Privacy Policy

Last updated: April 23, 2026

This Privacy Policy describes how NiONlite LLC ("NiONlite", "we", "us", or "our"), a company incorporated in the State of Maryland, United States, collects, uses, discloses, and protects information when you use our mobile applications, including CUB Rates ("the App"). By using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.

1. Information We Collect

We collect only the information necessary to operate and improve the App. The categories of data we collect are:

Information You Provide Directly

• Email address: used for account creation, login, rate alerts, and support communication
• Password: stored as a secure hash by Firebase Authentication (we never see your plain-text password)
• App preferences: your saved favorites, rate alert thresholds, and bank selections
• Support correspondence: any emails you send to our support address

Information Collected Automatically

• Device information: device model, operating system version, app version
• IP address: collected by Firebase for security and abuse prevention; not used to identify you personally or track you across apps
• App usage data: actions within the app (e.g. which screens are viewed) used to improve reliability and features
• Crash and diagnostic data: anonymous error logs when the app crashes or encounters issues
• App Check tokens: short-lived security tokens issued by Apple App Attest (iOS) or Google Play Integrity (Android) to verify the app is genuine; contain no personal data

Information We Do NOT Collect

We do not collect:

• Your legal name, physical address, or phone number
• Payment card numbers, bank accounts, or financial credentials (billing is handled entirely by Apple or Google)
• Precise location data or GPS coordinates
• Contacts, photos, microphone, or camera data
• Any information from tracking across other apps or websites (we do not use the IDFA or engage in cross-app tracking)

2. How We Use Your Information

We use the information we collect strictly to operate the App:

• To create and maintain your account
• To verify your subscription status and unlock premium features
• To send rate drop alert emails based on thresholds you have configured
• To respond to support requests
• To detect and prevent fraud, abuse, and unauthorized access
• To monitor, debug, and improve App performance and reliability
• To comply with legal obligations

We do not sell, rent, share, or disclose your personal data to third parties for their marketing purposes. We do not use your data for advertising or profiling.

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal bases for processing your personal data are:

• Contract: to provide the App and its subscription services you have requested
• Legitimate interests: to keep the App secure, prevent fraud, and improve performance
• Consent: where you have given us specific permission (e.g. rate alert emails)
• Legal obligation: where we must retain data to comply with applicable laws

4. Third-Party Services

The App relies on the following third-party service providers. Each has its own privacy policy governing how they handle your data:

• Google Firebase (Google LLC): authentication, database (Firestore), security (App Check), and serverless functions. Firebase Privacy Policy
• Apple App Store / StoreKit (Apple Inc.): in-app subscription processing and App Attest verification on iOS. Apple Privacy Policy
• Google Play Billing (Google LLC): in-app subscription processing on Android. Google Privacy Policy
• SendGrid (Twilio Inc.): transactional email delivery for rate alerts and account notifications. Twilio Privacy Policy

We do not integrate any third-party advertising networks, analytics trackers, or social-media SDKs.

5. Data Storage and Security

Your account data is stored in Google Firebase Firestore on servers located in the United States. All communication between the App and our backend uses HTTPS encryption in transit. Passwords are never stored in plain text — they are hashed using industry-standard algorithms by Firebase Authentication.

We use Firebase App Check (Apple App Attest on iOS, Google Play Integrity on Android) to verify that API requests come from a genuine, untampered copy of our App. This helps protect your account from automated abuse.

While we take reasonable security measures, no system is 100% secure. We cannot guarantee absolute security of data transmitted over the internet.

6. International Data Transfers

We are based in the United States, and our primary data storage is in the United States. If you access the App from outside the United States, your information will be transferred to, stored, and processed in the U.S. Where required by law (e.g. for EEA users), we rely on Standard Contractual Clauses or other valid transfer mechanisms to protect your data.

7. Data Retention

We retain your personal data for as long as your account remains active, plus a reasonable period after that to comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Active accounts: data retained while the account is active
• Deleted accounts: personal data removed within 30 days of your deletion request, except where retention is legally required (e.g. tax records, fraud prevention)
• Support communications: retained for up to 3 years for quality and training purposes
• Backup copies: may persist in encrypted backups for up to 90 days after deletion

8. Account Deletion and Your Rights

You have the right to:

• Access: request a copy of the personal data we hold about you
• Correct: ask us to fix inaccurate information
• Delete: request deletion of your account and associated data
• Restrict or object: to certain processing of your data
• Portability: receive your data in a machine-readable format
• Withdraw consent: where processing is based on consent
• Lodge a complaint: with your local data protection authority

To exercise any of these rights, email us at support@nionlite.com with the subject line "Privacy Request". We will respond within 30 days. We may need to verify your identity before processing the request.

To delete your account, email us at support@nionlite.com with the subject line "Account Deletion Request". Please note that deleting your account does not automatically cancel active subscriptions — you must cancel these through your Apple ID Account Settings or Google Play Account Settings first.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you specific rights regarding your personal information:

• Right to know what personal information we collect, use, and disclose
• Right to delete personal information we collect from you
• Right to correct inaccurate personal information
• Right to opt out of the sale or sharing of personal information
• Right to limit use of sensitive personal information
• Right to non-discrimination for exercising your rights

To exercise any California privacy right, contact us at support@nionlite.com.

10. Children's Privacy

The App is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have inadvertently collected such information, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at support@nionlite.com.

11. Do Not Track and Tracking

Our App does not track you across apps or websites owned by other companies. We do not use the Apple Advertising Identifier (IDFA), Google Advertising ID (GAID), or similar tracking identifiers. Our App does not respond to Do Not Track ("DNT") browser signals because we do not engage in tracking in the first place.

12. Notifications

If you enable rate alerts, we will send you email notifications at the address on file when a rate you're monitoring meets your threshold. You can disable these notifications at any time by removing alerts in the app or by contacting us. We do not send marketing emails unless you have explicitly opted in.

13. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify affected users and applicable regulatory authorities without undue delay and in accordance with applicable law.

14. Apple App Store Specific Provisions

If you downloaded the App from the Apple App Store, please note that Apple Inc. is a third-party beneficiary of this Privacy Policy and may enforce its terms. Apple is not responsible for our privacy practices, and any privacy complaints should be directed to us at support@nionlite.com.

The disclosures in this Privacy Policy align with the App Privacy labels declared on our Apple App Store listing. If you notice any discrepancy, please contact us.

15. Governing Law

This Privacy Policy is governed by the laws of the State of Maryland, United States, without regard to its conflict of law provisions. This does not limit any rights you may have under the laws of your country of residence.

16. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through the App or by email. Continued use of the App after changes take effect constitutes your acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please reach out: