How Much - Estimates

Privacy Policy and Data Protection

PRIVACY POLICY

Last updated: July 11, 2026

Version: 2.3

In short: This Policy explains how the "How Much - Estimates" app (hereinafter "App"), individually developed by Alessio Di Pede, collects, uses, and protects your personal data. We comply with GDPR (EU/EEA/UK), LGPD (Brazil), POPIA (South Africa), Ley 25.326 (Argentina), Ley 19.628 (Chile), LOPDGDD (Spain), and all applicable privacy laws.

This Policy applies to all users of the App, both in the free and Premium versions, in all countries where the App is available (Europe, South America, North America, Africa, Asia).

If you have questions, contact me at: howmuch.preventivi@gmail.com

1. WHO I AM (DATA CONTROLLER)

Alessio Di Pede
Data Controller / Controlador (LGPD) / Responsible Party (POPIA)
Email: howmuch.preventivi@gmail.com
Address: Via Flacca 1195, Terracina, 04019 Latina, Italy
Legal seat: Italy

Data Protection Officer (DPO) / Encarregado (LGPD):
Not appointed as I do not fall under the obligation of Art. 37 GDPR.
For privacy matters: howmuch.preventivi@gmail.com

I am solely responsible for decisions on how and why your data is processed.

2. WHAT DATA I COLLECT AND WHY

The processing is different for free and Premium users:

A) FOR ALL USERS (free and Premium):

  • Automatic technical data: Device type, operating system, App version, anonymized IP address, usage times, functions used. This data does NOT identify you personally.
  • Data for advertising (free version only): The App displays ads through Google AdMob and Meta Audience Network. To show relevant ads, the device's advertising ID (AAID/IDFA) and general usage data may be collected. Ad personalization can be disabled in your device settings.
  • Device permissions:
    • Storage/Photos (optional): Required to save estimate PDFs on your device and share them (WhatsApp, email, etc.) and to add a logo from the gallery or camera. Photos used as logos are NEVER uploaded to our servers or saved in the cloud; they are used only locally to generate the PDF.

B) PREMIUM USERS ONLY:

  • Account: To save estimates in the cloud and sync across devices, you need to create an account with an email address. We only save the email for access.
  • Estimate data (voluntarily provided by YOU): When you create an estimate and choose to save it in the cloud, the data you enter is stored on Google Firebase's secure servers (Firestore). This may include:
    • Your information: First name, last name, phone number, VAT number, RUT (Chile), CUIT/CUIL (Argentina), business email, logo.
    • Client information: First name, last name, phone, VAT/RUT/CUIT number, address.
    • Estimate details: Services, prices, VAT, notes.

C) PREMIUM USERS ONLY (AI and Voice Assistant Features):

  • Voice recordings (temporary): When you use the AI voice assistant feature, your voice is temporarily recorded and transcribed to process your request.
    • Audio recordings are NOT saved and are deleted immediately after transcription
    • Only the transcribed text is sent to the AI for processing
    • Voice recording is activated only when the user voluntarily clicks the voice assistant activation button
    • Recording is automatically stopped after 30 seconds of inactivity or when the user manually interrupts it
  • Microphone (optional): Required exclusively for the AI voice assistant feature. The microphone is activated only when the user voluntarily starts voice recording. No recording is made without your explicit consent and voluntary action.
Important: As a FREE user, no personal data leaves your device. Everything is saved locally (local storage) and only you have access to it.

3. LEGAL BASES (WHY WE CAN PROCESS YOUR DATA)

Purpose What Data Legal Basis (GDPR/LGPD/POPIA/South American Laws)
Provide basic functionality (create, save locally, PDF) Technical data, storage permission Contract performance (the App must work) - Art. 6.1.b GDPR, Art. 7 LGPD, Section 11 POPIA
Manage Premium account and cloud sync Email, estimate data Contract performance (paid Premium service) - Art. 6.1.b GDPR, Art. 7 LGPD
Show advertising (free version) Advertising ID, usage data Your consent (manageable in device settings) - Art. 6.1.a GDPR, Art. 7 LGPD, Section 11 POPIA
App analysis and improvement (stability, crashes) Anonymized technical data Legitimate interest (improving the App for everyone) - Art. 6.1.f GDPR, Art. 10 LGPD
Respond to support requests Email, data you provide Legitimate interest / pre-contractual measures - Art. 6.1.f GDPR, Section 11 POPIA
AI Voice Assistant (Premium feature) Temporary voice recordings, transcribed text Contract performance / your explicit consent at the time of use - Art. 6.1.b GDPR, Art. 7 LGPD

