Privacy Policy
Effective Date: June 17, 2026 Last Updated: June 17, 2026
Facets Novum LLC d/b/a GroDefri ("GroDefri", "we", "us", or "our") provides the GroDefri mobile app and web companion (the "Service"), a 30-day program and set of tools to help you get out of debt and manage your money, meals, and mindset. This Privacy Policy describes how we collect, use, share, and protect information when you use the Service or visit our website at https://growdebtfree.com (the "Site").
The Service includes:
- The marketing website at https://growdebtfree.com
- The GroDefri mobile apps for iOS, iPadOS, and Android
- The web companion at https://app.growdebtfree.com (account and subscription management)
By using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.
GroDefri is an educational and organizational tool. It does not provide professional financial, legal, tax, or investment advice.
1. The Short Version
- You can use the core app as a guest, with no account. In guest mode your information stays on your device and is not collected by us.
- If you create an account, we sync the information you enter so it is available across your devices. That is the main reason we collect anything.
- We do not sell your data, we do not show ads, and we do not use your data to track you across other apps or websites.
- You can export or delete your data at any time.
The sections below give the detail.
2. Information We Collect
Information you provide directly
- Account information. If you create an account, we collect your email address and an authentication identifier. Sign-in is handled by Firebase Authentication, optionally through Google or Apple sign-in. We do not see or store your Google or Apple password. If you use Apple sign-in with "Hide My Email", we receive only the relay address Apple provides.
- The information you enter in the app. This is the content you create as you use the program: your debts and balances, budget buckets, spending entries, wins, meal selections, reminders, and your progress through the 30-day reset. You choose what to enter. This is financial information about you, so we treat it with care, but it is not health information.
- Optional smart spend entry. If you use the optional feature that turns plain language (for example, "groceries 40 bucks") into a categorized entry, the short text you type is sent to our AI provider (Anthropic) to interpret it. We do not send your name, email, or account identifier with it. Anthropic processes the text to return a category and does not use it to train its models. Basic parsing also runs on your device, so the feature degrades gracefully without the AI step.
- Support and feedback. If you contact us at support@growdebtfree.com or send feedback through the app, we keep a record of the message and the email address you provide so we can follow up. The in-app feedback form has an optional "Include diagnostic info" toggle. When you turn it on, your report also includes technical details that help us debug: the app and operating system version, your device model, your app language, and a short list of your recent in-app actions (for example, "sign-in", "sync error"). This diagnostic information is optional, is sent only when you choose to send feedback, and never includes your financial figures; any access tokens or email addresses that might appear in the activity list are removed automatically before the report is sent. We use it only to respond to you and improve the app.
Information collected automatically
- Limited technical information. We do not run analytics, advertising, or crash-reporting tools, so we do not automatically collect usage data, crash reports, or performance metrics. The only device or diagnostic details we receive are the ones you choose to include when you send feedback (described under "Support and feedback" above) and the anti-abuse tokens below. Basic connection information (such as your device language and time zone) is used in the moment to format dates and currency and to operate the Service.
- Anti-abuse tokens. Firebase App Check tokens (Apple App Attest on iOS and iPadOS, Play Integrity on Android) verify that a request comes from a genuine GroDefri build. These are device-attestation tokens, not a fingerprint of you.
- Local app state. Your theme and language preference, onboarding status, and similar settings are stored locally on your device (and synced with your account if you sign in).
Information from third parties
- Sign-in providers. If you sign in with Google or Apple, we receive a minimal authentication token and your email (or Apple relay address). No contacts, calendar, or other account data is requested.
- Stripe. If you subscribe on the web companion, Stripe sends us your subscription status (active, canceled, renewal date) so the app can unlock ongoing features. We do not receive or store your full card number.
3. How We Use Information
We use information to:
- Provide, operate, secure, and improve the Service.
- Sync your plan, trackers, and progress across your devices when you sign in.
- Authenticate you and prevent unauthorized access.
- Run the optional smart spend entry feature when you choose to use it.
- Process subscriptions through the web companion and unlock the corresponding features in the app.
- Send you account and service messages you ask for (for example, sign-in verification or a reminder you enabled).
- Respond to your support requests and feedback.
- Detect, prevent, and respond to fraud, abuse, and security issues.
- Comply with our legal and tax obligations.
We do not use your personal information for advertising, and we do not use it to train AI models.
