Legal

Terms of Service (ToS)

Last Updated: 11. November 2025

Please read these Terms of Service ("ToS") carefully before using the MonAi mobile application ("App") provided by Florian Vates (referred to as "Developer"). By using the App, you agree to be bound by these ToS.

Use and Restrictions

• The App is intended for personal use only and should not be used for any illegal activities.
• Users are responsible for the accuracy and legality of the data entered into the App.
• Users must comply with all applicable laws and regulations while using the App.

Data Storage Options

The App offers different data storage options depending on your platform and preferences:

• iOS: You may choose to store your data using Apple's iCloud or create a MonAi Account for more reliable and cross-platform data synchronization.
• Android: You may store data locally on your device or create a MonAi Account for cloud-based storage, sharing and synchronization.
• MonAi Account: When you create a MonAi Account, your data is stored securely using Appwrite's cloud infrastructure, which is GDPR compliant and uses industry-standard encryption.

Subscription-Based Services

The App offers subscription-based services with different tiers:

• Free Tier: Includes limited functionality, such as a maximum of 20 transactions per month and 1 private + 1 shared list. The transaction history is limited to the current month.
• Basic Tier: Provides unlimited transactions and lists, as well as the ability to share lists and create multiple lists.
• Family Tier: Enables family sharing for the subscription, allowing family members to use the App for free if they have a shared family iCloud account.

Pricing and Renewal

• The subscription-based services are auto-renewable and can be billed monthly or yearly, with the yearly subscription offering a discounted price compared to the monthly subscription.
• Users can cancel their subscription at any time, and the service will continue until the end of the current billing period.
• If a user upgrades to a higher tier during an active subscription, they will be reimbursed for the lower tier and only need to pay the difference for the higher tier.
• Downgrading to a lower tier will take effect after the current billing period for the higher tier ends.

App Store Terms

The App is subject to the standard terms and conditions set forth by the respective app stores:

• For iOS users: Apple App Store Terms and Conditions
• For Android users: Google Play Store Terms of Service

By using the App, you acknowledge that you have read, understood, and agreed to these ToS.

If you have any questions or concerns regarding these ToS, please contact us at monai@florianvates.com.

Privacy Policy

Last Updated: 29. April 2026

This Privacy Policy ("Policy") explains how Florian Vates (referred to as "Developer") collects, uses, and protects the personal information of users ("User" or "you") of the MonAi mobile application ("App").

Types of Personal Information Collected

The App offers multiple data storage options, and the personal information collected depends on your chosen storage method:

For iOS Users with iCloud

The App utilizes Apple's CloudKit framework to store and retrieve your transactions, lists, categories, and related financial data. Your financial data is stored exclusively in your personal iCloud account and is not stored on any server accessible by the Developer. A limited amount of non-financial information (App Analytics and Onboarding Analytics, described below) is transmitted to the Developer's analytics providers in order to operate and improve the App.

For Android Users (Local Storage)

When using local storage on Android, your transactions, lists, and related financial data are stored exclusively on your device and are not transmitted to any external servers or accessible by the Developer. App Analytics and Onboarding Analytics, described below, are still collected to operate and improve the App.

For MonAi Account Users (iOS and Android)

When you create a MonAi Account, the following personal information is collected and stored:

• Account Information: Email address, name (if provided), and authentication credentials
• Transaction Data: Date, description, amount, and category of your financial transactions
• List Data: Your transaction lists, including shared lists and their associated data
• Device Information: IP address, device type, and operating system for security and authentication purposes

MonAi Account data is stored using Appwrite, a GDPR-compliant cloud platform. Appwrite stores data in secure European data centers (Frankfurt region) and implements industry-standard encryption for data at rest (AES encryption) and data in transit (TLS/SSL).

Voice Input Processing

The App uses Apple's "Speech" SDK to transcribe user audio input. The transcription happens locally in most cases but could, under some circumstances, also be sent to Apple's servers for further improvement. The transcribed text is sent to a simple backend hosted on AWS, which only acts as a router to hide API keys and further implementation details. No data is stored during this process. The data is then forwarded to the OpenAI API for interpretation and processing. OpenAI does not store the data for more than 30 days and will not train its models with user data. You can read more about how OpenAI uses the data in their OpenAI API data usage policies.

