Legal Information

These Terms of Service govern your use of Cortado Finance, a personal finance management application. By accessing or using our service, you agree to be bound by these terms.

By accessing and using Cortado Finance, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree with any part of these terms, you must not use our service.

These terms constitute a legally binding agreement between you and Cortado Finance. We reserve the right to modify these terms at any time, and such modifications will be effective immediately upon posting.

To use Cortado Finance, you must:

• Be at least 16 years of age (in accordance with Polish and EU regulations)
• Be a resident of the European Union or European Economic Area
• Have the legal capacity to enter into binding agreements
• Not be prohibited from using the service under applicable laws

If you are under 18 years of age, you confirm that you have obtained consent from your parent or legal guardian to use this service.

When you create an account with Cortado Finance, you agree to:

• Provide accurate, current, and complete information
• Maintain and promptly update your account information
• Maintain the security and confidentiality of your login credentials
• Accept responsibility for all activities under your account
• Notify us immediately of any unauthorized access or security breach

You are solely responsible for any activity that occurs under your account. We reserve the right to suspend or terminate accounts that violate these terms.

Subject to these Terms, Cortado Finance grants you a limited, non-exclusive, non-transferable, revocable license to use the service for personal, non-commercial purposes.

You agree not to:

• Modify, copy, or create derivative works based on the service
• Reverse engineer, decompile, or disassemble any part of the service
• Use the service for any commercial purpose without authorization
• Attempt to gain unauthorized access to any systems or networks
• Use automated systems or software to extract data from the service
• Transmit any malicious code, viruses, or harmful content

All content, features, and functionality of Cortado Finance, including but not limited to text, graphics, logos, icons, images, audio clips, digital downloads, and software, are the exclusive property of Cortado Finance and are protected by Polish, European Union, and international copyright, trademark, and other intellectual property laws.

The Cortado Finance name, logo, and all related names, logos, product and service names, designs, and slogans are trademarks of Cortado Finance. You must not use such marks without prior written permission.

Cortado Finance reserves the right to modify, suspend, or discontinue any part of the service at any time, with or without notice. We may also impose limits on certain features or restrict access to parts of the service.

We shall not be liable to you or any third party for any modification, suspension, or discontinuance of the service. We will make reasonable efforts to notify users of significant changes that may affect their use of the service.

To the maximum extent permitted by applicable law, Cortado Finance and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to:

• Loss of profits, data, or business opportunities
• Personal injury or property damage
• Unauthorized access to or alteration of your data
• Any third-party conduct on the service
• Any errors, mistakes, or inaccuracies in the service

The service is provided on an "as is" and "as available" basis without any warranties of any kind, either express or implied.

Nothing in these terms excludes or limits liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited under applicable EU or Polish law.

These Terms of Service shall be governed by and construed in accordance with the laws of the Republic of Poland, without regard to its conflict of law provisions.

For consumers residing in the European Union, you may also benefit from mandatory consumer protection provisions of your country of residence. Any disputes arising from these terms shall be subject to the exclusive jurisdiction of the courts of Poland, unless you are a consumer entitled to bring proceedings in your country of residence under applicable EU consumer protection laws.

European Commission Online Dispute Resolution: https://ec.europa.eu/consumers/odr

This Privacy Policy explains how Cortado Finance collects, uses, stores, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and Polish data protection laws.

We are committed to protecting your privacy and ensuring transparency in how we handle your personal information.

Cortado Finance operates as a personal project. For all data protection matters, you can contact us at:

• Email: contact@cortadofinance.com
• Data Processing Location: Frankfurt, Germany (EU)

As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with applicable data protection laws.

We collect the following categories of personal data:

• Identity Data: Name, email address, profile picture (when provided)
• Account Data: Login credentials, account preferences, authentication tokens
• Financial Data: Transaction records, account balances, budget information, and other financial data you choose to input for service functionality
• Technical Data: IP address, browser type and version, device information, operating system, time zone setting
• Usage Data: Information about how you use our service, including pages visited, features used, and interaction patterns

We do not collect sensitive personal data (special categories) unless explicitly provided by you and necessary for the service.

Under Article 6 of the GDPR, we process your personal data based on the following legal grounds:

• Contract Performance (Art. 6(1)(b)): Processing necessary to provide you with our services and fulfill our contractual obligations
• Consent (Art. 6(1)(a)): Where you have given explicit consent for specific processing activities (e.g., marketing communications)
• Legitimate Interests (Art. 6(1)(f)): Processing necessary for our legitimate interests, such as improving our service, ensuring security, and preventing fraud
• Legal Obligation (Art. 6(1)(c)): Processing required to comply with applicable laws and regulations

We use your personal data for the following purposes:

• To provide, maintain, and improve our services
• To create and manage your account
• To process and display your financial information
• To communicate with you about service updates and changes
• To provide customer support and respond to inquiries
• To detect, prevent, and address technical issues and security threats
• To analyze usage patterns and improve user experience
• To comply with legal obligations

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

Storage Location: Your data is stored on servers located in Frankfurt, Germany, within the European Union. This ensures your data remains protected under EU data protection laws.

Retention Period: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Account Data: Retained while your account is active and for up to 30 days after account deletion
• Financial Data: Retained while your account is active; deleted upon account deletion request
• Technical Logs: Retained for up to 90 days for security and debugging purposes
• Legal Requirements: Certain data may be retained longer if required by law

Data Security: We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit and at rest, access controls, and regular security assessments.

We may share your data with the following categories of third-party service providers:

• Cloud Infrastructure: Hosting and data storage providers located within the EU
• Authentication Services: Identity verification and login service providers
• Analytics: Service usage analytics (anonymized where possible)
• Email Services: Transactional email delivery

All third-party processors are contractually bound to process your data only on our instructions and in accordance with GDPR requirements. We do not sell your personal data to third parties.

International Transfers: Your data is processed within the European Economic Area (EEA). If any transfer outside the EEA is necessary, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access (Art. 15): Request a copy of your personal data and information about how it is processed
• Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data
• Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten")
• Right to Restriction (Art. 18): Request limitation of processing in certain circumstances
• Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
• Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at contact@cortadofinance.com. We will respond to your request within 30 days.

Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Polish supervisory authority:

• Urząd Ochrony Danych Osobowych (UODO)
• ul. Stawki 2, 00-193 Warszawa, Poland
• Website: https://uodo.gov.pl

Cortado Finance uses cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for the service to function (authentication, security, session management)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our service (with your consent)

You can control cookie preferences through your browser settings. Note that disabling essential cookies may affect service functionality.

In accordance with Polish implementation of the GDPR (Article 8), Cortado Finance is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children under 16 years of age.

If we become aware that we have collected personal data from a child under 16 without appropriate parental consent, we will take steps to delete that information promptly. If you believe we may have collected data from a child under 16, please contact us immediately.

We may update this legal document from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

• We will update the "Last updated" date at the top of this page
• We will notify you via email or through the service
• For significant changes, we may request renewed consent

We encourage you to review this page periodically to stay informed about our practices. Your continued use of the service after any changes constitutes acceptance of the updated terms.

If you have any questions, concerns, or requests regarding these Terms of Service, Privacy Policy, or our data practices, please contact us:

• Email: contact@cortadofinance.com

We aim to respond to all inquiries within 30 days. For data protection requests, we will verify your identity before processing your request.