4. How We Share Information
We share information only as described below.
Service providers
We use the providers listed below to operate the Service. Each is bound by terms that require appropriate protection of the data they handle. (Confirm this list matches what is actually wired at launch.)
| Provider | Purpose | Data involved |
|---|---|---|
| Google Cloud / Firebase (Authentication, Cloud Firestore, Cloud Functions, App Check) | Account sign-in, database and sync, serverless backend, device attestation | Account email and identifier; the information you enter in the app |
| Stripe | Subscription billing on the web companion | Subscription status; tokenized payment (card data handled by Stripe, not by us) |
| Vercel | Hosting for the web companion (app.growdebtfree.com) | Web requests; no app content stored by Vercel |
| Anthropic | The optional smart spend entry feature only | The short text you submit for categorization (no name, email, or account id) |
We do not sell, rent, or otherwise commercially license your personal information. We do not share it for cross-context behavioral advertising. We update this list as our infrastructure evolves and reflect significant changes in revisions to this Policy.
Legal requirements
We may disclose information when required by law, subpoena, court order, or governmental authority, or when necessary to protect the rights, property, or safety of GroDefri, our users, or others.
Business transfers
If GroDefri is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will post a prominent notice (and where required by law, notify you directly) before any such transfer, and the acquirer will assume the obligations of this Policy with respect to the data transferred.
With your consent
We may share information with third parties when you direct us to.
5. Data Security
We use administrative and technical safeguards to protect information, including:
- TLS for data in transit and encryption at rest in our primary data store (Cloud Firestore).
- Per-user security rules so each account can read and write only its own data.
- Firebase App Check device attestation on protected endpoints.
- Platform credential storage (Apple Keychain on iOS and iPadOS, Android Keystore on Android).
- Least-privilege access to administrative consoles.
No system is completely secure. If we discover a breach affecting your personal information, we will notify you as required by applicable law.
6. Data Retention and Deletion
We keep your information for as long as your account is active, plus a reasonable period for backups, security, and legal or tax requirements. Specifically:
- Guest data lives only on your device. Deleting the app removes it.
- Account data is retained while your account exists. You can delete your account at any time from within the app (Settings), or by emailing support@growdebtfree.com. Deleting your account removes your synced data from our active systems; residual copies may persist in encrypted backups for a limited period before being overwritten.
- Subscription and billing records are retained as required for tax and accounting purposes.
7. Your Rights
U.S. state consumer privacy laws
Depending on your state of residence, you may have rights to know, access, delete, and correct the personal information we hold about you, and to not be discriminated against for exercising those rights. We do not sell your personal information or share it for cross-context behavioral advertising, so there is nothing to opt out of in that respect. (Counsel to confirm the current list of states in scope, for example California, Virginia, Colorado, Connecticut, Texas, and others.)
GDPR (EU and EEA)
The Service is operated from the United States and is not currently marketed to residents of the EU or EEA. If you access it from there, additional rights (access, rectification, erasure, portability, restriction, objection) may apply; confirm scope with counsel.
How to exercise your rights
Email support@growdebtfree.com (or privacy@growdebtfree.com if configured) with your request. We will respond within the timeframe required by applicable law.
8. Children's Privacy
GroDefri is intended for adults managing their own money. It is not directed to children, and we do not knowingly collect personal information from children under 13 (or the equivalent minimum age in your jurisdiction). If you believe a child has provided us personal information, contact support@growdebtfree.com and we will delete it.
9. International Users
GroDefri is operated from the United States. If you access the Service from outside the United States, you consent to the processing of your information in the United States in accordance with this Policy.
10. Cookies and Local Storage
The Site and web companion use strictly necessary cookies and browser storage for sign-in and session management, and basic, aggregate analytics. We do not use cross-site advertising trackers. The mobile apps store settings and session state locally on your device. You can control cookies through your browser settings.
11. Third-Party Links
The Service may link to third-party websites. This Policy does not apply to those sites. We encourage you to read the privacy policy of any third party you visit.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The "Effective Date" and "Last Updated" dates above reflect the current version. If we make material changes, we will post a prominent notice in the Service or on the Site.
13. Contact Us
Questions, requests, and complaints can be directed to:
Facets Novum, LLC d/b/a GroDefri 3961 Floyd Rd, Suite 300-229 Austell, GA 30106 United States
Privacy and support: support@growdebtfree.com