App Analytics

The App collects anonymous usage analytics to help the Developer understand how the App is used, identify crashes and performance issues, and prioritise improvements. Analytics events do not include the contents of your transactions, descriptions, amounts, or category names. The information collected includes a hashed, daily-rotating anonymous identifier, the App version, the iOS or Android version, the device model, the screen the user is on, broad feature-usage signals (such as whether iCloud sync is enabled, the number of lists, whether the widget is installed, and whether income tracking is enabled), and aggregate counters (such as session start and end). This information is processed by TelemetryDeck, a privacy-focused analytics provider based in the European Union, and is not linked to your name, email, MonAi Account, or financial data. TelemetryDeck stores data in European data centers and does not collect IP addresses. TelemetryDeck's privacy policy is available at https://telemetrydeck.com/privacy/.

Onboarding Analytics

During the App's first-run onboarding flow, the App records anonymous information about how new users navigate the introduction so the Developer can understand which onboarding variants perform best and where users drop off. This data is not linked to your name, email, or MonAi Account. The information collected includes a randomly generated device identifier (a UUID stored in the iCloud Keychain), the onboarding flow version, your selections on multiple-choice questions (such as your stated financial goal, spending categories of interest, and preferred tracking method), the steps you visited and how long you spent on each, the variant of the flow you saw, the App version, and your device locale. No financial data, contacts, or contents of your transactions are part of this record. Onboarding analytics are stored using Appwrite in European data centers (Frankfurt region), encrypted at rest (AES) and in transit (TLS/SSL), and retained for up to 24 months from the date of last activity, after which they are deleted or further aggregated.

Use of Personal Information

The personal information collected is used for the following purposes:

• To provide and maintain the App's core functionality, including displaying your transaction history and managing your financial data
• To authenticate and secure your MonAi Account (if you create one)
• To enable data synchronization across your devices when using a MonAi Account
• To improve the automatic categorization feature based on user corrections (corrections are sent to the backend as part of the request but are not stored separately)
• To analyse anonymous usage and onboarding performance and to improve the App's first-run experience and overall stability
• To provide customer support and respond to your inquiries

Your transactions, lists, categories, and other financial data are not shared with any third parties and are only used to provide the services you requested when using the App or creating a MonAi Account. Anonymous App Analytics and Onboarding Analytics are processed by the third-party providers identified in this Policy (see "Third-Party Services and APIs" below). The MonAi website uses Meta Pixel for advertising measurement — see our Cookie & Tracking Policy for details.

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:

• Contract Performance: Processing is necessary to provide the services you requested when using the App or creating a MonAi Account
• Legitimate Interest: We process data to improve our services, analyse anonymous app usage and onboarding performance, ensure security, and prevent fraud
• Consent: For certain optional features or communications, we obtain your explicit consent
• Legal Obligation: We may process data to comply with applicable legal requirements

Third-Party Services and APIs

The App utilizes the following third-party services:

Appwrite (for MonAi Account users)

Appwrite is used as the backend infrastructure for MonAi Accounts. Appwrite is GDPR, CCPA, HIPAA, and SOC 2 Type 2 compliant. Key security features include:

• Data encryption at rest using AES encryption
• Data encryption in transit using TLS/SSL
• Regular security audits and penetration testing
• Data storage in European data centers (Frankfurt region)
• Regular key rotation schedules

Appwrite's privacy policy and data processing practices can be reviewed at https://appwrite.io/privacy. Privacy inquiries can be directed to privacy@appwrite.io.

OpenAI API (for transaction processing)

A backend server is employed to abstract the prompts from the user and hide the OpenAI API key. The server facilitates the processing of user input via the OpenAI API. The OpenAI API does not store data for more than 30 days and will not train models with user data, according to their OpenAI API data usage policies.

AWS (Amazon Web Services)

The backend routing server is hosted on AWS but does not store any user data. AWS privacy policies can be reviewed at https://aws.amazon.com/privacy/.

