Privacy policy

At Toshl Inc. we take privacy and data security very seriously. We believe in the right of our customers to know which data is collected, for what purpose and also in the right of our customers to control this data and remove it if they so wish. In accordance with our beliefs, we make great effort to ensure the transparency of the methods with which we process your data and how we ensure it is kept secure and confidential.

Frequently asked questions (FAQ) about Privacy

Which data do you collect?

We only collect data which is required for the functioning of the Toshl services. We keep the following data about the registered users of this site:

  • data entered by the user (tag, amount, date, description)
  • e-mail address
  • local settings (timezone, date format, currency)
  • mobile device name (which can be can set in Settings)
  • IMEI number of the mobile device
  • date of the last sync with Toshl.com and IP number from which it came
  • GPS location of the noted data (only on Windows Phone, optional)

Due to requirements for the processing of payments, we also keep the name, last name, address and the PayPal ID information about the Toshl Pro Members of the site.

What do you use the data for?

The data is used for the functioning of the Toshl services.
The financial data is obviously kept so you have logs about what, when and how much you have spent. Based on that we can also draw graphs and produce other statistics about your spending that you may find of interest.
Local settings are kept so we can properly display and maintain your expenses according to your local customs.
Mobile device name & IMEI are kept so we have a unique identifier of your mobile device to enable syncing and prevent conflicts of data between different devices.
Date of the last sync and IP number is kept so we can warn you to keep your data up to date, secure and know which data is latest. We also display the location of syncs in real time on http://toshl.com/live The data is anonymous, the only thing displayed is the estimated location and the device model. Location is estimated based on the IP number and is only accurate to the city-level.

We reserve the right to conduct anonymous analysis and processing of the financial data stored on the site. This is to identify various interesting statistical data and find out more about spending habits in general. Such analysis is always done on an anonymous basis and does not include any of your personal data that could be used to identify you is included. We may share such anonymous and aggregated data with our partners or general public.

We value your privacy and will never sell
your personal information to anyone.

How do you protect the data and ensure secrecy?

We take many precautions and enforce safety measures to ensure that your data is kept confidential and secure.

  • SSL encryption (https) everywhere where we deal with personal data
    (Sync API, Settings, Log in/out…)
  • we never send sensitive information in plain text
  • daily backups of servers are kept
  • your passwords are stored with one way hashing algorithm and
    are known only by you
  • you cannot retrieve a lost password, you can only set a new one
    once you receive the reset e-mail
  • data is kept on secure servers in Germany
  • only Toshl Inc. employees may access the data on the servers
How long do you keep the data?
Your data is kept as long as you have an account with Toshl. You may always chose to leave and delete your account. In that case your data will be deleted and we will no longer kept on our servers. Because we keep daily backups to ensure data security, your data may still be present for a while in the backups, but it will also be deleted soon as it will be overwritten with newer backups.
Can I update or correct my data?
Of course. Your personal data is editable in account settings and the expenses are editable on your mobile device and on Toshl.com if you have a Toshl Pro account. Some data such as the IMEI number of your phone is unmodifiable, but you may always choose to remove your device from sync if you wish.
How can I remove my data?
When logged in, go to Settings where you will find the link "Delete my account". Once you confirm the deleting of your account, your data will be deleted and we will no longer kept on our servers. Because we keep daily backups to ensure data security, your data may still be present for a while in the backups, but it will also be deleted soon as it will be overwritten with newer backups.
Do you use cookies and why?
Yes, we use cookies, but for very limited purposes. A cookie is a piece of data stored on the user’s computer tied to information about the user. We use session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. Such cookies are deleted immediately once you close your web browser's window. We also use a more permanent cookie if you check the option "Remember me" when you Log in. That cookie is then read the next time you visit the site so you don't have to log in manually each time.