Legal
Privacy Policy
This policy explains how the Currency Converter application (the “App”, iOS / Android) collects, uses and protects your personal data. It applies worldwide and incorporates the requirements of the GDPR (EU/EEA and the UK), the CCPA/CPRA (California), the LGPD (Brazil), PIPEDA (Canada) and other applicable laws.
Data controller
Oworld software
18 Quai Charpenay, 38700 La Tronche, France
Contact: olivier@oworld.fr
1. Data we collect
Depending on how you use the App, we process the following categories:
- Account data: email address, password (stored hashed), Apple/Google identifier, user identifier.
- Technical identifiers: device identifier, advertising identifier (IDFA / AAID), installation identifier.
- Usage data: in-app interactions, screen views, timestamps, device and OS type, language.
- Network data: IP address (collected by our providers).
- Diagnostic data: crash and performance reports.
- Purchase data: subscription status and purchase history (handled by the app stores and RevenueCat).
2. Purposes and legal bases
- Provide the service — performance of a contract.
- Manage your account — performance of a contract.
- Measure audience and improve the app (analytics, crash) — legitimate interest or consent depending on your region.
- Serve ads — consent (personalized ads) or legitimate interest (non-personalized).
- Manage subscriptions — performance of a contract.
- Comply with legal obligations and prevent fraud — legal obligation / legitimate interest.
3. Third-party services and recipients
We rely on the following providers, which may process some of your data:
| Service | Provider | Purpose | Data | Policy |
|---|---|---|---|---|
| Google Analytics for Firebase | Google LLC (USA) | Audience measurement and usage-behavior analysis | Usage data, device identifiers, advertising identifiers, trackers | View |
| Firebase Authentication | Google LLC (USA) | Account creation and sign-in | Email address, password (hashed), Apple/Google identifier, user identifier | View |
| Firebase Crashlytics | Google LLC (USA) | Crash reporting and stability | Diagnostic data, device state and identifiers | View |
| Firebase Cloud Messaging | Google LLC (USA) | Sending push notifications | Device notification token (FCM token) | View |
| Google AdMob | Google LLC (USA) | Serving ads (including personalized ads) | Advertising identifier (IDFA / AAID), usage data, trackers | View |
| Google User Messaging Platform (UMP) | Google LLC (USA) | Collecting and managing your advertising consent | Consent choices, technical identifiers | View |
| RevenueCat | RevenueCat, Inc. (USA) | Managing subscriptions and in-app purchases | Anonymous app user ID, purchase history, device identifiers, attribution data | View |
4. Advertising and consent
The free version shows ads through Google AdMob. On iOS, we ask for your permission (App Tracking Transparency) before any tracking for advertising purposes. A consent screen (CMP/UMP) collects your choice before showing personalized ads, in every territory. You can change that choice at any time, refuse personalized advertising , or subscribe to the ad-free premium version.
You can also manage targeted advertising through: YourOnlineChoices (EU), NAI (US), DAA (US), DAAC (CA), the AppChoices app, or your device advertising settings.
5. International data transfers
Your data is primarily hosted and processed in the United States by our providers (Google, RevenueCat, etc.). When data leaves the EEA, the UK or Switzerland, such transfers are governed by the European Commission’s Standard Contractual Clauses (and the UK addendum) and/or the EU–U.S. Data Privacy Framework, ensuring an adequate level of protection.
6. Data retention
We keep your data for as long as your account is active and it is necessary for the purposes described. Analytics and diagnostic data are kept in aggregated form or for a limited period, unless a legal retention obligation applies (accounting, fraud prevention).
7. Your rights
Depending on where you live, you have some or all of the following rights:
- GDPR (EU/EEA, UK, Switzerland): access, rectification, erasure, restriction, objection, portability, withdrawal of consent, and the right to lodge a complaint with a supervisory authority (in France: the CNIL).
- CCPA/CPRA (California): the right to know, access, correct and delete your data, the right to non-discrimination, and the right to opt out of the “sale” or “sharing” of your data. We do not sell your personal information; sharing for targeted advertising can be disabled via the options above.
- LGPD (Brazil), PIPEDA (Canada) and other laws: equivalent rights of access, correction, deletion and objection.
To exercise your rights, contact us at olivier@oworld.fr. We respond within one month at most. You can also delete your account and data directly within the app.
8. Security
Data is transmitted over encrypted connections (HTTPS/TLS) and stored on Google Firebase’s secure infrastructure. Passwords are handled by Firebase Authentication and are never stored in clear text. As no system is completely secure, we cannot guarantee absolute security.
9. Children
The App is not intended for children under 13 (or the minimum age required in your country). We do not knowingly collect their data. If you believe a child has provided us with data, please contact us so we can delete it.
10. Changes to this policy
We may update this policy. In case of a significant change, we will notify you in the app or by email. The last-updated date appears at the top of this page.
Oworld software — 18 Quai Charpenay, 38700 La Tronche, France — olivier@oworld.fr