Privacy Policy

Effective date: June 8, 2026

What is Monii?

Monii is a personal expense tracker that reads bank notification emails from your Gmail account to automatically import your transactions.

What data we access

With your explicit permission, Monii requests read-only access to your Gmail account (gmail.readonly scope). We only read emails from your bank (BAC Credomatic, Ficohsa, Atlántida) that match specific transaction notification patterns. We do not read, store, or process any other emails.

What data we store

We store:

• Your Gmail address (to identify the connected account)
• A securely encrypted OAuth refresh token (to maintain access without requiring repeated logins)
• Parsed transaction data extracted from bank notification emails: merchant name, amount, currency, date, and card last 4 digits
• Raw email message IDs (to avoid processing duplicates)

We do not store the full content of your emails.

How we use your data

Your data is used solely to:

• Display your transactions in the Monii dashboard
• Categorize your spending
• Show balance summaries across your accounts

We do not sell, share, or use your data for advertising or any purpose other than providing the Monii service to you.

Data storage and security

All data is stored in Supabase with row-level security policies that ensure only you can access your own data. OAuth tokens are encrypted at rest using AES-256-GCM before storage.

Revoking access

You can disconnect Gmail at any time from the app's Settings screen. This deletes your stored OAuth token immediately. You can also revoke access directly from your Google Account permissions.

Contact

For questions or concerns about this privacy policy, contact: support@getmonii.app