Personal Finance Dashboard

GDPR Compliance

Last Updated: July 11, 2025

Introduction

This GDPR Compliance statement explains how the Personal Finance Dashboard (the "Application") complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA). As this is a personal project, this document provides a simplified overview of GDPR compliance measures.

Data Controller

For the purposes of the GDPR, the developer of this Application acts as the data controller for any personal data collected through the Application.

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent - You have given consent for us to process your personal data for specific purposes.
  • Contract - Processing is necessary for the performance of a contract with you.
  • Legitimate Interests - Processing is necessary for our legitimate interests, such as improving the Application and ensuring its security.

Your GDPR Rights

Under the GDPR, you have the following rights:

  • Right to Access - You have the right to request copies of your personal data.
  • Right to Rectification - You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure - You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Object to Processing - You have the right to object to our processing of your personal data, under certain conditions.
  • Right to Data Portability - You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

How to Exercise Your Rights

You can exercise your GDPR rights by contacting us at ahmadmustaffa8@gmail.com. We will respond to all requests within 30 days.

Data Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this GDPR Compliance statement. We will retain and use your personal data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

  • Password hashing using bcrypt
  • Secure HTTPS connections
  • Access controls to the database

As this is a personal project, the security measures may not be as robust as those implemented by commercial applications.

International Data Transfers

As this is a personal project, your data is stored locally and is not transferred internationally. If this changes in the future, we will update this statement and ensure appropriate safeguards are in place.

Changes to This GDPR Compliance Statement

We may update this GDPR Compliance statement from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons.

Contact Us

If you have any questions about this GDPR Compliance statement or our data practices, please contact us at ahmadmustaffa8@gmail.com.