Privacy Policy
Last updated: [DATE] · Draft pending legal review
This Privacy Policy explains how migj ("we", "us", "migj.com") collects, uses and protects your personal data when you use our website and application (the "Service"), in accordance with the EU General Data Protection Regulation (GDPR) and applicable Italian law (D.Lgs. 196/2003 as amended).
1. Data controller
[Legal entity name], [registered address], VAT/Tax ID [P.IVA/CF]. For any privacy-related request, contact privacy@migj.com.
2. What data we collect
2.1 Account data
- Name and email address
- Password (stored as a salted hash — we never store or see your plain-text password)
- Family/household membership and role (Owner, Member, Viewer)
2.2 Financial data you enter
- Transactions, categories, budgets, accounts and savings goals that you or members of your family group create
- Bank statement files you choose to import (CSV/XLSX). We never ask for or store your online banking credentials — you export a file from your bank and upload it to migj.
- Receipt attachments, if you use this feature (Premium/Family plans)
2.3 Technical data
- Login sessions and authentication tokens (a strictly-necessary, httpOnly cookie is used to keep you signed in)
- Basic server logs (IP address, timestamps, request type) for security and abuse prevention
migj does not currently use advertising or third-party tracking cookies. If this changes (e.g. analytics), we will update this policy and request consent where required.
3. Why we process your data and legal basis
- Provide the Service (account, budgets, transactions, family sharing) — necessary to perform our contract with you (Art. 6(1)(b) GDPR)
- Transactional emails (welcome, password reset, family invitations) — contract performance / legitimate interest (Art. 6(1)(b)/(f))
- Payments for Premium/Family plans, processed by Stripe — contract performance (Art. 6(1)(b))
- Security and fraud prevention — legitimate interest (Art. 6(1)(f))
- Legal obligations (e.g. accounting/invoicing records) — Art. 6(1)(c)
4. Who we share data with
We use the following processors, bound by data processing agreements, to operate the Service:
- Hosting / infrastructure — Render.com (application servers and database)
- Email delivery — Resend (transactional emails only)
- File storage — Cloudflare R2 (receipt attachments, Premium/Family)
- Payments — Stripe (subscription billing; migj never stores card details)
- Error monitoring — Sentry, if/when enabled, with personal data minimised
Other members of your family group can see financial data you add to shared budgets, according to the privacy/role settings of your plan. We do not sell your data to third parties or use it for advertising.
5. International transfers
Our processors may store or process data outside the European Economic Area. Where this occurs, we rely on appropriate safeguards (e.g. EU Standard Contractual Clauses) as required by GDPR Chapter V. [To confirm: server region / data residency once hosting is finalised].
6. How long we keep your data
- While your account is active, your data is retained to provide the Service.
- If you delete a transaction, account record, or your user account, it is first soft-deleted and then permanently erased after 30 days.
- Basic invoicing records may be kept longer where required by tax law.
7. Your rights
Under GDPR you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data (via your Profile, or by contacting us)
- Erase your account and associated data ("right to be forgotten")
- Export your data in a portable format ("data portability")
- Restrict or object to certain processing
- Lodge a complaint with your national Data Protection Authority (in Italy, the Garante per la Protezione dei Dati Personali)
You can request data export or account deletion directly from Profile → Privacy and data in the app, or by emailing privacy@migj.com. We will respond within 30 days.
8. Security
We apply technical and organisational measures appropriate to the risk, including: password hashing (bcrypt, cost factor 12), encrypted connections (TLS), short-lived signed access tokens with httpOnly refresh cookies, role-based access control, and strict data isolation between family groups.
9. Children
migj is not directed at children under 16. If you believe a child has provided us with personal data without appropriate consent, please contact us so we can remove it.
10. Changes to this policy
We may update this policy from time to time. Material changes will be notified via email or an in-app notice. The "last updated" date above reflects the latest revision.
11. Contact
Questions about this policy or your data: privacy@migj.com. General support: hello@migj.com.