Growmetry

Privacy

Privacy in plain English.

Growmetry asks for your financial information, and we take that responsibility seriously. This page explains what we collect, where it lives, and how to delete it.

Last updated 2026-05-23

What we collect

  • Your email address, so you can sign in and receive invitations or sign-in links.
  • Your household's financial entries: account names, balances, deposits, withdrawals, goal targets, property and vehicle values, and mortgage and loan details. Whatever you type in.
  • Optional photos of household members, vehicles, or property. Only what you upload.
  • Basic usage events: sign-in, household creation, entries added, and exports. Aggregated counts only, with no transaction details.
  • Error reports when something goes wrong: the error message, the page you were on, and basic browser information. Used only to fix bugs.

What we don't collect

  • Bank account login credentials. We never ask for them.
  • Transaction-level data from your bank. You enter monthly closing balances; we never see line items.
  • Your IP address, beyond what Google Cloud's infrastructure logs for abuse prevention.
  • Third-party tracking cookies or pixels of any kind.

Where it lives

Everything sits in our Firebase project (Google Cloud), hosted in the North American region (nam5). The data is encrypted in transit (TLS) and at rest (Google Cloud's platform-level encryption).

The database is locked down by security rules: only authenticated members of your household can read or write your household's data. Even we can't read your numbers from a regular login. We would have to use the same Firebase console you can use to delete your data, which leaves an audit trail.

Who sees it

  • You and any partner you've invited and who has accepted.
  • Google Cloud's operational systems (encrypted, automated; subject to Google's enterprise SLAs and Canadian data-residency commitments).
  • Us, only when investigating a bug you've reported, and only with the minimum data needed to reproduce it.

Your rights

  • Export anytime. Settings → Export all data (CSV). One file, all your data.
  • Delete anytime. Settings → Reset all data wipes your local copy. To delete the cloud copy as well, email us and we'll purge your household and your auth record within 7 days. (Self-serve cloud delete is coming.)
  • Change your email. Change it on the Google account or the email-link address; sign in once with the new one and we'll migrate the auth record on request.

If we shut down

If we ever wind Growmetry down, we commit to 60 days' notice and a final CSV export window that's available without an account. Your data is yours; we will not lock it behind a paid tier.

Third parties we use

  • Google Firebase: authentication, database, file storage, server functions, and hosting.
  • SendGrid (via the Firebase Trigger Email extension): transactional emails for invitations and sign-in links. We don't send marketing email.
  • Google reCAPTCHA (via Firebase App Check): bot protection. It does not see your financial data.

Children

Growmetry is not directed at people under 18 and we don't knowingly accept their data. If you discover a child has registered, email us and we'll delete the account.

Contact

Questions, concerns, or a request to delete your data: hello@growmetry.ca.

Open the app