Crewz

Minimalistic Apps.

Privacy Policy for the Niffl App

We take the protection of your personal data very seriously. This Privacy Policy explains what data is collected when you use the “Niffl” app, how it is used, and what rights you have.

1. Controller

Crewz GmbH
Paul-Ehrlich-Straße 7
79106 Freiburg im Breisgau
Germany

Represented by: Marcel Bihl
📧 info@crewz.io

2. Data We Collect

a) Data you provide

When using the app, the following data may be collected:

  • Email address (for registration and verification)
  • Name (for display within the app)
  • Content created within the app (e.g. expenses, amounts, groups, assignments)

Authentication is handled via Firebase Authentication using email verification (e.g. code or magic link).

You can invite other people to groups via a link or code. Within these groups, names and related expense data are visible to participating users.

b) Automatically collected data

To ensure functionality and improve the app, the following data may be collected automatically:

  • Usage data (e.g. app interactions, screen views)
  • Device information (e.g. device model, operating system, language)
  • Crash reports

These data are collected using:

  • Firebase Analytics
  • Firebase Crashlytics

3. Purpose of Processing

Your data is processed for the following purposes:

  • Providing and operating the app
  • Managing shared groups and expenses
  • Synchronizing data between users and devices
  • Improving the app and user experience
  • Ensuring stability and error-free operation

4. In-App Purchases

The app offers optional paid features.

Payments are processed via:

  • Apple App Store / Google Play Store
  • RevenueCat

We do not process payment data ourselves. Only your purchase status is processed to unlock features.

5. Hosting and Data Processing

We use services provided by Google Firebase (Google Ireland Limited, Ireland).

Services used:

  • Firebase Authentication
  • Firebase Firestore
  • Firebase Analytics
  • Firebase Crashlytics

Data is primarily processed in data centers within the European Union (e.g. europe-west region).

Transfers to countries outside the EU cannot be fully excluded but are carried out in accordance with GDPR safeguards (e.g. standard contractual clauses).

6. Data Sharing

Your personal data is not shared with third parties, except:

  • with necessary technical service providers (e.g. Firebase, RevenueCat)
  • within the app to other users in shared groups (e.g. names and expense data)
  • if required by law

7. Permissions

The app requires the following permissions:

  • Internet access (for synchronization and functionality)

No additional device permissions are used.

8. Data Retention and Deletion

Your data is stored only as long as necessary for the use of the app.

You can at any time:

  • delete your account
  • request deletion of all stored data

Upon deletion, all personal data will be permanently removed unless legal obligations require otherwise.

9. Legal Basis

Processing of your personal data is based on:

  • Art. 6(1)(a) GDPR (consent)
  • Art. 6(1)(b) GDPR (performance of a contract)

10. Your Rights

You have the right to:

  • access your stored data
  • request correction or deletion
  • restrict processing
  • request data portability
  • object to processing

📩 To exercise your rights, contact: info@crewz.io

11. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to reflect legal or technical changes. The latest version will always be available in the app.

Last updated: April 01, 2026
Crewz GmbH