TelemetryDeck (anonymous app analytics)

TelemetryDeck is used to collect anonymous usage analytics from the App, as described under "App Analytics" above. TelemetryDeck is operated from the European Union, stores data in European data centers, does not collect IP addresses, and uses a daily-rotating salted hash so identifiers cannot be correlated across days. TelemetryDeck's privacy policy is available at https://telemetrydeck.com/privacy/.

Meta Pixel (Website Only)

The MonAi website (get-monai.app) uses Meta Pixel for advertising measurement purposes. When active (with your consent, or for visitors arriving via advertising campaigns), Meta Pixel collects page view and interaction data, including your IP address and device information. This data is transmitted to Meta Platforms, Inc. For details, see our Cookie & Tracking Policy and Meta's Privacy Policy.

Data Security

We implement multiple layers of security to protect your personal information:

• All communication between the App, backend services, and third-party APIs is encrypted using HTTPS/TLS/SSL
• For iCloud users: Personal information is stored and protected by Apple's CloudKit, which follows industry-leading security measures
• For MonAi Account users: Data is encrypted at rest using AES encryption and in transit using TLS/SSL. Appwrite implements regular security audits, penetration testing, and abuse protection mechanisms against DoS and brute-force attacks
• For Android local storage: Data is stored exclusively on your device using Android's secure storage mechanisms
• For App Analytics: Data is processed by TelemetryDeck (EU-based), encrypted in transit using TLS/SSL, with identifiers hashed using a daily-rotating salt
• For Onboarding Analytics: Data is stored by Appwrite in European data centers, encrypted at rest using AES encryption and in transit using TLS/SSL
• Authentication credentials are securely managed and regularly rotated

Data Retention

Personal information is retained as follows:

• iCloud and Local Storage: Data is retained until you manually delete it from the App or your account
• MonAi Account: Data is retained until you request deletion. We may retain certain data longer when required by legal, regulatory, tax, or accounting requirements, or for dispute resolution purposes
• Voice transcriptions and OpenAI processing: No data is retained; OpenAI may keep data for up to 30 days for abuse monitoring but does not use it for model training
• App Analytics: Anonymous events are retained by TelemetryDeck for up to 24 months and then deleted or further aggregated
• Onboarding Analytics: Anonymous onboarding records are retained for up to 24 months from the date of last activity and then deleted or further aggregated

User Rights and Options

You have the following rights regarding your personal data:

For all users

• Right to access your personal information
• Right to correct inaccurate data
• Right to delete your data
• Right to export your data

For iCloud users

You can delete all your data stored in CloudKit by manually deleting all content within the App or by contacting us directly. To request deletion of App Analytics or Onboarding Analytics records associated with your device, please contact us at monai@florianvates.com.

For MonAi Account users

Under GDPR, you have additional rights including:

• Right to access all personal data we hold about you
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to data portability (receive your data in a structured, commonly used format)
• Right to restrict processing
• Right to object to processing
• Right to lodge a complaint with your local data protection authority

To exercise these rights for your MonAi Account, please contact us at monai@florianvates.com

International Data Transfers

For MonAi Account users, your data is stored in European data centers (Frankfurt region). When data is transferred outside the EEA, Appwrite uses Standard Contractual Clauses and Adequacy Decisions approved by the European Commission to ensure appropriate safeguards are in place.

Children's Privacy

The App is not intended for use by children under the age of 13 (or the minimum age required in your country). We do not knowingly collect personal information from children.

Privacy Policy Updates

This Privacy Policy applies only to the use of the App and does not cover any other websites, services, or applications that may be linked or integrated within the App. We may update this Privacy Policy from time to time and will notify users of any material changes.

If you have any questions or concerns regarding this Policy, please contact us at monai@florianvates.com.

Jurisdiction and Governing Law

These terms and conditions, and any disputes or claims arising out of or in connection with the use of MonAi ("App"), shall be governed by and construed in accordance with the laws of Germany.

Any legal disputes or claims arising from the use of the App shall be subject to the exclusive jurisdiction of the courts of Germany. By using the App, you hereby consent to the jurisdiction of the German courts for any such disputes.

In the event of a legal dispute, the parties involved agree to first attempt to resolve the matter through good-faith negotiations. If an amicable resolution cannot be reached, the dispute shall be submitted to the competent court in Germany.

The choice of German law as the governing law for this App is made in consideration of the strong legal framework, data protection laws, and consumer rights regulations provided by the German legal system.

