ellis.
← Renew+

Legal · Renew+

Privacy Policy

Version date: 15 June 2026 · Effective: 15 June 2026

Renew+ (“the App”) is developed and operated by Braden Cole Ellis, a sole trader based in New Zealand (“we”, “us”, “our”). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights. We are the data controller for all personal information collected through the App.

Our standard: We apply a single, high privacy standard to every user across the countries where Renew+ is available. That means the same strong privacy rights, clear retention limits, and transparency about every party we share data with. Some countries also give you specific local rights, listed in Section 9. We do not connect to bank accounts, process payments, or transfer funds. We do not sell your personal data. Ever.

1. Information We Collect

Information You Provide Directly

  • Account: Email address, display name, profile photo
  • Financial records: Income amounts and frequency, employer details, bill amounts and due dates, expense records, bank account numbers (for identification only), CSV-imported transaction data, KiwiSaver / superannuation contribution rates, savings goal names and targets, piggy bank balances, budget records, financial year records
  • Planning data: Meal plans, recipes, shopping lists, pantry items
  • Personal records: Goals, journal entries, mood entries
  • Social data: Community posts, friend connections, family group membership
  • Preferences: Home region, currency, theme, notification settings, food allergies and preferences

Some of this information — for example, food allergies, mood entries, and journal content — may reveal health or other sensitive details about you. We process it only to provide the features you choose to use, on the basis of your consent (which you give by entering it), and never to infer health conditions or for any unrelated purpose.

Information Collected Automatically

Firebase (our cloud infrastructure provider, operated by Google LLC) automatically collects certain technical data including authentication tokens, session identifiers, app crash reports, and general usage data (feature interactions, timestamps). We do not collect your precise device location.

Device Permissions

  • Calendar: Display bills, goals, and meal plans alongside your personal calendar events. We do not store your calendar contents on our servers.
  • Face ID / Touch ID: Authenticate you quickly and protect Finance and Journal sections. Biometric data never leaves your device.
  • Push notifications: Send reminders for bills, goals, and alerts you configure.
  • Camera / Photo Library: Upload a profile avatar photo, stored in Firebase Storage.

You may revoke any permission at any time in iOS Settings without affecting other App functionality.

2. How We Use Your Information

  • Create and manage your account and provide all App features
  • Sync your data across your devices via Firebase
  • Perform tax and financial calculations based on data you enter
  • Provide AI features (goal planning, recipe scanning) when you choose to use them
  • Send push notifications you have enabled
  • Respond to support requests
  • Improve the App using aggregated, anonymised usage data
  • Comply with legal obligations

We do not use your data for targeted advertising, credit scoring, automated decision-making that produces legal or similarly significant effects, or sale to third parties.

3. Why We Use Your Data

We use your information to provide the App you signed up for and the features you choose to use:

  • To run the App — creating your account, core features, data sync, and tax/financial calculations from the data you enter.
  • With your consent — optional AI features (goal planning, recipe scanning) and any sensitive details you choose to enter (allergies, mood, journal content). You can simply not use these, and you can withdraw consent at any time.
  • To keep the service running and safe — security, fraud prevention, responding to support, and improving the App using aggregated, anonymised usage data.
  • To meet our legal obligations.

Where we rely on your consent, you may withdraw it at any time without affecting anything we did before you withdrew it.

4. Who We Share Data With (Sub-processors)

We do not sell, rent, or trade your personal information. We share data only with the following service providers, who process it on our instructions:

  • Google Firebase (Firestore, Authentication, Storage), operated by Google LLC, United States — database, authentication, and file storage. Privacy Policy
  • Anthropic, PBC, United States — powers AI features (goal planning, recipe scanning). Data you submit to an AI feature is sent to Anthropic only to generate your result. Anthropic processes it as our service provider and does not use it to train its models. Privacy Policy
  • Apple Inc. (StoreKit, App Store), United States — subscription management and payments. Apple processes your payment data as an independent controller under its own terms. Privacy Policy

We may also disclose information where required by law, court order, or to protect the rights, property, or safety of our users or others.

5. International Data Transfers

We are based in New Zealand, and our service providers are located in the United States. This means your personal data is transferred to and processed in the United States and potentially other countries. The named transfers are:

  • Google LLC (Firebase) — United States. Safeguard: contractual data-protection commitments with Google.
  • Anthropic, PBC — United States. Safeguard: a data processing agreement, for AI features only.
  • Apple Inc. — United States. Safeguard: Apple's own compliance framework.

For Australian users, we comply with the Australian Privacy Principles on cross-border disclosure. You may request more detail on these safeguards by emailing braden@craftedbyellis.com.

