Privacy Policy

Effective Date: June 8, 2026

Your privacy is critically important to us. At Zimple (operated by SoloTechAI e.U.), we have a few fundamental principles:

  • We are thoughtful about the personal information we ask you to provide and the information we collect about you through our services.
  • We store personal information for only as long as we have a reason to keep it.
  • We believe in empowering you to control your own data. We utilize privacy-conscious analytics and error tracking solutions (including self-hosted infrastructure where appropriate) specifically to prevent third-party advertising networks from harvesting your data.
  • We aim for full transparency on how we gather, use, and share your personal information.

1. Who We Are

We are the team behind Zimple Tech, offering products including the Zimple Home App, Zimple Finance, and Zimple Hub. Throughout this Privacy Policy we’ll refer to our websites, mobile applications, and other products and services collectively as “Services.” The data controller responsible for your personal information is SoloTechAI e.U., based in Austria.

2. Information We Collect and Our Legal Basis

To ensure maximum transparency and compliance with the GDPR, here is exactly what data we collect, depending on which specific Zimple app you use, and our legal justification for doing so.

Your Zimple Account (Cross-App)

  • Account Credentials: Regardless of which app you use to sign in (Zimple Home, Finance, or Hub), we collect your name, email address, password securely, and Google profile info (if using Google Sign-In).
    Legal Basis: Performance of a Contract (Article 6(1)(b) GDPR).
  • Communications: Any support emails or contact form submissions.
    Legal Basis: Legitimate Interests (Article 6(1)(f) GDPR) to provide customer support.

Zimple Home (Mobile & Web)

  • Inventory Data & Uploads: Details about your household items, purchase prices, photos, and warranty PDFs.
    Legal Basis: Performance of a Contract.
  • Device Permissions: With your consent, the mobile app accesses your Camera and Photo Library strictly to allow you to scan barcodes and upload media. You have the right to withdraw this consent at any time via your device settings.
    Legal Basis: Consent (Article 6(1)(a) GDPR).

Zimple Finance

  • Financial Data: Entries of your incomes, expenses, budgets, and account balances.
    Legal Basis: Performance of a Contract.

Information Collected Automatically (All Apps)

  • Device & Log Information: Basic telemetry such as IP address, operating system version, and crash reports. Depending on your region, we use privacy-focused error tracking (like Sentry Cloud or self-hosted GlitchTip) and self-hosted analytics (Umami) to keep your data secure and out of third-party advertising networks.
    Legal Basis: Legitimate Interests (Article 6(1)(f) GDPR) to maintain the security and stability of our apps.

3. How We Process Data with AI (Vertex AI)

To provide advanced features—such as automatically analyzing uploaded receipts or identifying household items—we utilize Google's Firebase Vertex AI.

  • The image is securely transmitted to Google Cloud's Vertex AI solely to analyze the image and return the data to your Zimple account.
  • Under Google Cloud's strict enterprise privacy terms, your data and images are NOT used to train Google's foundational AI models. You can verify Google's official commitment to this policy here.

4. How and Why We Share Information

We do not sell your private personal information. We share information about you in limited circumstances with service providers who need the information to provide their services to us:

  • Hosting & Storage: Our primary servers are hosted by DigitalOcean, and we use Cloudflare R2 to securely store your uploaded images and media files.
  • Email Delivery: We use Resend (for system notifications and newsletters) and Zoho (for customer support communications).
  • Payments: Transactions are processed securely through the Google Play Store (or Stripe for web transactions). We do not store your full credit card information.
  • AI Processing: Google Cloud / Firebase (as described above).

5. International Data Transfers & Hosting

Currently, to provide the fastest service for our initial launch regions, our primary databases and servers (such as DigitalOcean and Cloudflare R2) are physically hosted in the United States. Because SoloTechAI e.U. is an Austrian company, we ensure that any data flowing to our US servers or US-based service providers (like Google and Stripe) is protected to strict European standards. We rely on legally recognized mechanisms under the GDPR, such as the EU-US Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs), to guarantee your data's security.

6. Data Retention

We generally discard information about you when it is no longer needed for the purposes for which we collect and use it. When you choose to delete your account, your active data is removed from our live databases immediately. To protect against accidental data loss, securely encrypted backups of our databases are kept for up to 30 days before being permanently destroyed.

7. Your Privacy Rights

For US Users (CCPA and State Privacy Laws)

If you are a resident of California, Virginia, Colorado, or other US states with applicable privacy laws, you have specific rights regarding your personal information:

  • Right to Know & Access: You can request details about the personal information we collect and how we use it.
  • Right to Delete: You can request the deletion of your personal information.
  • Right to Opt-Out of Sales: We do not sell your personal information. If this ever changes, you will have the right to opt out.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

For EU and UK Users (GDPR & DSG)

If you are located in the European Economic Area (EEA) or the United Kingdom, data protection laws grant you the following rights (pursuant to Articles 15 to 21 GDPR and §§ 42 to 45 DSG):

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification or Erasure: Request correction of inaccurate data or deletion of your data (the "right to be forgotten").
  • Right to Object & Restrict: Object to our processing or ask us to temporarily freeze processing.
  • Right to Data Portability: Request a machine-readable copy of your data to transfer to another service.

If you believe that the processing of your data violates data protection law or that your data protection claims have been violated in any other way, you can lodge a complaint with the competent supervisory authority. In Austria, this is the:

Austrian Data Protection Authority (DSB)
Barichgasse 40-42
1030 Vienna
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at

You can usually exercise these rights directly using your account settings within the Zimple Apps, or by contacting us.

8. Cookies and Tracking Technologies

Zimple respects your privacy and is committed to minimal tracking. We only use Strictly Necessary Cookies (such as session cookies and CSRF tokens). These are technically essential for our Services to function securely (for example, keeping you logged in and preventing unauthorized cross-site requests).

Because we do not use non-essential cookies (such as third-party advertising, invasive tracking pixels, or marketing cookies), we are not legally required to display a cookie consent banner under GDPR or the ePrivacy Directive. Our analytics (Umami) are self-hosted, completely anonymized, and operate entirely without the use of cookies.

9. Children's Privacy

Our Services are not directed to children. To comply with both US Federal Law (COPPA) and European data protection laws, we do not knowingly collect personal information from individuals under the age of 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information immediately.

10. Contact Us

If you have a question about this Privacy Policy, or you would like to contact us about any of your privacy rights, please reach out to us at:

Email: privacy@zimple.tech
Data Controller:
SoloTechAI e.U.
Owner: Yijie Liu
Hirschstettner Straße 19 / Stiege P / P0406
1220 Vienna
Austria