Privacy Policy
Last updated April 16, 2026 — Mobile Application
This Privacy Policy describes how Pulsar Money SRL (“Pulsar Money”, “we”, “us”) handles information when you use the Pulsar Money mobile application for iOS and Android (the “App”). It applies only to the App. Use of our website and other services is covered by the separate policy published at pulsar.money/privacy-policy.
1. Information We Collect From You
We collect only the information the App needs to create your account and deliver its features.
Account information you provide
- Email address — required to create your account and to deliver the one-time verification code when signing in by email.
- Name — either the full name you enter during onboarding, or, if you sign in with Apple or Google and consent to share it, the name returned by that provider. In both cases the name is stored on our servers and used as your display name in the App. Apple returns your name only on the very first sign-in; Google returns it on every sign-in.
- Username — a handle you choose during onboarding. It forms part of your public profile and your referral link.
- Profile picture— either a generated avatar (based on your username, no image is uploaded) or a photo you choose from your device's photo library. If you choose a photo, you grant us the permission to store it on our servers and display it in the App.
- Referral code — if you open the App via a referral link we record which user invited you, so we can attribute the referral reward.
Information collected automatically
- Authentication token — after sign-in we issue a session token and store it in the secure keychain on your device. It never leaves your device except to authenticate requests to our backend.
- Push subscription identifier — if you enable push notifications, our notification provider (OneSignal) generates a subscription identifier and associates it with your account so we can deliver notifications. See Third-party services below.
- Basic request metadata — when the App calls our backend, our servers log standard information such as the approximate request time and the IP address that made the request, as is typical for any networked application. We do not use this for advertising or cross-site tracking.
Information we do NOT collect from the App
- We do not collect your precise or approximate location. iOS shows a location entry in our app listing solely because our push-notification SDK links Apple's location framework; the location channel is disabled at runtime and the App never prompts you for location access.
- We do not access your contacts, calendar, microphone, camera, health data, or on-device files other than the single photo you select when setting a profile picture.
- We do not use the Apple App Tracking Transparencyframework and we do not track you across other apps or websites for advertising.
- We do not collect payment card details, bank account details, government-issued identity documents, or crypto wallet private keys or seed phrases in the App.
2. How We Use Your Information
We use the information above to:
- Create, authenticate, and maintain your account.
- Display your profile, deliver in-app features, and attribute referrals you receive or give.
- Send you transactional messages by email (e.g. your sign-in code) and, if you have opted in, push notifications about activity on your account.
- Debug errors, prevent abuse, and keep the App secure.
- Comply with our legal obligations and enforce our Terms & Conditions.
3. Legal Basis (EEA / UK users)
Where the EU General Data Protection Regulation or the UK GDPR applies, we rely on the following legal bases: performance of our contract with you (creating and running your account), your consent (push notifications, uploading a custom profile photo), our legitimate interests (fraud prevention, security, service improvement), and compliance with our legal obligations.
4. Device Permissions
The App requests operating-system permissions only when needed:
- Photo library— requested only when you tap “Choose a photo” on the avatar screen, so the selected image can be uploaded as your profile picture. You can revoke this permission at any time from your device’s system Settings; we do not retain photo library access between selections.
- Notifications — requested only when you enable push notifications. You can turn notifications off at any time from the in-app Settings screen or your device settings.
No other permission is requested at runtime. We do not request camera, contacts, microphone, location, or background location.
5. Third-Party Services
The App relies on a small number of external services. Each service processes only the data needed to perform its function and is bound by its own privacy policy.
- Apple Sign in with Apple — if you sign in with Apple, Apple provides us with your Apple-issued user identifier and, if you choose to share it, your email and name. See Apple's privacy policy.
- Google Sign-In — if you sign in with Google, Google provides us with your Google account identifier, email, and basic profile name and picture. See Google's privacy policy.
- OneSignal — used to deliver push notifications if you opt in. OneSignal receives your account identifier (to target notifications to your devices) and technical information about your device and push token. See OneSignal's privacy policy.
- DiceBear — used to render the default avatar image. The App sends your chosen username (or a derived seed) to DiceBear to generate a deterministic cartoon avatar. No personal account data is sent. See DiceBear's privacy policy.
- Pulsar Money backend— our own servers, which store your account data and serve the App's API. Operated by Pulsar Money SRL.
6. Data Storage and Security
Your authentication token is stored on your device in the platform secure keychain (iOS Keychain / Android Keystore). Small, non-sensitive preferences (such as your email during onboarding and your onboarding-completion flag) are stored in the App's local storage. Your account data is stored on our servers, protected by access controls, encryption in transit (HTTPS/TLS), and encryption at rest. No system is perfectly secure — we cannot guarantee absolute security, but we work to keep your data safe.
7. Data Retention
We keep your account data for as long as your account is active. When you delete your account from the App's Settings screen, or by emailing us at [email protected], we delete or anonymise your personal data within a reasonable period after we have handled any outstanding obligations (for example resolving disputes or complying with our legal record-keeping duties).
8. International Transfers
Pulsar Money SRL is based in Romania (European Union). Some of our third-party service providers, such as OneSignal and Google, are located in the United States. Where we transfer personal data outside the EEA/UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or the service provider's participation in a recognised data transfer framework.
9. Your Rights
Depending on your jurisdiction you may have the right to:
- Access the personal data we hold about you;
- Correct inaccurate personal data;
- Delete your personal data;
- Restrict or object to certain processing;
- Port your personal data to another service;
- Withdraw consent you have given (for example to push notifications);
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights, email us at [email protected]. We will respond within the timeframes required by applicable law.
10. Children
The App is not intended for children under 18 and we do not knowingly collect personal data from anyone under that age. If you believe a child has provided us with personal data, please contact us and we will delete it.
11. Changes to This Policy
We may update this policy from time to time. When we make material changes we will post the updated version in the App and at this URL, and update the “Last updated” date above. Your continued use of the App after the update becomes effective constitutes acceptance of the revised policy.
12. Contact
Pulsar Money SRLSibiu, Romania
Email: [email protected]