Privacy Policy

Last updated: April 2026

01 — Controller

Vamico GmbH
Kaasgrabengasse 62/1
1190 Wien, Austria
support@rendita.app

02 — What data we collect

Rendita is designed to collect as little data as possible.

Local mode (free): All data you enter – activities, time periods, and amounts – is stored exclusively on your device. We have no access to this data.

Cloud sync (optional, paid): If you enable cloud sync, we store:

• An opaque account identifier derived from your Apple or Google sign-in. This is the provider's internal subject ID, not your email address. We do not store your email, name, or profile picture, even though the provider may share them with us during the sign-in handshake.
• A Support ID – a short random code unique to your account that you can give us if you ever need to contact us for account recovery or deletion without having access to the app.
• A display name (nickname), if you choose to provide one. This field is voluntary and does not need to reflect your real name. It is visible to other members of shared activities.
• Your activities, time periods, and balance entries.
• Activity membership information, including your role (owner, member, contributor, or viewer) in shared activities.
• Invitation tokens – short-lived codes (24 hours, single-use) you generate when sharing an activity. They contain no personal data.
• Subscription status (active / inactive / in grace period). This comes from Apple or Google's billing system via our subscription processor and is not linked to what you track in the app.

We do not store passwords, payment card numbers, email addresses, real names, or personal documents. Authentication is handled entirely by Apple or Google.

A note on free-text fields: Activity names, time-entry notes, and balance-entry notes are stored as you write them. If you enter personal information about yourself or others (real names, contact details, addresses) in these fields, that information is stored with your account. We recommend using generic labels such as “Client A” or “Project 2026” instead of real names wherever possible.

03 — Authentication

We use Sign in with Apple and Sign in with Google for authentication. We receive only an opaque provider-specific subject identifier and, during the OAuth handshake, your email and name – neither of which we persist. Our database stores only the opaque subject identifier. We never receive your password. If our database were leaked in isolation, it would contain no email or real name that could identify you.

04 — Biometric authentication

With your permission, the app can use biometric authentication (Face ID, Touch ID, fingerprint) to unlock access to your data on this device. Biometric data is processed entirely by your device's operating system. Rendita receives only a yes/no result and never sees, stores, or transmits any biometric information.

You can enable or disable this feature at any time in Profile → Preferences.

05 — Camera

Rendita requests access to your device's camera so you can scan invitation QR codes to join shared activities. The camera is used only while the scanning screen is open. We do not take photos, record video, or transmit any image data – the scanner only reads the text of the QR code.

You can deny or revoke camera access in your device settings; the rest of the app will continue to work – you'll simply have to enter invitation codes manually instead of scanning.

06 — Legal basis

Processing is based on the performance of a contract (Art. 6(1)(b) GDPR) for cloud sync features, and on our legitimate interests (Art. 6(1)(f) GDPR) for app stability and error logging.

Display names provided voluntarily are processed based on your consent (Art. 6(1)(a) GDPR) and can be removed at any time.

07 — Data storage & location

Cloud data is stored on servers within the European Union (Microsoft Azure, EU region). Where processors are located outside the EU/EEA – specifically RevenueCat and Sentry – data transfers are governed by Standard Contractual Clauses (SCCs) as described in Section 07.

08 — Third-party processors

• Microsoft Azure (EU region) – cloud infrastructure and data storage
• Apple Inc. – authentication via Sign in with Apple
• Google LLC – authentication via Sign in with Google
• RevenueCat, Inc. (USA) – subscription and in-app purchase management. RevenueCat receives an anonymous user identifier, device information (OS, app version, country), and subscription events (purchase, renewal, cancellation, refund). RevenueCat does not receive your email, name, or any data you track in Rendita (activities, time entries, balances). Data transfer to the USA is governed by Standard Contractual Clauses (SCCs) in accordance with GDPR requirements. RevenueCat Privacy Policy
• Sentry (Functional Software, Inc., USA; EU data region) – automated error and crash reporting. When the app encounters an error, Sentry receives the error message, stack trace, device model, OS version, app version, language, and a randomly generated session identifier. Sentry does not receive your email, name, account identifier, or any data you track in Rendita (activities, time entries, balances). Crash data is hosted in Sentry's EU data region (Frankfurt). Data transfer to the USA is governed by Standard Contractual Clauses (SCCs) in accordance with GDPR requirements. We use crash reports solely to diagnose and fix bugs. Sentry Privacy Policy

Each processor is bound by a data processing agreement and handles data according to GDPR requirements.

09 — Retention

We retain your cloud data for as long as your account is active. You can delete your account and all associated data at any time from within the app (Account → Delete account) or by contacting us at support@rendita.app.

Inactive accounts and all associated cloud data are automatically deleted after 12 months of inactivity.

When you delete your account, the following is permanently removed from our servers within 30 days (we apply a 30-day grace period so an accidental or unauthorized deletion request can be cancelled from within the app):

• Your profile (account identifier, Support ID, display name, role memberships)
• All activities, time periods, and balance entries you own
• Your membership records in shared activities
• Any pending invitation tokens you created

You will have the opportunity to export your data before deletion. Entries you created in shared activities owned by others are transferred to the respective activity owner rather than deleted, preserving the integrity of shared records. You will be informed of this transfer before confirming deletion.

When you leave a shared activity, entries you created in that activity are transferred to the activity owner to preserve data consistency. You will be informed before this transfer takes place.

Data retained after account deletion:

• Subscription records held by RevenueCat may be retained for the lifetime of any active subscription and for legal retention periods required by Apple or Google. These records contain only anonymous identifiers and subscription events; they do not contain any data from your Rendita activities. If you would like these records deleted as well, email support@rendita.app.
• Crash reports held by Sentry are automatically deleted after 90 days. These contain only anonymous technical data (stack traces, device model, OS version) and no personal information from your account.
• Payment records required by Austrian tax law are retained for 10 years. These contain only the minimum information required by law (transaction amount, date, tax data) and are not linked to your app activity after deletion.

Local data stored on your device is deleted when you uninstall the app or use "Delete account" from within the app.

10 — Account & data deletion

You can delete your account and all associated cloud data at any time using one of the following methods:

• In the app: Open Rendita → Account → Delete account. You will be prompted to export your data first and informed of any entries that will be transferred to activity owners before confirmation.
• By email (using your Support ID): Because we do not store your email address, we cannot identify you from the sender address. Instead, open the app → Account → About → Support ID (tap to reveal), then send a request to support@rendita.app with the subject line "Rendita Account Deletion Request" and include your Support ID in the message. We will mark your account for deletion and complete it after the 30-day grace period. During that period the app shows a banner letting you cancel the request.

See Section 09 for details on what is deleted and what is retained for legal reasons.

11 — Your rights

Under GDPR you have the right to access, rectify, erase, restrict, and port your data, as well as the right to object to processing. To exercise any of these rights, contact us at support@rendita.app.

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde): www.dsb.gv.at.

12 — Contact

For any privacy-related questions, contact us at support@rendita.app.