BarnFen Privacy Policy
Last updated: 2026-04-16
1. Third-Party Services
BarnFen relies on the following third-party services to operate:
-
Firebase Authentication — for account sign-in,
account management, and guest or anonymous access where available
-
Cloud Firestore — for storing groups, members,
expenses, settlements, invite data, user state, and related
bookkeeping records
-
Cloud Functions for Firebase — for protected
server-side actions such as group creation, invite validation, expense
and settlement operations, and account deletion workflows
-
Firebase Hosting — for serving the web app and public
legal pages
-
Firebase App Check — including Google reCAPTCHA on
web and device or app attestation on supported platforms, to help
protect the service from fraud and abuse
-
Google Sign-In and GitHub Sign-In — when you choose
those sign-in methods
2. Data We Collect
Depending on how you use the service, we may collect and process:
-
User ID (UID) and sign-in provider identifiers — used
to identify and manage your account
-
Display name, email address, and profile information
— when returned by your sign-in provider
-
Group, member, expense, settlement, invite code, debt action, and
related history data
— the content you create or participate in
-
Historical snapshots — such as payer names, split
names, settlement action names, and related bookkeeping context stored
with records to preserve accounting history
-
Security verification signals — such as App Check
tokens, browser or device attestation results, and limited request
metadata used to protect the service from fraud or abuse
-
Device-local data and preference settings —
synchronized local copies of relevant records, sync metadata, and app
preferences such as theme, language, or layout settings, used for
offline access, performance, and restoring your experience on the same
device
3. How We Use Your Data
We use data to provide, maintain, and protect the service, authenticate
users, sync group state across devices and local copies, run protected
server-side logic, support sharing actions that you choose to start,
preserve bookkeeping and audit history, and prevent fraud, spam, and
abuse. We do not sell or rent personal information for advertising or
marketing.
4. Storage & Security
Data is sent over encrypted connections and stored or processed using
Google Firebase and Google Cloud infrastructure. Because BarnFen is
local-first, the app also stores synced local copies of relevant data
and preferences on your device to support offline use, performance, and
session recovery. We use authentication, access rules, server-side
validation, and service protection measures such as App Check where
supported. No method of transmission or storage is completely secure.
5. Retention & Deletion
We keep account data while your account exists. You can request deletion
in Settings > Delete Account, or contact us if you
cannot access the app. When you delete your account, we delete the
authentication account and app-owned profile or state data tied directly
to that account. Shared group records may still retain transaction
history, settlement logs, invite history, historical names, and internal
identifiers when needed to preserve bookkeeping integrity, audit
history, or other users' records. Group memberships linked to your
account may be converted to placeholder entries so shared groups remain
internally consistent. Local copies stored on your device may remain
until the app clears or overwrites them, or until you remove the app or
browser data from that device.
For a step-by-step public account deletion guide, see
Account deletion.
6. Invite Sharing & Permissions
-
Camera — used only to scan QR codes when joining by
invite. Camera data is processed on-device in real time and is not
stored, uploaded, or shared by the app.
-
System sharing and external links — if you choose to
share an invite code, invite link, or direct group link, or open
feedback, support, or legal links, the selected share target, browser,
mail client, or external service receives that content under its own
terms and privacy practices.
-
Direct group links — a direct group link is meant to
open an existing BarnFen group. It does not by itself grant group
membership or permissions.
7. Children's Privacy
BarnFen is not directed to children under 13, and we do not knowingly
collect personal information from children under 13.
8. Updates
We may update this policy from time to time. Material changes will be
reflected in the Last updated date above.
