as follows upon expiration of the retention period or upon user request:
During the 30-day retention period after account deletion, users cannot cancel the deletion. Additionally, data included in shared account books is not immediately deleted unless requested by other members.