Legal Expense management

Privacy Policy

Last updated: April 2026. Here is how we use your data in Piiply, why we use it, and how long we keep it, in plain language.

Piiply dashboard view

1. Who we are

Piiply is an expense management platform for everyday payables, receivables, and payment commitments, available at app.piiply.com. We are the controller of your personal data for that service, which means we decide how and why your data is used.

Questions about how we process your data: support@piiply.com.

2. Data we collect about you

We only collect what we need to provide the service.

Data you provide directly

  • Your full name
  • Your email address
  • Your mobile number (optional, if you choose to provide it)
  • Your preferred currency and language
  • Information in the records you create for expense management (payables, receivables, informal loans, etc.): names, emails, and phone numbers of people involved when you add them, amounts, dates, descriptions, and payment history

Data collected automatically

  • Language and theme preferences (light/dark) you set
  • Technical access logs for security and troubleshooting, handled in aggregate or with minimization where possible

3. How we use your data

We use your data to:

  • Sign you in securely — When you request access, we send a verification code to your email (and, if you have a number on file, via WhatsApp). That code is how you confirm your identity.
  • Provide expense management — Store, display, and update your records, payments, and summaries.
  • Send you notifications — Due-date reminders, overdue notices, payment confirmations, and summaries, by email and/or WhatsApp according to your preferences.
  • Notify contacts you associate with a record — If you enter someone’s email or phone for a record, they may receive automated messages about that record (for example due-date reminders). By entering those contacts, you confirm you have permission or another lawful basis.
  • In-product suggestions and analysis — Piiply may analyze patterns in your records (due dates, amounts, status) to show personalized suggestions. Processing is automatic within the service and is not sold to third parties for advertising.
  • Improve and monitor the service — Detect and fix technical issues and keep the platform running reliably.

Legal bases (GDPR), in brief: performance of a contract and pre-contract steps (account, dashboard, records); legitimate interests (security, abuse prevention, technical improvement, essential operational messages); consent where required (for example push notifications or options you explicitly enable). Acknowledging the Terms of Service and this policy at sign-in is part of your agreement to use the service.

4. Who we share data with

We do not sell your data. We do not share it for advertising. We only share the minimum needed with providers that help us run the platform:

  • Email delivery — Verification codes and email notifications. Receives the email address and message content.
  • WhatsApp — Verification codes and WhatsApp notifications when you have a registered number and that channel is enabled. Receives the number and message content.
  • Push notifications — Alerts in the browser or on your device, with your consent. Uses a technical device identifier.
  • Exchange rates — To convert amounts between currencies. This flow does not require sending identifiable personal data to function.
  • In-product analytics and suggestions — Automated processing with contractual safeguards; data stays in the context of the service, not for external ad profiles.
  • Technical monitoring — Errors and application performance, predominantly technical and minimized data.

These providers are contractually required to protect data and not use it for unrelated purposes. Some may be outside the UK/EEA; where required we use recognized transfer tools (for example EU Standard Contractual Clauses).

5. How long we keep your data

  • We keep your data while your account is active.
  • If the account is deactivated, data may become inactive and inaccessible in the app, unless minimal retention is required by law or for technical reasons.
  • If you request permanent deletion, we erase personal data within technically reasonable timelines, except where the law requires retention (for example tax obligations remain your responsibility as the party to the underlying transaction).
  • Security logs are kept for a limited period, then deleted or aggregated so they no longer identify you.

6. Your rights

Where applicable, you have the right to:

  • Know what data we hold and how we use it
  • Access your data — much of it is available directly in the product
  • Correct inaccurate information — you can edit profile data in the app
  • Export your data — CSV export when available
  • Request erasure of your account and related data — contact support@piiply.com
  • Withdraw consent for push notifications — in profile settings, at any time
  • Lodge a complaint with your local data protection authority

To exercise rights or send privacy-related requests, email support@piiply.com. We respond within 30 days.

7. Security

  • Communication between your device and Piiply is encrypted (HTTPS)
  • Verification codes are not stored in plain text — they are handled so they cannot be read in clear in the database
  • Your account is logically isolated — other people cannot access your data through the application
  • Access is monitored to detect suspicious activity

No online system is risk-free; we do what we can to protect your data, including keeping your email secure because it is the main authentication channel.

8. Cookies and storage on your device

We use cookies and local storage only to:

  • Keep your session active while you use the platform (session cookie — required)
  • Store language and theme preferences (local storage — not sent to third parties for ads)

We do not use advertising cookies, cross-site behavioral tracking, or invasive measurement. Statistics tools on the public site, if enabled, are limited to aggregated metrics and may set additional cookies; you can manage cookies in the browser — blocking strictly necessary cookies may prevent sign-in.

9. Changes to this policy

If we make material changes, we will notify you by reasonable means (for example email or in-app notice), with adequate advance notice when possible. The last updated date is always shown at the top of this page.

10. Public read-only links

If you generate a public link for a record, anyone with the URL can see only the information Piiply exposes in that read-only mode. You are responsible for sharing the link appropriately; sensitive fields may be hidden by privacy settings.

11. Children

The service is not directed at children under 16, and we do not knowingly collect their personal data.

12. Contact

Privacy questions: support@piiply.com · application: https://app.piiply.com