← Back to Home

Legal

Privacy Policy

Last Updated: March 2026

This policy explains what data Moni collects, why we collect it, who can access it, and what rights you have over it. We believe you should understand exactly what happens with your information — so we wrote this to be read, not just accepted.

1

Who We Are

Moni is a personal finance AI built by FinentLabs. You use it by chatting with @monitrackerbot on Telegram. Our website at getmoni.tech is for information and marketing purposes only — the product itself lives entirely inside Telegram.

When this policy says "Moni," "we," "us," or "our," it means FinentLabs and the Moni service. "You" means you, the person using Moni.

2

What We Collect

When you use Moni, we collect and store the following data. Every item here exists because the service needs it to function — we do not collect anything beyond what is required to deliver and maintain the experience you requested.

DataWhy we need it
Telegram user IDYour primary identifier — this is how Moni recognizes you across conversations
Telegram username and first nameTo address you by name and personalize responses
Language codeTo detect and respond in your preferred language
Messages you send to the botTo understand your requests, provide AI responses, log transactions, and maintain conversation context
Financial data you enterExpenses, income, categories, amounts, dates, currencies, descriptions, and savings goals — the core of what Moni does for you
Receipt images (paid users only)Processed in real time by AI to extract transaction details — images are not retained after processing
Timezone offsetTo display your dates and times in your local timezone
Budget settingsMonthly and per-category budgets you configure, used to generate spending warnings
Preferred currencyTo display all amounts in the currency you choose
Subscription statusTo determine whether you are on the Free or Paid plan and deliver the appropriate feature set
Usage countersMessage counts, daily and hourly interaction limits — used for rate limiting and enforcing plan boundaries
Last active timestampInternal operational metric for understanding service usage patterns
3

What We Do Not Collect

We want to be equally clear about what Moni never collects, requests, or stores:

  • Your real name, email address, phone number, or home address — unless you voluntarily type this information into a message.
  • Payment card numbers, bank account details, or any financial credentials — all payment processing is handled entirely by Paddle, our merchant of record. We never see your card.
  • Your GPS location, IP address, or any form of device location data.
  • Your phone contacts, call logs, photos (other than receipts you choose to send), or any data from your device.
  • Browser cookies, tracking pixels, advertising identifiers, or any form of cross-site tracking — Moni is a Telegram bot, not a website application.

Moni does not connect to your bank accounts, credit cards, or any financial institution. Every piece of financial data in Moni exists because you typed it.

4

How Your Data Is Processed

To deliver the Moni service, your data is processed by the following infrastructure providers. Each provider sees only the data necessary for its role:

Database provider

Primary database — stores all user data, transactions, goals, budgets, and conversation history

Sees: All data listed in Section 2Location: United States

Groq (AI provider)

AI language model provider — processes your messages so Moni can understand natural language and respond

Sees: Message content, including any financial information contained in your messagesLocation: United States

Telegram

Message delivery platform — the interface through which you interact with Moni

Sees: Your messages, Telegram user ID, username, and profile informationLocation: Telegram's global infrastructure

Paddle (payments)

Merchant of Record — processes all payments, issues invoices, handles taxes and refunds

Sees: Payment and billing data onlyLocation: United Kingdom and United States

Hosting provider

Application hosting — runs the Moni server that processes your requests

Sees: Transient request data during processing — no independent storage of user dataLocation: United States

Currency conversion service

Provides real-time exchange rates for multi-currency support

Sees: No user data — only currency codes are sentLocation: N/A
5

AI Processing Transparency

Moni uses artificial intelligence to understand your messages and generate responses. This is a core part of how the service works, and we want you to understand exactly what that means.

What happens when you send a message

Your message is sent to Groq's AI infrastructure, where it is processed by a large language model to determine what you're asking and generate an appropriate response. This includes understanding transaction details, answering questions about your finances, and producing insights based on the data you have entered.

Your data and model training

Moni does not use your data to train, fine-tune, or improve any AI models. Your messages are processed for the sole purpose of providing you with a response in that moment.

Third-party processing

AI processing is performed by Groq (groq.com), a third-party infrastructure provider. Your messages — including any financial information they contain — are transmitted to Groq's servers for processing. Groq's handling of this data is governed by their own privacy policy.