9. Contact
For questions, deletion requests, or account access issues, contact us
at
barnfen.app@gmail.com
BarnFen 隱私權政策
最後更新:2026-04-16
1. 第三方服務
BarnFen 依賴以下第三方服務運作:
-
Firebase Authentication —
用於帳號登入、帳號管理,以及在可用情況下的訪客或匿名使用
-
Cloud Firestore —
用於儲存群組、成員、帳目、結算、邀請資料、使用者狀態與相關記帳紀錄
-
Cloud Functions for Firebase —
用於群組建立、邀請驗證、帳目與結算相關操作,以及刪除帳號等受保護的伺服器端流程
-
Firebase Hosting — 用於提供 Web 版與公開法律頁面
-
Firebase App Check — 包括 Web 版使用的 Google
reCAPTCHA,以及在支援平台上的裝置或 App
驗證,用於協助保護服務免受詐欺與濫用
-
Google Sign-In 與 GitHub Sign-In
— 當你選擇使用這些登入方式時
2. 我們收集的資料
依你使用本服務的方式,我們可能收集並處理:
-
使用者 ID 與登入提供者識別資料 —
用於識別與管理你的帳號
-
顯示名稱、電子郵件與個人檔案資料 —
當登入提供者回傳相關資訊時
-
群組、成員、帳目、結算、邀請碼、債務操作與相關歷史資料
— 你建立或參與的內容
-
歷史快照資料 —
例如付款人名稱、分攤名稱、結算操作名稱與其他相關上下文,會隨紀錄保存以維持記帳歷史
-
安全驗證訊號 — 例如 App Check
token、瀏覽器或裝置驗證結果,以及用於防止詐欺或濫用的有限請求中繼資料
-
裝置本機資料與偏好設定 —
包含相關紀錄的同步本機副本、同步中繼資料,以及主題、語言或版面偏好等
App 設定,用於離線存取、效能優化,以及在同一裝置上還原你的使用體驗
3. 資料使用方式
我們使用資料來提供、維護與保護服務,驗證使用者身分,讓群組狀態在不同裝置與本機副本之間同步,執行受保護的伺服器端邏輯,支援你主動發起的分享操作,保留記帳與稽核歷史,以及防止詐欺、垃圾流量與濫用。我們不會為廣告或行銷目的出售或出租你的個人資料。
4. 儲存與安全
資料會透過加密連線傳輸,並使用 Google Firebase 與 Google Cloud
基礎設施儲存或處理。BarnFen 採本機優先設計,因此 App
也會在你的裝置上儲存相關資料的同步本機副本與偏好設定,用於離線使用、效能與工作階段恢復。我們會使用驗證、存取控制、伺服器端驗證,以及在支援情況下的
App Check 等保護措施,但沒有任何傳輸或儲存方式能保證絕對安全。
5. 保留與刪除
只要你的帳號存在,我們就會保留帳號資料。你可以在「設定 > 刪除帳號」提出刪除要求;如果你無法使用
App,也可以與我們聯絡。當你刪除帳號時,我們會刪除驗證帳號,以及直接綁定到該帳號的
App
個人資料或狀態資料。共享群組紀錄仍可能保留交易歷史、結算日誌、邀請歷史、歷史名稱與內部識別資料,以維持記帳完整性、稽核歷史或其他使用者的紀錄。與你帳號連結的群組成員關係,可能會轉為暫時成員占位,以維持共享群組資料一致性。儲存在你裝置上的本機副本,可能會在
App 清除或覆寫資料前持續存在,也可能一直保留到你移除該裝置上的 App
或瀏覽器資料為止。
若要查看公開的逐步說明,請參考
刪除帳號說明頁。
6. 邀請分享與權限
-
相機 — 僅用於透過邀請加入群組時掃描 QR
碼。相機資料會在裝置上即時處理,不會被 App 儲存、上傳或分享。
-
系統分享與外部連結 —
若你選擇分享邀請碼、邀請連結或直接群組連結,或開啟意見回饋、支援或法律文件連結,所選擇的分享目標、瀏覽器、郵件
App 或外部服務會依其自己的條款與隱私實務接收該內容。
-
直接群組連結 — 直接群組連結的用途是開啟已存在的
BarnFen 群組,本身不會自動授予群組成員資格或權限。
7. 兒童隱私
BarnFen 不以 13 歲以下兒童為對象,我們也不會刻意蒐集 13
歲以下兒童的個人資料。
8. 更新
我們可能不定期更新本政策。重大變更會反映在上方的最後更新日期。
9. 聯絡方式
如有關於你的資料、刪除請求或帳號存取問題,請聯絡
barnfen.app@gmail.com