Easeful Easeful
Try for free
Back to Easeful

Legal

Privacy Policy

Last updated: 10 March 2026

1. Introduction

This Privacy Policy explains how Easeful ("we", "us", or "our") collects, uses, and protects personal data when you visit tryeaseful.com or use the Easeful web application.

Easeful acts as the data controller for the purposes of applicable data protection laws. By using Easeful, you agree to the practices described in this policy.

If you have any questions, you may contact us at [email protected].

2. Data We Collect

We collect only the information required to operate the service.

Account data

When you create an account, we store your email address and authentication credentials. If you sign in with Google, authentication is handled by Supabase Auth using the OAuth flow provided by Google. We do not store your Google password. If you choose to sign in with Google, we may receive basic profile information such as your email address from Google in order to create or authenticate your account.

Financial inputs

Easeful allows you to enter financial figures — such as income, expenses, savings, and debts — to model how decisions may affect your finances over time. These numbers are stored in your account so that your scenarios persist between sessions. We do not verify, cross-reference, or share this data with any third party for purposes other than operating the service.

Application preferences

We store your selected application language and currency preference so that the application behaves consistently across sessions.

What we do not collect

Easeful does not connect to your bank accounts, read financial transactions, request access to financial institutions, or collect government-issued identity documents. The only financial figures we store are those you manually enter.

3. Google User Data

Easeful uses Google OAuth to allow you to sign in with your Google account. This section specifically describes how we handle data received from Google.

What Google data we access

When you sign in with Google, we receive only the information you authorise through the OAuth consent screen: your email address and basic profile information (name, profile picture URL). We do not request access to Gmail, Google Drive, Google Calendar, Contacts, or any other Google service.

How we use Google user data

The email address and profile information received from Google are used solely to:

  • Create and identify your Easeful account
  • Authenticate you on subsequent sign-ins

We do not use Google user data for advertising, profiling, or any purpose beyond providing the Easeful service to you.

Sharing of Google user data

We do not sell, rent, or share Google user data with third parties for their own purposes. Your email address is stored on Supabase infrastructure (our database provider) solely to operate your account. No other third party receives your Google user data.

Storage and protection of Google user data

Google user data is stored in our database hosted on Supabase, which applies encryption at rest and in transit. Access is restricted to authorised application processes only. We do not store your Google password or OAuth tokens beyond what is required for session management.

Retention and deletion of Google user data

Google user data is retained for as long as your Easeful account exists. When you delete your account, all associated data — including your email address received from Google — is permanently removed from our systems. You can delete your account at any time from within the application settings, or by contacting us at [email protected].

Easeful's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How We Use Your Data

We use the data we collect to:

  • Create and manage your account
  • Provide the financial modeling features of the application
  • Process subscription payments through Stripe
  • Send transactional emails related to your account or subscription (e.g. billing confirmations)
  • Understand how the product is used in order to improve it

We do not use your data for advertising. We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

Easeful does not use personal data for automated decision-making that produces legal or similarly significant effects.

5. Analytics

Easeful uses Google Analytics 4 to understand how users interact with the website. Google Analytics 4 automatically anonymizes IP addresses. Analytics data is used solely to improve the product and is not used for advertising or shared with third parties beyond Google's standard Analytics service.

Google Analytics may set cookies in your browser. You can opt out of Google Analytics tracking by using the Google Analytics opt-out browser add-on.

6. Cookies

Easeful uses cookies for the following purposes:

  • Site functionality — cookies required for authentication and session management
  • Analytics — cookies set by Google Analytics 4 for usage measurement

Non-essential cookies such as analytics cookies are only activated after you provide consent through the cookie banner. A cookie consent banner will be displayed when you first visit the site. You may withdraw your consent for non-essential cookies at any time by clearing your browser cookies or adjusting your browser settings.

7. Third-Party Service Providers

We use the following third-party services to operate Easeful. Each acts as a data processor and is contractually bound to process data only as instructed:

  • Supabase — database hosting and authentication. User account data and financial inputs are stored on Supabase infrastructure.
  • Cloudflare — frontend hosting and content delivery. Cloudflare may process IP addresses as part of serving the application.
  • Stripe — payment processing. When you subscribe, Stripe handles all payment data. Easeful does not have access to your full payment card details and does not store them. Stripe's privacy policy applies to payment data.
  • Google Analytics — website usage analytics, as described in Section 5.

We do not share personal data with any other third parties.

8. Data Retention and Account Deletion

We retain personal data only for as long as necessary to provide the service and maintain your account. We retain your account data for as long as your account remains active. Inactive accounts may be deleted after a prolonged period of inactivity, in which case you will be notified in advance where possible. If you delete your account, all associated personal data — including your email address, financial inputs, and application preferences — is permanently removed from our active systems.

You can delete your account at any time from within the application settings. Deletion is irreversible.

Stripe may retain billing records independently in accordance with their own data retention policies and applicable financial regulations.

9. Your Rights Under GDPR

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access — you may request a copy of the personal data we hold about you
  • Right to rectification — you may request correction of inaccurate data
  • Right to erasure — you may request deletion of your personal data
  • Right to restriction — you may request that we limit how we process your data
  • Right to data portability — you may request your data in a structured, machine-readable format
  • Right to object — you may object to processing based on legitimate interests
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP) or the supervisory authority in your country of residence.

10. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance — processing necessary to provide the service you have signed up for
  • Legitimate interests — analytics used to improve the service, where those interests are not overridden by your rights
  • Consent — for non-essential cookies, where you have provided consent via the cookie banner

11. Data Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These measures include encrypted data transmission (HTTPS), access controls on our database, and the use of reputable infrastructure providers.

No method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

12. International Data Transfers

Easeful is operated from Croatia. Our infrastructure providers (Supabase, Cloudflare, Stripe, and Google) may process data in countries outside the European Economic Area. Where such transfers occur, they are carried out under appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of Easeful after such changes constitutes acceptance of the updated policy.

14. Contact

For any questions, requests, or concerns regarding this Privacy Policy or your personal data:

[email protected]