4. WHO WE SHARE DATA WITH

We NEVER sell your data. We share it only with essential providers ("Data Processors"):

  • Google Firebase (Google Cloud Platform): Hosts the database (Firestore) where Premium users save estimates. Servers are secure and located in the EU/US depending on the region. Google's Privacy Policy.
  • Google AdMob and Meta Audience Network: To manage advertisements. Meta's Privacy Policy.
  • Google Gemini API: For the AI voice assistant feature (Premium users only). Receives the transcribed text, DOES NOT receive audio recordings or personal data. Google's Privacy Policy.
  • Payment stores: If you purchase Premium through the Apple App Store or Google Play Store, they handle payment data. I never receive your credit card.
  • RevenueCat (optional): I may use this service to manage Premium subscriptions. RevenueCat's Privacy Policy.

With all these providers, we have contractual agreements that require them to protect your data and use it only as per our instructions.

5. ARTIFICIAL INTELLIGENCE (AI) - GOOGLE GEMINI

The App offers an optional AI analysis feature for estimates and price lists through the Google Gemini API (Google's artificial intelligence service).

What is sent to the AI:

  • Prices and descriptions of jobs entered in the estimate/price list
  • Industry sector detected (e.g., construction, plumbing, electrical)
  • Country and currency selected by the user
  • Numbers and quantities of jobs (for analysis purposes only)

What is NEVER sent to the AI:

  • Personal data (name, surname, email, phone, VAT number, address)
  • Client data (name, phone, address)
  • Geographic coordinates or precise location
  • Payment data or sensitive financial information
  • Device ID or unique identifiers
  • Audio recordings (only transcribed text is sent)

How it works:

  • AI analysis is only for Premium users (after purchasing the subscription)
  • The user must actively click the "Analyze with AI" button
  • No automatic analysis is performed without your explicit consent
  • Analyses are processed in real-time and are not stored by Google Gemini after processing
  • Only anonymous logs (date, number of requests, success/error) are saved to improve the service

Where data is processed:

AI requests are managed through Google Cloud Functions and the Google Gemini API, which can process data on servers located in:

  • United States (us-central1 region, Iowa)
  • Europe (europe-west3 region, Frankfurt) - preferred for EU/EEA/UK/Switzerland users

Data transfers to the US are carried out in compliance with the Standard Contractual Clauses (SCC) of the European Commission and the EU-US Data Privacy Framework.

Limitations:

  • AI analyses are limited to 5 in the first 7 days of Premium, then 50 per month
  • The limit resets automatically every month
  • You can see how many analyses you have left directly in the App

Disabling:

The AI feature is completely optional. If you don't want to use it, simply don't click the button. The App works normally without AI analysis.

More information:

For details on how Google manages data when you use Gemini, see:

6. INTERNATIONAL TRANSFERS

Our providers may process data in countries outside your region:

  • Google (USA): Transfers are based on the Standard Contractual Clauses (SCC) of the European Commission (Decision 2021/914) and the EU-US Data Privacy Framework (adequacy decision 10.07.2023, European Commission).
  • Meta (USA): Similarly based on SCC and Data Privacy Framework.
  • LGPD (Brazil): Transfers are made to countries with an adequate level of protection recognized by the ANPD or with specific contractual guarantees under Arts. 33 and 34 of the LGPD.
  • POPIA (South Africa): Transfers comply with the conditions of Section 72 of the POPIA Act and the authorizations of the Information Regulator.
  • Argentina (Ley 25.326): Transfers comply with Decree 1558/2001 and the authorizations of the Dirección Nacional de Protección de Datos Personales.
  • Chile (Ley 19.628): Transfers comply with the adequate protection standards provided by Chilean legislation.

