Privacy Policy

Last updated: April 2026

1. What data we collect

When you create an account we store your name (optional), email address, and a securely hashed version of your password. We never store your password in plain text.

As you use the app we store your checklist progress, saved guides, community posts, and language preference. This data is tied to your account so you can access it across devices.

2. How we use your data

  • To provide and personalise the service (checklist, guides, community).
  • To authenticate you and keep your account secure.
  • To translate content into your chosen language (via DeepL API; only the text being translated is sent).

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Data storage and security

Your data is stored in a database hosted within the EU. Passwords are hashed using bcrypt (cost factor 12). All connections use HTTPS encryption. We apply rate limiting to protect against abuse.

4. Your rights (GDPR)

Under the EU General Data Protection Regulation you have the right to:

  • Access your personal data.
  • Correct inaccurate data via your profile settings.
  • Delete your account and all associated data.
  • Export your data in a machine-readable format.
  • Object to processing or request restriction.

You can export or delete your data directly from your profile page, or contact us at the email address below.

5. Cookies and local storage

We use a session cookie for authentication (essential, no consent required under GDPR). We do not use advertising or analytics cookies. The PWA uses a service worker to cache assets for offline access.

6. Third-party services

  • DeepL API — for translating guide and resource content. Only the text being translated is sent. DeepL deletes texts after translation.

7. Data retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently removed immediately.

8. Changes to this policy

We may update this policy from time to time. Significant changes will be communicated in-app. Continued use after changes constitutes acceptance.

9. Contact

For privacy-related questions or requests, email: support@newtofin.fi