Privacy Policy

Last updated: February 7, 2026

This Privacy Policy describes how El Cambio ("we", "us", or "our") handles information when you use the El Cambio mobile application (the "App"). The App displays exchange-rate information published by the Central Bank of Venezuela (BCV) and lets you save custom exchange rates for personal reference.

1. Information We Collect

1.1 Account Information (when you sign up or log in)

If you create an account, we collect the information needed to authenticate you. The specific data depends on the sign-in method you choose:

Email & password: Your email address and a hashed password, managed by Firebase Authentication (Google).
Google Sign-In: Your email address, display name, and profile photo URL, as provided by your Google account through Firebase Authentication.

A unique user identifier (Firebase UID) is generated for your account and used to associate your custom rates with your profile.

1.2 Custom Exchange Rates

When you create custom exchange rates, we store the label you assign (up to 16 characters), the rate value, and timestamps (created/updated) on our server, linked to your Firebase UID.

1.3 Usage Analytics (Umami)

We use Umami, a privacy-focused analytics service, to understand how the App is used and to improve it. Umami collects:

App usage events — such as screen views, sign-in method chosen, rates loaded, custom rate actions, and settings interactions. No personally identifiable information is included in event data.
Device metadata — screen dimensions, operating system name and version, and device language/locale.
Anonymous identifier — a randomly generated UUID stored locally on your device, not linked to your identity.

Umami does not use cookies, does not track you across apps or websites, and does not collect IP addresses for profiling. Analytics collection can be toggled off.

1.4 Locally Stored Data

The App stores certain data on your device to provide offline access and a faster experience:

Authentication tokens — Firebase session tokens so you stay signed in between launches.
Cached exchange rates — recent rate data (official and custom) cached for up to 30 days. This cache is cleared when you sign out.
Analytics identifier — the anonymous UUID described in section 1.3.

1.5 Information We Do NOT Collect

The App does not collect:

Precise or approximate location data
Contacts, call logs, or SMS
Photos, videos, or files (beyond what you explicitly provide)
Financial or payment information
Health, fitness, or biometric data
Device advertising identifiers
Microphone or camera input

2. How We Use Information

Data	Purpose
Account information (email, name, photo)	Authenticate you and display your profile inside the App.
Firebase UID	Link your custom rates to your account on our server.
Custom exchange rates	Store, retrieve, and sync the custom rates you create so they are available across sessions and devices.
Usage analytics	Understand feature usage, diagnose errors, and improve the App experience. Analytics are aggregated and not used to identify individual users.
Cached data & auth tokens	Provide offline access to rates and keep you signed in between app launches.

3. Third-Party Services

We rely on the following third-party services, each of which processes some data on our behalf:

Service	Provider	Data processed	Privacy policy
Firebase Authentication	Google LLC	Email, display name, photo URL, UID, auth tokens	firebase.google.com/support/privacy
Google Sign-In	Google LLC	Google account profile data used for authentication	policies.google.com/privacy
Umami Analytics	Self-hosted	Anonymous usage events, device metadata (screen size, OS, locale)	umami.is/privacy

4. Data Sharing

We do not sell your personal information to any third party.
We do not share data for advertising purposes.
Account and authentication data is processed by Firebase / Google solely for the purpose of authenticating you.
Anonymized usage data is sent to our Umami analytics instance to help us improve the App.
We may disclose information if required by law or to protect rights, safety, or property.

5. Data Retention

Account data: Retained in Firebase for as long as your account exists. You may request account deletion (see section 7).
Custom rates: Stored on our server until you delete them or request account deletion.
Analytics data: Retained in our Umami instance in aggregated, anonymized form. Individual events cannot be traced back to you.
Local cache: Automatically expires after 30 days and is also cleared when you sign out.

6. Data Security

We use reasonable technical and organizational measures to protect your data, including:

All network communication between the App and our servers uses HTTPS (TLS encryption).
Authentication is handled by Firebase, which employs industry-standard security practices.
Passwords are never stored in plain text; they are managed entirely by Firebase Authentication.

No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights and Choices

Sign out: You can sign out at any time from the App settings. This clears locally cached data and auth tokens.
Delete custom rates: You can delete any custom rates you created directly in the App.
Account deletion: You may request deletion of your account and all associated data directly in the App (Settings → Delete account), or by submitting a request at /delete-account.html. We will process email requests within 30 days.
Access and portability: You may request a copy of the personal data we hold about you.

8. Children's Privacy

The App is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us so we can delete it.

9. International Transfers

Your data may be processed on servers located outside your country of residence. Firebase services are operated by Google and may process data in various regions. By using the App, you consent to the transfer of your information to these locations.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. We encourage you to review this policy periodically.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us:

Email: sneyder2328@gmail.com