Legal

Privacy Policy

Last updated: May 8, 2026

Summary

Subnesio is a subscription tracking service. We collect the minimum data needed to authenticate you, store the subscriptions you add yourself, and send the email reminders you opt into. We do not sell your data. We do not run third-party advertising trackers.

Data we collect

  • Account data: email address (and your Google profile name and avatar if you sign in with Google).
  • Subscription records: service name, price, currency, billing cycle, payment method label, and notes — all entered by you.
  • Preferences: home currency, reminder window, language, theme, and your iCal feed token.
  • Operational logs: standard server logs (timestamps, IP, user agent) kept short-term for security and debugging.

How we use it

  • To authenticate you and keep your account secure.
  • To display your subscriptions, analytics, and forecasts.
  • To send transactional email — primarily upcoming-payment reminders — when you enable them.
  • To generate the iCal feed you can subscribe to from your calendar app.

Processors we use

  • Supabase — authentication and database (EU region, Ireland).
  • Vercel — application hosting.
  • Resend — transactional email delivery (EU region).
  • Google — only if you choose Google Sign-In.
  • open.er-api.com — public exchange rate data for currency conversion (no personal data sent).
  • Sentry (Functional Software, Inc., US) — error monitoring. We send technical exception details (stack trace, browser, OS, anonymized URL) when an unhandled error occurs. Form input, IP addresses, authentication tokens, and cookies are stripped before the event leaves your browser. Standard contractual clauses apply for transfers outside the EU.

Cookies

We use a small number of cookies and local storage entries strictly required for the service: a session cookie set by Supabase Auth, and local preferences such as your theme and language. No advertising cookies. No analytics cookies.

Your rights

You can access, export, correct, or delete your data at any time. To request deletion or a data export, email contact@subnesio.one. We respond within 30 days. EU/UK users have rights under GDPR; California residents have rights under CCPA — both are honored regardless of where you live.

Retention

We keep your account data while your account is active. If you delete your account, your subscription records and preferences are removed. Server logs are retained for up to 30 days and then rotated.

Changes

If we materially change this policy we will update the date above and, where required, notify you by email.

Contact

Questions? Reach us at contact@subnesio.one.

Privacy Policy | Subnesio