Your data stays yours.

When you sign up, we collect your display name and email address. Passwords are managed securely by Firebase Authentication and are never accessible to us in plain text. If you sign up with Google, we receive your name and email from them instead.

If you add payment methods, we store your DuitNow ID, Touch 'n Go number, or GrabPay number. These are encrypted at rest and only shown to members of bills you create. We do not use them to move money.

We store the bills you create, items you add, amounts recorded, and contribution history. This is the core of what Kira does — without it, there's no app.

We collect crash logs and error reports via Sentry, and anonymous usage analytics via Umami. This includes pages visited, general interaction patterns, and error context. No personally identifying information is collected by either service. Sentry may capture device, browser, and OS context attached to error events. Umami is cookieless and does not track you across sites.

We use Umami to collect anonymous, cookieless usage data — including pages visited, device type, browser, and country. This data is aggregated and cannot be used to identify you. It is used solely to understand how the app is being used and to improve it. We do not use it for advertising or share it with third parties.

Your account data lets you log in. Your bill data is the product. Your payment identifiers let others know how to pay you. None of this is collected for any other reason.

We do not serve ads. We do not build advertising profiles. We do not share your data with ad networks. Kira makes money when people find it useful — not by monetising your information.

Your display name and payment methods are visible to members of bills you create or join. That's the point. You control what you add.

We use third-party services to host and run Kira — cloud storage, authentication, crash reporting (Sentry), and anonymous analytics (Umami). These providers process data on our behalf under strict agreements. They do not own your data and cannot use it independently.

We may disclose data if required by Malaysian law or a valid court order. We don't do this voluntarily and we'll tell you if we can.

We keep your data for as long as you use Kira. We don't archive old bills or hold onto data you've deleted within the app.

Deleting your account permanently removes your profile, payment methods, and all bills you created. This cannot be undone. Contribution records on bills created by others may be anonymised rather than deleted, to preserve the integrity of those bills.

Under Malaysia's Personal Data Protection Act, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or outdated data
• Withdraw consent and request deletion
• Know how your data is being used

Email us at [email protected] with your request. We'll respond within 14 days. No hoops, no runaround.