7. DATA RETENTION (HOW LONG WE KEEP IT)

  • Free users: Data saved locally remains on your device until you uninstall the App or delete the data. We do not store it.
  • Premium users: Your data (email and estimates) is kept as long as you keep your account active. Upon account deletion, data is removed from our servers within:
    • 30 days for GDPR and European regulations
    • 15 business days for LGPD (Brazil) upon request
    • Reasonable timeframe for POPIA (South Africa) and South American laws
  • Voice recordings: ARE NOT stored. They are deleted immediately after transcription.
  • Anonymized technical data: Kept for a maximum of 24 months for aggregate analysis.
  • Data for legal obligations: Kept for the period required by the tax and commercial laws of each country (typically 5-10 years).

8. YOUR RIGHTS (GDPR, LGPD, POPIA, SOUTH AMERICAN LAWS)

Depending on your residence, you have specific rights:

Right Description Response Times
Access (Art. 15 GDPR, Art. 18 LGPD, Sec. 23 POPIA) Obtain a copy of your data 30 days (GDPR)
15 days (LGPD)
Reasonable time (POPIA)
Rectification (Art. 16 GDPR, Art. 18 LGPD) Correct inaccurate data Modify in App or 30 days
Erasure ("Right to be forgotten") (Art. 17 GDPR, Art. 18 LGPD) Have your data deleted 30 days (GDPR)
15 days (LGPD)
Restriction of processing (Art. 18 GDPR) Temporarily suspend processing 30 days
Data portability (Art. 20 GDPR, Art. 18 LGPD) Receive your data in a structured format 30 days
Objection (Art. 21 GDPR, Art. 18 LGPD) Object to processing for legitimate reasons Immediate in App settings
Withdraw consent (Art. 7 GDPR, Art. 8 LGPD) Withdraw consent at any time Immediate
Information on data (Art. 9 Ley 25.326 Argentina) Know about the existence of databases 5 days
Habeas Data (Colombia, Peru, Ecuador laws) Constitutional rights over personal data Specific legal deadlines
CCPA/CPRA (California): "Do Not Sell My Personal Information" Right to opt-out of data sales We don't sell data. For general opt-out: 45 days

To exercise these rights, contact me at: howmuch.preventivi@gmail.com

We will respond to all requests within the timeframes set by applicable local law.

9. DATA SECURITY

We implement technical and organizational measures to protect your data:

  • Firebase Security Rules: Access to data only for authorized users
  • Encryption: Data in transit (HTTPS/TLS) and at rest (Firestore encryption)
  • Limited access: Only I (Alessio Di Pede) have administrative access
  • Periodic risk assessment and adequate measures
  • Encrypted backups on secure servers

However, no system is 100% immune. In the event of a data breach that poses a risk to your rights:

  • GDPR: Notification to the Authority within 72 hours and to you without undue delay
  • LGPD: Communication to the ANPD and data subjects within a "reasonable time"
  • POPIA: Notification to the Information Regulator and data subjects immediately
  • Argentina: Notification to the Dirección Nacional de Protección de Datos Personales

10. COOKIES AND SIMILAR TECHNOLOGIES

The App does not use traditional cookies. We use:

  • Local Storage: To save preferences and estimates locally (on your device)
  • Device identifiers: For anonymous analytics (Crashlytics) and advertising (AdMob)
  • Tracking pixels: Only to measure ad performance (Meta, Google)

You can manage ad personalization preferences in your device settings:

  • iOS: Settings > Privacy > Tracking
  • Android: Settings > Google > Ads > Reset advertising ID / Opt out of Ads Personalization
  • Huawei devices: Settings > Privacy > Advertising & Privacy

11. MINORS

The App is not intended for minors according to the following minimum ages:

  • EU/EEA/UK: 16 years (GDPR) or lower age if provided by Member State
  • Brazil: 18 years (LGPD) or 16-17 with parental consent
  • South Africa: 18 years (POPIA)
  • Argentina: 18 years (Ley 25.326)
  • Chile: 18 years (Ley 19.628)
  • USA (COPPA): 13 years

We do not knowingly collect data from minors. If you are a parent and discover that your child has provided us with data, contact me for immediate deletion.