AI limitations

AI-generated responses may occasionally be inaccurate, incomplete, or unexpected. Moni is a financial tracking tool, not a financial advisor. You should not rely on AI-generated content as professional advice of any kind.

6

Payments and Paddle

Our order process is conducted by our online reseller Paddle.com. Paddle is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns.

What Paddle handles

When you subscribe to Moni, you complete your purchase through Paddle's checkout. Paddle collects your payment information, processes the transaction, issues your invoice, and calculates and remits all applicable taxes (VAT, GST, sales tax) on your behalf. Paddle also handles refund requests and billing disputes.

What FinentLabs never sees

We do not have access to your credit card number, bank account details, billing address, or any payment credentials. This information is collected and stored exclusively by Paddle under their own security and privacy standards.

For details on how Paddle handles your data, see Paddle's Privacy Policy at paddle.com/legal/privacy. Your purchase is also subject to Paddle's Buyer Terms at paddle.com/legal/checkout-buyer-terms.

7

Why We Process Your Data (Legal Basis)

Under applicable data protection law, we process your data on the following legal bases:

Performance of a contract (GDPR Article 6(1)(b))

Most of the data we process is necessary to deliver the service you requested. When you message Moni, you are asking us to process that message, understand it, and respond. Your financial data is processed because tracking it is the core function you signed up for.

Legitimate interests (GDPR Article 6(1)(f))

We process certain data for our legitimate interests in operating, securing, and improving the service. This includes rate limiting to prevent abuse, logging errors to maintain reliability, monitoring for spam and fraudulent activity, and analyzing aggregated usage patterns to improve the product. These interests are balanced against your rights and do not override your fundamental privacy.

Legal obligation (GDPR Article 6(1)(c))

In limited circumstances, we may process or retain data to comply with legal obligations, such as responding to valid legal requests or maintaining records required by law.

Consent

For optional features such as daily reminders and weekly financial reports, processing is based on your preferences. You can enable or disable these at any time within the bot.

8

How We Use Your Data

We use your data for the following purposes and no others:

  • Providing the service — processing your messages, logging transactions, generating AI responses, producing spending charts and financial reports.
  • Delivering scheduled features — daily reminders, weekly spending reports, and monthly financial recaps, based on your preferences.
  • Operating and maintaining the service — monitoring system health, diagnosing errors, enforcing rate limits, and ensuring service reliability.
  • Preventing abuse — detecting and blocking spam, enforcing Terms of Service, investigating potentially fraudulent or harmful activity.
  • Providing support — if you contact us at hello@getmoni.tech, we may access your account data to investigate and resolve your issue.
  • Improving the service — analyzing aggregated, non-identifiable usage patterns to understand how Moni is used and where it can be improved.

We do not sell, rent, lease, or trade your personal data to any third party. We do not share your data with advertisers. We do not use your data for profiling or automated decision-making beyond what is necessary to deliver the service features you use.

9

Data Retention

Your data is retained for as long as you actively use Moni. Since Moni identifies you by your Telegram ID rather than a traditional account, "active" means you have an existing interaction history with the bot.

Active users

All data described in Section 2 is retained for the duration of your use of the service. This allows you to access your full transaction history, goals, and settings whenever you return.

Inactive users

If you have not interacted with Moni for an extended period, your data remains stored unless you request deletion. We do not automatically delete data based on inactivity.

After deletion

When you delete your data (see Section 10), it is permanently removed from our primary database immediately. Residual copies in encrypted backups may persist for up to 30 days before being overwritten through normal backup rotation cycles.

Receipt images

Photos you send for receipt scanning are processed in real time by our AI provider and are not stored in our database after the transaction has been extracted and logged.

10

Your Rights

You have the following rights over your data, regardless of where you are located. For EU/EEA residents, these rights are protected under the General Data Protection Regulation (GDPR). For California residents, under the California Consumer Privacy Act (CCPA).

Right to access

You can request a copy of the data we hold about you. Moni includes a built-in export feature that lets you download your transaction history as a CSV file directly from the bot. For a complete data export beyond transactions, contact hello@getmoni.tech.

Right to deletion

You can delete your data at any time. Send /clear to Moni in Telegram to permanently and immediately delete all your transactions, goals, budgets, and usage history. This action is irreversible. For complete deletion of all data associated with your Telegram ID (including your user profile record), contact hello@getmoni.tech.

