Infinitum Creator Ledger Privacy Policy - Infinitum LIVE Creator Network

Ownership

We Do Not Sell or Leak Your Data

Infinitum Imagery LLC does not sell, rent, trade, or otherwise disclose your personal data to third parties for their marketing or commercial use. We do not leak, share, or provide user data to advertisers, data brokers, or other parties except as strictly necessary to operate the Service (e.g., authentication and hosting providers under contract) or as required by law.

Data Retention & Deletion Policy

We provide two in-app options under Settings → Account & data. (1) “Delete my data”: We permanently remove all your ledger data—earnings, expenses, platform accounts, weekly snapshots (Firestore), receipt files (Firebase Storage), and local cached data (Hive) on your device. Your account is kept and you remain signed in. (2) “Permanently delete my account and data”: We perform a hard delete of your user document and all subcollections, receipt files in Storage, and local cache; you are then signed out. We do not use soft delete for either action; once completed, the removed data cannot be recovered.

Backups: Firebase (Google Cloud) may retain managed backups for disaster recovery in accordance with its own policies. We do not retain separate backups of user data after deletion; any remaining copies in Firebase’s backup systems are subject to Google’s retention and are not under our control.

Data retention: While your account is active, we retain your data for as long as you use the Service. Receipt files you upload are stored in Firebase Storage and are deleted when you delete the related expense entry or when you use “Delete my data” or “Permanently delete my account and data.” For subscribed users, exports (CSV/PDF) are available via Settings → Export center and are generated on demand; they are not stored on our servers and you download them to your device. Exports are limited to subscribers only.

Processing time: Deletion is processed immediately when you confirm. Completion typically occurs within the same session; in rare cases (e.g., network issues), final removal may complete shortly thereafter. For GDPR/CCPA: You may request deletion via these in-app options or by contacting us; we do not retain your data after a completed deletion request.

Security & Data Protection

Authentication: Firebase Authentication (email/password only; no anonymous sign-in). All traffic uses encrypted transport (TLS/HTTPS). Firestore security rules enforce per-user isolation: you can read and write only your own data (users/{uid} and its subcollections). Role-based access (user, userFree, superAdmin) is enforced server-side; clients cannot elevate their own role.

Data at rest: Firestore and Firebase Storage use encryption at rest by default (Google Cloud). Receipt uploads: We validate file type and enforce a maximum upload size of 5 MB per receipt. Rate limiting and abuse prevention may apply at the Firebase project level. Firebase App Check may be enabled to help protect backend resources from unauthorized clients; when enabled, only legitimate app instances can access your data.

Disaster Recovery & Backup

Offline capability: The app uses a local cache (Hive) for read access when you have previously loaded data. You can view cached profiles, earnings, expenses, and config when offline. Sync behavior: Writes (adding or editing entries, profile changes) require an active connection; data is sent to Firestore when online. We do not queue writes for later sync in the current version—if you are offline, save again when connected.

Backend redundancy: Firestore and Firebase Storage are managed by Google and provide replication and recovery options. We do not operate separate backup systems; reliance on Firebase’s infrastructure is part of our data resilience. Data export: Export (CSV/PDF) is available to subscribed users via Settings → Export center. Exports are generated on demand and are not stored on our servers; we recommend exporting periodically for your own records.

Analytics, Crash Reporting, and Event Tracking

We collect analytics, crash reporting, and event-tracking data to operate, improve, and maintain the stability of the Service. This includes: (1) Firebase Analytics (or similar)—usage events, screen views, and in-app interactions to understand how the App is used; (2) Firebase Crashlytics (or similar)—crash reports, non-fatal errors, and device/platform information to diagnose and fix stability issues; (3) event tracking—custom events (e.g., feature use, flows) to improve product and support. This data may include device type, OS version, app version, and anonymized or pseudonymized identifiers. We do not sell this data to third parties. By using the App, you agree to this collection and use as described in this policy. For app store listings, our data collection and use are declared in the respective store’s privacy or data safety sections in line with this policy.

Information We Collect

We may collect information you provide (e.g., account details, email, profile and ledger data) and technical information (e.g., device type, IP address) necessary to provide and improve the Service. We use this information only to operate the App, support you, and improve our services.

Why We Collect Each Type of Information (Creator Earnings & Tax App)

Infinitum Creator Ledger is an app that helps creators track earnings and prepare for taxes. There is a clear gap in the market for tools that help creators manage their income and tax obligations. The following data is required to provide that service safely, legally, and in a way that matches how platforms and tax authorities work. We collect only what is necessary for these purposes.

First name and last name: Required to identify you on tax-related summaries, exports (CSV/PDF), and support communications. Tax documents, 1099s, and accountant-ready exports use your legal name; platforms and tax authorities identify creators by name. This is necessary for the core purpose of the app.

Email: Required for account creation and sign-in, password reset, and important communications about your account, earnings, or tax estimates. It is the primary account identifier and contact method.

Phone number: Used for account recovery and for support when you have questions about earnings or tax-related features. It provides a second way to reach you for security and support.

Birthday: We only serve users who are 18 years of age or older. The app deals with earnings and tax information, which are adult-oriented. Collecting date of birth allows us to verify age, comply with COPPA (we do not knowingly collect from anyone under 18), and restrict access to age-appropriate users.

Password: Used only to secure your account; we do not store plain-text passwords. It protects your financial and tax data from unauthorized access.

We do not sell, rent, or trade this information. We use it solely to provide, maintain, and improve the Service; to communicate with you; to enforce our terms; and to comply with legal obligations. When you fill out the Data safety form (Google Play) or App Privacy labels (App Store), you can cite this section as the justification for collecting name, email, phone, and date of birth.

How We Use Information

Your information is used to provide, maintain, and improve the App; to communicate with you; to enforce our terms; and to comply with legal obligations. We do not use your data for purposes unrelated to the Service without your consent.

Data Processing and Sub-Processors

We process personal data to provide the Service. Our sub-processors include Firebase (Google LLC) for authentication, database, storage, analytics, and crash reporting (e.g., Firebase Crashlytics). We use them under contract and in accordance with our Privacy Policy. For processor commitments and standard contractual terms, see Settings → Legal → Data Processing Addendum.

Your Rights (EEA/UK and California)

If you are in the European Economic Area (EEA) or UK, you have rights under the GDPR (e.g., access, rectification, erasure, restriction, portability, object, lodge a complaint with a supervisory authority). See Settings → Legal → GDPR / EEA Privacy Rights for details. California residents: see California Privacy Rights (CCPA/CPRA).

Disclaimer of Warranties and Limitation of Liability

THE APP AND DATA HANDLING ARE PROVIDED “AS IS.” To the maximum extent permitted by law, Infinitum Imagery LLC and its affiliates shall not be liable for any damages (including data breach, loss, or misuse) arising from your use of the App or from the acts of third parties. Our liability for claims relating to this Privacy Policy or data handling is subject to the limitations and caps set forth in our Terms and Conditions. You may not hold Infinitum Imagery LLC liable for claims relating to data security beyond our obligation to use reasonable security measures as described here. You use the Service at your own risk.

Not Legal Advice

This Privacy Policy is for informational purposes only and does not constitute legal advice. For questions about your privacy rights or applicable laws, consult a qualified attorney.

Changes

We may update this Privacy Policy from time to time. Continued use of the App after changes constitutes acceptance of the updated policy. Material changes may be communicated via the App or email where appropriate.

Contact

For privacy-related questions or requests, contact Infinitum Imagery LLC through the official channels provided in the App or at our registered business address.