12. CHANGES TO THIS POLICY

I will update this Policy when necessary (regulatory changes, new features). The updated version will have a new date at the top. Significant changes will be communicated:

  • Premium users: By email and in-app notification 30 days in advance
  • Free users: In-app notification on next launch
  • On the website: Immediate publication

I invite you to review this page periodically. Continued use of the App after changes constitutes acceptance of the new Policy.

13. CONTACTS AND SUPERVISORY AUTHORITIES

To exercise your rights or for questions:

Alessio Di Pede
Email: howmuch.preventivi@gmail.com
Address: Via Flacca 1195, Terracina, 04019 Latina, Italy

Competent data protection authorities:

  • Italy: Garante per la protezione dei dati personali, Piazza di Monte Citorio n. 121, 00186 ROME (garanteprivacy.it)
  • EU/EEA: Authority of your Member State (EDPB authority list)
  • UK: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (ico.org.uk)
  • Brazil: Autoridade Nacional de Proteção de Dados - ANPD, Setor de Autarquias Sul, Quadra 01, Bloco C, Edifício Darcy Ribeiro, Brasília/DF (gov.br/anpd)
  • South Africa: Information Regulator South Africa, JD House, 27 Stiemens Street, Braamfontein, Johannesburg (justice.gov.za/inforeg)
  • Argentina: Dirección Nacional de Protección de Datos Personales, Sarmiento 1118 5º piso, C1041AAX, Ciudad Autónoma de Buenos Aires (argentina.gob.ar/aaip/datospersonales)
  • Chile: Agencia de Protección de Datos Personales (in implementation phase)
  • Colombia: Superintendencia de Industria y Comercio - SIC (sic.gov.co)
  • Peru: Dirección General de Transparencia, Acceso a la Información Pública y Protección de Datos Personales (minjus.gob.pe)
  • Switzerland: Federal Data Protection and Information Commissioner, Feldeggweg 1, CH-3003 Bern (edoeb.admin.ch)

14. HOW TO DELETE YOUR ACCOUNT AND DATA

You have the right to delete your account and all associated data at any time. Here's how:

Method 1: Deletion directly from the App (Recommended)

  1. Open the "How Much - Estimates" app on your device
  2. Go to SettingsProfile
  3. Tap the "Delete account" button
  4. Confirm your choice by entering your password (if prompted)
  5. The account and all associated data will be permanently deleted

Deletion timeframes:

  • Data in Firebase Firestore: Immediate deletion from the database
  • Firebase Authentication account: Immediate deletion
  • Backups: Completely removed within 30 days

Method 2: Request by Email

If you cannot access the App, you can send a deletion request by email to:

howmuch.preventivi@gmail.com

Subject: "How Much account deletion request"

Specify the email address associated with your account in the email.

You will receive a deletion confirmation within 7 business days.

Method 3: Direct link (only for users with access to the App)

If you have configured the URL scheme in the App, you can use this link to open the deletion screen directly:

howmuch://delete-account

Important:
  • Deletion is permanent and irreversible
  • All estimates saved in the cloud will be deleted
  • Data saved locally on your device is not automatically deleted by the App; you must delete it manually from device settings or by uninstalling the App
  • The Premium subscription (if active) must be canceled separately through the Google Play Store or Apple App Store to avoid future charges

Data retention after deletion

  • Aggregated anonymized data: May remain for statistical analysis, but does NOT identify you personally
  • Legal obligations: Some data may be kept for a longer period if required by tax or commercial laws (e.g., for accounting), but will be anonymized
  • Maximum timeframe: In any case, within 30 days of the request, all personal data will be deleted

For any issues during the deletion process, contact me at: howmuch.preventivi@gmail.com