Right to rectification

You can correct inaccurate data directly within the bot by editing transactions, adjusting budgets, and updating your settings. If you need assistance correcting data that is not directly editable, contact hello@getmoni.tech.

Right to data portability

You can export your financial data in a structured, machine-readable format (CSV) using Moni's built-in export feature.

Right to object

You can object to processing of your data for any purpose. Contact hello@getmoni.tech to exercise this right. If you object to processing that is essential to the service, we may not be able to continue providing Moni to you.

Right to restrict processing

You can request that we limit how we process your data while a concern is being resolved. Contact hello@getmoni.tech.

Right to lodge a complaint

If you are in the EU/EEA and believe your data protection rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority.

To exercise any of these rights, contact hello@getmoni.tech. We will respond within 30 days. We will never charge a fee for processing a legitimate data rights request.

11

California Residents (CCPA)

If you are a California resident, the following additional disclosures apply under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Categories of personal information collected: Identifiers (Telegram user ID, username), financial information (transaction data you enter), internet or electronic network activity (messages sent to the bot, usage data), and inferences drawn from the above (AI-generated responses and categorizations).
  • Purpose of collection: To provide, operate, and improve the Moni service as described in this policy.
  • Sale or sharing of personal information: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
  • Retention: As described in Section 9 of this policy.
  • Right to know, delete, and correct: As described in Section 10 of this policy.
  • Right to opt out of sale: Not applicable — we do not sell personal information.
  • Non-discrimination: We will not discriminate against you for exercising your CCPA rights.
12

International Data Transfers

Moni's primary infrastructure is located in the United States. If you are using Moni from outside the United States — including from the European Economic Area, the United Kingdom, or any other jurisdiction — your data will be transferred to and processed in the United States.

Safeguards

We rely on Standard Contractual Clauses (SCCs) as approved by the European Commission, and equivalent safeguards where applicable, to ensure that data transferred internationally receives an adequate level of protection consistent with the standards required by applicable data protection law.

Your acknowledgment

By using Moni, you acknowledge that your data will be transferred to and processed in the United States and other jurisdictions where our service providers operate, and you consent to such transfer and processing.

13

Data Security

We implement reasonable technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These include:

  • All data in transit is encrypted via TLS/HTTPS.
  • Database access is restricted to authenticated server-side connections only — there is no public-facing database access.
  • Admin access to user data is role-based, authenticated, and logged in an immutable audit trail.
  • Webhook endpoints are verified using cryptographic signatures to prevent unauthorized requests.
  • Rate limiting and spam detection operate at multiple layers to protect the service from abuse.

No system is perfectly secure. While we take reasonable precautions to protect your data, we cannot guarantee absolute security. If we become aware of a security breach affecting your personal data, we will notify affected users and relevant authorities in accordance with applicable law.

14

Cookies and Tracking

Moni is a Telegram bot. Using the service involves no cookies, browser fingerprinting, tracking pixels, advertising identifiers, or analytics scripts of any kind.

Our marketing website at getmoni.tech may incorporate basic analytics in the future. If and when this occurs, we will update this section with full details. As of the date above, no tracking of any kind is present on the website.

15

Children's Privacy

Moni is not directed at, designed for, or intended to be used by anyone under the age of 16. We do not knowingly collect personal data from children under 16. If you believe that a child under 16 has used Moni and that we may hold their data, please contact hello@getmoni.tech immediately and we will delete it promptly.

16

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our service providers, or applicable law. When we make changes, we will update the "Last Updated" date at the top of this page.

Notification of material changes

For significant changes that affect how we collect, use, or share your data — such as introducing a new third-party processor or changing the purpose for which data is used — we will notify active users through a message in the Moni Telegram bot at least 14 days before the change takes effect.

Continued use

Your continued use of Moni after the effective date of a change constitutes acceptance of the updated policy. If you do not agree with a change, you may stop using the service and request deletion of your data.

17

Contact

For any privacy-related questions, data access requests, deletion requests, or concerns about how your data is handled:

  • Email: hello@getmoni.tech
  • Website: getmoni.tech

We aim to respond to all inquiries within one business day and to all formal data rights requests within 30 days.

Have a question about your data?

hello@getmoni.tech