Privacy Policy

Last updated: January 2025

1. Introduction

Smart Money Internet LLC ("we," "us," "our") operates an Android app development company specializing in native mobile applications. We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our Android app development services or visit our website.

2. Categories of Data Collected

2.1 Identification Data:

• Company name and business details
• Contact person name and title
• Account credentials (if applicable)

2.2 Contact Data:

• Business email address
• Phone number
• Business address

2.3 Project-Related Information Voluntarily Submitted:

• App project requirements and specifications
• Technical requirements and feature requests
• Design preferences and brand guidelines
• Budget and timeline preferences
• Google Play Console access credentials (for deployment services)
• API keys and third-party service credentials (Firebase, backend services)
• Analytics and tracking service access

2.4 Financial Data:

• Payment information (processed securely through third-party processors)
• Billing address
• Transaction records and invoices
• Project budget and payment milestones

2.5 Technical and Usage Data Collected Automatically:

• IP address, browser type, device information
• Website usage statistics and navigation patterns
• Project portal access logs and activity
• Communication records (emails, chat logs related to projects)

3. Purpose of Processing

We process personal data for the following specific, explicit, and legitimate purposes:

3.1 Responding to Inquiries:

• Processing project consultation requests
• Responding to contact form submissions and inquiries
• Providing information about our Android app development services
• Preparing project proposals and cost estimates

3.2 Providing Android App Development Services:

• Native Android app development (Kotlin/Java)
• UI/UX design and interface development
• Backend integration and API development
• Google Play Store deployment and ASO
• Testing, quality assurance, and bug fixing
• Performance optimization and code review
• Post-launch maintenance and updates

3.3 Client Onboarding and Project Management:

• Setting up client accounts and project portals
• Managing project timelines and milestones
• Providing technical consultation and strategy planning
• Communication and collaboration throughout development

3.4 Security and Fraud Prevention:

• Protecting against unauthorized access to client accounts
• Preventing fraudulent activities and payment fraud
• Maintaining system security and code repository integrity
• Securing API credentials and sensitive project data

3.5 Service Improvement Based on Non-Identifying Analytics:

• Analyzing aggregated project performance data
• Improving development methodologies and workflows
• Developing new service offerings and technologies
• Training and knowledge base development

4. Legal Bases for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process personal data based on the following legal grounds:

Processing Activity	Legal Basis
Service delivery and app development	Contractual Necessity: Processing is necessary to perform our contract with you
Service improvement and analytics	Legitimate Interests: We have a legitimate interest in improving our services
Financial record-keeping and tax compliance	Legal Obligation: Required to comply with tax and accounting laws
Marketing communications	Consent: You have provided explicit consent (withdrawable at any time)
Security and fraud prevention	Legitimate Interests: Protecting our business and clients from fraud

5. Data Sharing and Disclosure

We do not sell personal information. We do not share personal data for advertising purposes. We only share data with essential service providers as follows:

Essential Service Providers:

• Google LLC: Google Cloud Platform, Firebase, Google Play Console, Google Analytics
• Payment Processors: Stripe, PayPal for secure payment transactions
• Cloud Hosting: AWS, Google Cloud, or other providers for code repositories and data storage
• Email Services: For transactional emails and project communications
• Project Management Tools: Asana, Jira, Trello for project tracking and collaboration
• Version Control: GitHub, GitLab for source code management
• Testing Platforms: Firebase Test Lab, BrowserStack for device testing

All service providers are bound by data protection agreements and process data only on our instructions.

6. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. For data transfers outside the European Economic Area (EEA), we ensure adequate protection through:

• Standard Contractual Clauses (SCCs): Approved by the European Commission for transfers to third countries
• Adequacy Decisions: Where the destination country has been deemed adequate by the EU
• Additional Safeguards: Technical and organizational security measures including encryption

7. Data Retention Rules

We retain personal data only for the time necessary to fulfill the purposes described in this Policy or as required by applicable law:

• Active Client Projects: Data retained throughout project development and delivery
• After Project Completion: 90 days for warranty support, then archived or deleted
• Project Inquiries (Not Converted): 2 years or until inquiry is resolved/declined
• Financial Records: 7 years (for tax and accounting legal requirements)
• Source Code & Project Files: Retained per contract terms or until client requests deletion
• Communication Records: Duration of project plus 1 year for reference
• Anonymized Analytics: May be retained indefinitely as it cannot identify individuals

Upon request, we will delete your personal data unless retention is required by law or for legitimate legal purposes (such as dispute resolution).

8. Your Rights Under GDPR (EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Right to Restriction of Processing: Request that we limit how we use your data
• Right to Data Portability: Receive your data in a structured, commonly used format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
• Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, disclose, and sell
• Right to Deletion: Request deletion of your personal information
• Right to Correction: Request correction of inaccurate personal information
• Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

10. Data Security Statement

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption: TLS/SSL encryption for data in transit, AES-256 encryption for data at rest
• Access Controls: Strict role-based access and multi-factor authentication
• Code Security: Secure code repositories with access logging and version control
• Regular Security Audits: Independent security assessments and vulnerability testing
• Secure Development Practices: Following OWASP guidelines and security best practices
• Employee Training: Regular security awareness and data protection training
• Incident Response: Documented breach notification procedures

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your personal data using industry-standard security measures, we cannot guarantee absolute security.

11. Cookies and Tracking Technologies

For detailed information about cookies and how we use them, please refer to our comprehensive Cookie Policy.

12. Updates to This Privacy Policy

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. When we make material changes, we will:

• Post the updated policy on our website with a revised "Last Updated" date
• Notify you via email if you are an active client
• Obtain your consent if required by applicable law

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Contact Information