Please note that this is a general formulation of the jurisdiction and governing law section based on your preference for German law. It is advisable to consult with a legal professional specializing in German law to ensure compliance with all relevant regulations and to address any specific considerations related to your app and its operations within the German jurisdiction.

Cookie & Tracking Policy

Last Updated: 16. February 2026

This policy explains how the MonAi website (get-monai.app) uses cookies and similar technologies.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. We also use localStorage, a similar browser storage mechanism.

Cookies & Storage We Use

Strictly Necessary (No Consent Required)

• monai-lang (localStorage) — Stores your language preference (English or Spanish). Persists until you clear browser data.
• monai-cookie-consent (localStorage) — Stores your cookie consent choice. Expires after 1 year.
• monai-cookie-consent-date (localStorage) — Stores when you gave or denied consent. Used for expiry calculation.

Marketing (Requires Consent)

• Meta Pixel (Facebook) — We use Meta Pixel to measure the effectiveness of our advertising campaigns. When active, it tracks page views and download button clicks. Meta Pixel sets its own cookies and transmits data (including your IP address) to Meta Platforms, Inc. (USA). This tracking is only activated after you give consent, or if you arrived via one of our advertising campaigns (US/LATAM traffic where opt-in consent is not legally required). Meta's privacy policy: https://www.facebook.com/privacy/policy/

Session Storage

• monai_campaign (sessionStorage) — Stores the current advertising campaign identifier for the duration of your browser session. Automatically cleared when you close the browser.

How to Manage Your Preferences

You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of our homepage. You can also clear all stored data by clearing your browser's local storage.

Third-Party Information

Meta Pixel is the only third-party tracking technology used on this website. All other resources (fonts, scripts) are self-hosted and do not transfer data to third parties.

Contact

If you have questions about our use of cookies, please contact us at monai@florianvates.com.

End User License Agreement (EULA)

Last Updated: 11. November 2025

This End User License Agreement ("Agreement") is a legal agreement between you (referred to as "User" or "you") and Florian Vates (referred to as "Developer") governing the use of the MonAi mobile application ("App").

Permitted Use

By installing, accessing, or using the App, you agree to the following terms and conditions. The App is provided solely for personal, non-commercial use. You agree not to use the App for any illegal activities or in violation of any applicable laws or regulations.

Account Responsibilities

If you create a MonAi Account, you are responsible for:

• Maintaining the confidentiality of your account credentials and password
• All activities that occur under your account
• Notifying us immediately of any unauthorized access or security breach
• Providing accurate and current account information
• Complying with all applicable laws and these terms while using your account

You must not share your account credentials with others or allow others to access your account. We reserve the right to suspend or terminate accounts that violate these terms or are used for unauthorized purposes.

Limitation of Liability

To the maximum extent permitted by law, the Developer shall not be liable for any direct, indirect, incidental, consequential, or punitive damages arising out of or relating to the use or inability to use the App. The Developer does not guarantee the accuracy, completeness, or reliability of the information provided by the App.

The Developer is not responsible for any service interruptions, data loss, or security breaches caused by third-party service providers (including but not limited to Appwrite, Apple iCloud, OpenAI, or AWS). While we select reputable service providers, their services are subject to their own terms and conditions.

Intellectual Property

The App, including all its content, features, and functionality, is owned by the Developer and is protected by intellectual property laws. You acknowledge that you have no ownership or intellectual property rights in the App.

Dispute Resolution

Any dispute, claim, or controversy arising out of or relating to this Agreement or the use of the App shall be resolved through negotiation and, if required, through binding arbitration conducted by a mutually agreed-upon arbitrator.

Miscellaneous

This Agreement constitutes the entire agreement between you and the Developer regarding the use of the App. If any provision of this Agreement is found to be invalid or unenforceable, it shall not affect the validity or enforceability of the remaining provisions. The failure of the Developer to exercise any right or enforce any provision of this Agreement shall not constitute a waiver of such right or provision.

By installing, accessing, or using the App, you acknowledge that you have read, understood, and agreed to be bound by this EULA.

If you have any questions or concerns regarding this Agreement, please contact us at monai@florianvates.com.