CodeWhiskers - Mobile app studio

Last updated: February 19, 2026

We respect your privacy and process personal data in accordance with applicable laws (notably GDPR). This document explains what data we process, for what purposes, with whom we share it, how long we keep it, and what rights you have.

These policies apply to the website CodeWhiskers.app and to the apps BetterShelf, DreamWitness, and Kvitta.

What data we process

User account (if you sign in): email/account address – for login and sync.
Product data (entered by you in BetterShelf): name, category, expiry date, notes – to provide app features (tracking, reminders, statistics).
Diagnostics (aggregate): technical logs and errors (e.g., an "app_crash" event with stack trace) – to improve stability and security.
Session replay in the app: screens and interactions with masking of text inputs and images – for debugging and UX improvements.
Shelf sharing data: inviter's email and optionally invitee's email – to create and manage invitations.
Technical and operational data from the website: IP, cookie identifiers, device and browser info – for site operation, security, and analytics (Google Analytics only after consent).

DreamWitness-specific data

Dream content (temporary): symbol text and descriptions passed to the AI consultant – processed solely to generate a response; we do not persist this in our database.
Anonymous user identifier: to enforce the free tier limit (3 analyses/week) and Plus status – not linked to a name or email.
Purchase data (DreamWitness Plus): transaction token and subscription status – to verify entitlement to Plus features.

Kvitta-specific data

Expense and group data: amounts, currencies, categories, splits, group roles, comments – to provide app functionality.
Push notification tokens (FCM): to send group activity notifications.
Activity logs: record of group changes (who added/edited what) – for the Activity Feed feature.

Legal bases

Contract performance: providing app features and data sync.
Legitimate interests: diagnostics, security, abuse prevention, and support.
Consent: analytics cookies on the website (Google Analytics).

How we use data

Providing website and app features (product tracking, notifications, statistics).
Syncing your data across devices (if enabled).
Improving reliability, performance, and security (error detection, abuse prevention).
Fulfilling legal obligations and handling support requests.

Sharing with third parties

We do not sell your data and do not share it for marketing purposes. We display ads via Google AdMob only in the free versions of DreamWitness and Kvitta; Plus/Premium versions are ad-free. BetterShelf contains no ads.

We use Google Firebase as a processor for BetterShelf:

Firebase Authentication (sign-in)
Cloud Firestore (data storage)
Remote Config (remote configuration)
App Check (abuse protection)

For diagnostics and UX improvements in the app, we use PostHog (EU endpoint), including session replay with masking of text inputs and images. On the website we use Google Analytics only after consent through a cookie banner.

We also use the following processors:

OpenAI (DreamWitness): dream content is temporarily passed to the OpenAI API to generate an AI response. OpenAI may not use this data to train models under their contractual terms.
Firebase Cloud Messaging – FCM (Kvitta): sending push notifications about group activity.
Google ML Kit (Kvitta): OCR scanning of receipts – processing happens locally on the device; no data is sent to external servers.
Google AdMob (DreamWitness free, Kvitta free): serving ads; governed by Google's Privacy Policy.

Retention and security

Firestore / app data: retained for the lifetime of the account; export/deletion on request.
PostHog: session replay 30 days; events 13 months.
Google Analytics (website): 14 months; active only after consent.
Data transfer is protected with TLS. We regularly update software and apply least-privilege access controls.
Dream content (DreamWitness): not persisted – transmitted only during an active request; OpenAI does not retain data beyond their own policies.
Purchase data (DreamWitness): 3 years (statutory accounting obligation).
Kvitta app data: for the lifetime of the active account; export/deletion on request.

Data transfers

Firebase is operated in the nam5 region. Where data is transferred outside the EEA, we rely on appropriate safeguards (e.g., Standard Contractual Clauses). We use PostHog with an EU endpoint. Google Analytics is governed by Google's policies.

Consents and cookies

Analytics cookies on the website (Google Analytics) are loaded only after your consent via a cookie banner. You can withdraw consent anytime in your browser cookie settings; analytics scripts will then not load.

Your rights

Where applicable by law, you have the right to:

access personal data and obtain a copy,
rectify inaccurate or incomplete data,
erasure ("right to be forgotten") and restriction of processing,
object to processing,
data portability (where technically feasible),
withdraw consent (e.g., by uninstalling the app or signing out),
lodge a complaint with a competent authority.

Contact

Questions or want to exercise your rights? Contact us:

Support email: hello@codewhiskers.app
Web: https://www.codewhiskers.app/en/privacy-policy

This document combines policies for CodeWhiskers.app and the apps BetterShelf, DreamWitness, and Kvitta. Technical details and contact information reflect the current implementation.

Privacy Policy