6. Data Retention

We keep personal data only as long as we need it for the purpose it was collected, then delete or anonymise it. Our retention schedule:

  • Account and all in-app content (financial records, goals, journals, meal plans, recipes, social data, etc.) — kept while your account is active.
  • After you delete your account — erased from our live systems promptly, and within 30 days at the latest.
  • Encrypted backups — automatically overwritten on a rolling cycle and fully purged within 90 days of deletion.
  • Crash and aggregated usage data — retained in anonymised or aggregated form that no longer identifies you.
  • Records we must keep by law (e.g. limited transaction or correspondence records) — kept only for the period the law requires, then deleted.

7. Account Deletion

You can delete your account and all associated data at any time from Settings → Delete Account inside the App. This permanently erases your records, including: financial records, bank account numbers, CSV imports, goals, journals, meal plans, recipes, shopping lists, pantry items, mood entries, social data, and profile photos.

  • Live data is removed promptly; backups are purged within 90 days (see Section 6).
  • Deletion is irreversible — we cannot recover deleted data.
  • If you cannot access the App, email braden@craftedbyellis.com from your account email and we will delete your data on request.
  • Deleting your account does not cancel an Apple subscription — manage that in your Apple Account settings.

8. Data Storage and Security

Your data is stored in Google Firebase's Cloud Firestore and Firebase Storage. All data is encrypted in transit (TLS) and at rest. We restrict access to your data, use authentication controls, and review our security practices. No system is perfectly secure, but we take reasonable steps to protect your information.

9. Your Privacy Rights

Everyone — our global baseline

Regardless of where you live, you can ask us to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your data (“erasure”)
  • Export your data in a structured, machine-readable format (portability)
  • Restrict or object to certain processing
  • Withdraw consent at any time where we rely on it
  • Complain to us, and to your local privacy regulator

Most of these you can do yourself in the App (edit or delete data, export where available, toggle permissions). Otherwise email braden@craftedbyellis.com. We respond within 30 days (sooner where local law requires) and never charge for a reasonable request. We will not discriminate against you for exercising these rights.

New Zealand — Privacy Act 2020

You have the right to request access to and correction of personal information we hold. We will respond within 20 working days. Complaints may be made to the NZ Privacy Commissioner.

Australia — Privacy Act 1988

You have the right to access and correct your personal information and to complain about breaches of the Australian Privacy Principles. Unresolved complaints may be escalated to the Office of the Australian Information Commissioner (OAIC).

United States — California (CCPA/CPRA)

California residents have the right to know what personal information we collect, request deletion and correction, and opt out of the “sale” or “sharing” of personal information — we do not sell or share personal information. Categories collected include: identifiers (email, display name), financial information (income, bills, bank account numbers), commercial information (subscription tier), internet/network activity (app usage), and inferences (preferences, settings).

Canada — PIPEDA / Quebec Law 25

You have the right to access, correct, and withdraw consent for processing your personal information. Quebec residents additionally have data portability rights. Contact braden@craftedbyellis.com. We respond within 30 days.

India — DPDP Act 2023

You have the right to access, correct, and erase your personal data, and to nominate another person to exercise these rights on your behalf. Contact braden@craftedbyellis.com.

Singapore — PDPA

You have the right to access and correct personal data we hold, and to withdraw consent for its collection and use. Contact braden@craftedbyellis.com.

10. Data Breach Notification

In the event of a data breach likely to cause harm, we will notify affected users and regulators:

  • New Zealand: As soon as practicable (Privacy Act 2020)
  • Australia: Within 30 days (Notifiable Data Breaches scheme)
  • Canada: As soon as feasible where real risk of significant harm exists (PIPEDA)

11. Children's Privacy

Renew+ is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has created an account, contact us at braden@craftedbyellis.com and we will delete the account promptly.

12. Cookies and Tracking

Renew+ is a native iOS application and does not use cookies. Firebase may use device identifiers for session management and crash reporting — these are not used for advertising.

13. Changes to This Policy

When we make material changes, we will update the version date at the top of this page and prompt you to review and re-accept within the App before continuing. Previous versions are available on request.

14. Contact and Complaints

Braden Cole Ellis (Crafted by Ellis)
Privacy enquiries: braden@craftedbyellis.com
General support: braden@craftedbyellis.com
Location: New Zealand

We take privacy complaints seriously and will respond within 10 business days. If we cannot resolve your complaint, you have the right to escalate to the relevant regulator in your jurisdiction (listed in Section 9 above).

Plain English:We collect what we need to make the app work, keep it secure on Firebase, never sell it, and give everyone the same strong rights — access, correction, export, and deletion — no matter where you live. AI features send your input to Anthropic in the US only to generate your result, and it's not used to train their models. Delete your account anytime and it's gone within 30 days (90 for backups).