Privacy Policy
Last Updated: January 2025
At trunavexilo, we respect your privacy. This policy explains how we collect, use, and protect your personal information when you use our expense categorization services. We're based in Ireland, so we follow GDPR requirements and Irish data protection laws.
We know privacy policies can feel overwhelming. We've tried to keep things straightforward and explain what actually happens with your data — not just what we're legally required to say.
Quick Contact: If you have questions about your data, reach us at contact@trunavexilo.com or call +353 91 399 599. Our office is at Ballycannon, Croagh, Co. Limerick, V94 X0KF, Ireland.
Information We Collect
We collect different types of information depending on how you interact with our expense categorization platform. Here's what we gather and why we need it.
Account Information
When you create an account with us, we ask for basic details so we can set up your profile and communicate with you:
- Your full name and email address
- Company name and business details if you're setting up a business account
- Phone number (optional, but helpful if we need to reach you quickly)
- Password — which we encrypt and never store in plain text
Financial Transaction Data
Since trunavexilo helps you categorize expenses, we need access to your transaction information. This includes transaction amounts, dates, merchant names, and descriptions. We don't see your full bank account numbers or card details — only the data necessary to categorize your spending.
If you connect your bank account through our platform, we use secure third-party services that comply with PSD2 regulations. We never store your banking login credentials.
Usage Information
We track how you use our platform to improve your experience and fix issues:
- Pages you visit and features you use most often
- Time spent on different sections
- Device type, browser, and operating system
- IP address and general location (usually just city-level)
About Cookies: We use cookies to keep you logged in and remember your preferences. Some cookies help us understand how people use the site. You can disable cookies in your browser, but some features might not work properly without them.
How We Use Your Information
We're not in the business of selling data. Everything we collect serves a specific purpose for running our expense categorization service.
Service Delivery
We use your transaction data to automatically categorize expenses, generate reports, and provide insights about your spending patterns. This is literally what you signed up for.
Account Management
Your contact details let us send important updates, respond to support requests, and notify you about changes to your account or our services.
Product Improvement
Usage data helps us figure out what works well and what doesn't. If everyone's struggling with a particular feature, we need to know about it.
Security & Fraud Prevention
We monitor for unusual activity that might indicate unauthorized access or security threats to protect both you and other users.
We process your data under several legal bases recognized by GDPR: performance of our contract with you, legitimate business interests, legal obligations, and your explicit consent where required.
Data Sharing & Third Parties
We don't sell your personal information to anyone. Period. But we do work with other companies to provide our services, and they might see some of your data.
Service Providers We Work With
These companies help us run trunavexilo and are contractually obligated to protect your data:
- Cloud hosting providers — store our databases and application infrastructure
- Banking data aggregators — connect to your bank securely (if you use this feature)
- Email service providers — send account notifications and support responses
- Payment processors — handle billing for premium features
- Analytics tools — help us understand platform usage
All these partners must meet GDPR standards and protect your information as carefully as we do.
We'll never share your financial transaction data with marketing companies, advertisers, or data brokers. Your spending habits are nobody's business but yours.
When We Must Share Information
Sometimes the law requires us to disclose information:
- If we receive a valid legal request from Irish or EU authorities
- To protect against fraud or security threats
- To enforce our terms of service in serious cases
- During a business transfer (like if we're acquired — though we'd notify you first)
Your Rights Under GDPR
As someone whose data we process, you have specific rights under EU law. Here's what you can do and how to do it.
Access Your Data
Request a copy of all personal information we hold about you. We'll provide it in a readable format within 30 days.
Correct Inaccuracies
Update or fix incorrect information in your account. Most of this you can do yourself in account settings.
Delete Your Data
Request complete deletion of your account and associated data. Some financial records we're required to keep for tax purposes.
Restrict Processing
Ask us to temporarily stop using your data while we resolve a concern you've raised about accuracy or processing.
Data Portability
Get your transaction data in a format you can transfer to another service. We export to CSV and JSON formats.
Withdraw Consent
If we're processing data based on your consent, you can withdraw that permission at any time.
How to Exercise These Rights: Email us at contact@trunavexilo.com with your request. We'll verify your identity (to protect your account) and respond within one month. There's no fee unless your request is excessive or unfounded.
If you're not satisfied with how we handle your request, you can complain to the Data Protection Commission in Ireland.
Data Security Measures
Protecting your financial information is something we take seriously. Here's what we do to keep your data secure.
Technical Safeguards
- All data transmitted between your device and our servers uses TLS encryption
- Passwords are hashed using industry-standard algorithms — we can't see your actual password
- Our databases are encrypted at rest and backed up regularly
- We use firewalls and intrusion detection systems to monitor for threats
- Access to production systems requires multi-factor authentication
Organizational Safeguards
- Only employees who need access to perform their jobs can view user data
- All staff sign confidentiality agreements and receive privacy training
- We conduct regular security audits and vulnerability assessments
- Our incident response plan details exactly what happens if there's a breach
While we do everything possible to protect your data, no system is completely invulnerable. If we ever experience a data breach affecting your information, we'll notify you and the Data Protection Commission within 72 hours as required by law.
Data Retention & Deletion
We don't keep your data forever. Here's how long we retain different types of information and why.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information | While your account is active, plus 30 days after deletion | Service provision and account recovery window |
| Transaction data | While account is active, up to 7 years for closed accounts | Financial regulations require retention for tax purposes |
| Support communications | 3 years from last contact | Customer service records and dispute resolution |
| Usage logs | 90 days | Security monitoring and platform improvement |
| Marketing consent | Until you withdraw consent | Communication preferences |
When you close your account, we begin our deletion process. Some financial records must be kept for compliance with Irish tax law, but we anonymize this data so it can't be traced back to you personally.
Backup Systems: Deleted data remains in encrypted backups for up to 90 days, then is permanently removed. During this window, we can't access or restore individual deleted accounts — the backups are only for disaster recovery.
International Data Transfers
We're based in Ireland, which means we operate under EU data protection rules. Most of your data stays within the European Economic Area.
Some of our service providers operate globally, which occasionally means data passes through servers outside the EU. When this happens, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses approved by the EU Commission
- Providers certified under recognized data protection frameworks
- Additional technical measures like encryption during transit and storage
If you're concerned about where your data is processed, contact us and we'll provide specific details about our current infrastructure.
Children's Privacy
trunavexilo isn't designed for children. We don't knowingly collect information from anyone under 16 years old. If you're under 16, please don't create an account or provide any personal information.
If we discover we've accidentally collected data from a child, we'll delete it immediately. Parents who believe their child has provided information to us should contact us right away at contact@trunavexilo.com.
Changes to This Policy
We update this privacy policy occasionally as our services evolve or regulations change. When we make significant changes, we'll notify you by email or through a prominent notice on our platform.
The "Last Updated" date at the top shows when we last modified this policy. We keep previous versions archived if you want to see what changed.
Continuing to use trunavexilo after policy changes means you accept the updated terms. If you disagree with changes, you can close your account before they take effect.
Questions & Complaints
If something in this policy isn't clear, or if you have concerns about how we handle your data, we want to hear from you.
Contact trunavexilo
Email: contact@trunavexilo.com
Phone: +353 91 399 599
Post: Ballycannon, Croagh, Co. Limerick, V94 X0KF, Ireland
Data Protection Authority
If we can't resolve your concern, you have the right to complain to the Data Protection Commission in Ireland at dataprotection.ie or contact their office directly.