Home fm365

Privacy Policy

Last Updated: January 25, 2026

Welcome to Kivita! We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how your information is handled when you use Kivita’s products and services, including:

  • FM365 - Personal finance management app
  • BMS360 - Business finance management and CRM platform

This policy applies to all applications, websites, and services provided by Kivita.

Part A: General Terms (Applies to All Products)

1. Information We Collect

1.1 Information You Provide

  • Email address (when creating an account)
  • Display name and profile photo (optional)
  • Contact information when you reach out to support

1.2 Information Collected Automatically

  • Device type and operating system
  • App version
  • IP address (used transiently for network communication and security purposes; not stored or used for profiling)

1.3 Third-Party Services

  • PostHog: Anonymized usage data (analytics)
  • Sentry: Crash reports and performance data (error tracking)

We do not use analytics data for advertising, cross-app tracking, or user profiling.

2. How We Use Your Information

We use your information to:

  • Provide and maintain our services
  • Enable optional cloud sync functionality
  • Improve performance and stability
  • Respond to support requests
  • Comply with legal obligations

3. Data Sharing

We do not sell your personal data and do not share it with third parties for advertising purposes.

We may share limited data with trusted service providers strictly for providing core functionality:

  • Supabase - Authentication and cloud storage
  • Google Sign-In - Optional authentication
  • PostHog - Anonymous analytics
  • Sentry - Error tracking

4. Data Retention

  • Local data is retained until you delete it
  • Cloud data is retained until account deletion
  • Analytics data is retained in anonymized form for up to 2 years
  • Error logs are retained for up to 90 days

5. Your Rights

You have the right to:

  • Access or update your account information
  • Request export of your data
  • Delete your account at any time
  • Control permissions through your device settings

6. Children’s Privacy

Kivita products are not intended for children under 13. We do not knowingly collect personal data from children.

7. International Data Transfers

Your data may be processed in countries outside your place of residence. We rely on service providers that implement appropriate safeguards and comply with applicable international data protection standards.

Part B: FM365 - Personal Finance Management

FM365 is designed with a privacy-first architecture. You can use the app without creating an account, and your financial data will remain stored locally on your device.

8. Two Usage Modes in FM365

8.1 Local-Only Mode (No Account Required)

  • All financial data (transactions, accounts, categories) is stored locally on your device
  • No cloud synchronization is performed
  • Your financial data never leaves your device

8.2 Sync Mode (With Account)

  • Data can be synchronized across multiple devices
  • Data is end-to-end encrypted before syncing

9. End-to-End Encryption (E2EE) in FM365

FM365 uses end-to-end encryption to protect your financial data:

  • Algorithm: AES-256-GCM
  • Encryption/Decryption: Occurs only on your device
  • Encryption Keys: Generated and controlled by you
  • Our Servers: Store only encrypted data that we cannot decrypt

Important Note: Due to end-to-end encryption, we cannot access the contents of your financial data, even in response to valid legal requests.

10. Data Collected by FM365

Data TypeLocal ModeSync Mode
Transactions, accounts, categoriesDevice onlyE2EE encrypted
Email, display nameNoYes
Anonymized analyticsYesYes
Crash reportsYesYes

Part C: BMS360 - Business Management

BMS360 is a business finance management and customer relationship management (CRM) platform.

11. Data Collected by BMS360

11.1 Business Data

  • Company information (name, address, tax ID)
  • Business financial data (income/expenses, invoices, reports)
  • Information of employees authorized to use the system

11.2 CRM Data

  • Customer and partner information
  • Transaction and interaction history
  • Notes and related documents

11.3 User Data

  • User account information
  • Activity logs (audit log)
  • Permissions and roles

12. BMS360 Data Security

  • Data encrypted in transit (TLS 1.3)
  • Data encrypted at rest (AES-256)
  • Multi-factor authentication (MFA) supported
  • Access logs maintained for security auditing
  • Regular data backups

13. Business Responsibilities

When using BMS360 to store customer data, your business is responsible for:

  • Ensuring legal basis for collecting and processing customer data
  • Notifying customers that their data is stored on the system
  • Complying with data protection regulations applicable to your business

Part D: Additional Information

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through:

  • Updating the “Last Updated” date above
  • In-app notifications (for significant changes)
  • Email (if you have registered an account)

15. Contact Us

If you have any questions about this Privacy Policy, please contact us:

KIVITA Email: privacy@kivitapps.com Website: https://kivitapps.com