Saveshore · Version 1.0 · Effective May 2026
The data controller responsible for your personal data is:
SaveShore UG (haftungsbeschränkt)
Antwerpner Str. 5
13353 Berlin, Germany
hello@saveshore.com
Account data. Your name, email address, and hashed authentication credentials. Device biometric data (Face ID, Touch ID, or equivalent) is stored exclusively on your device and is never transmitted to our servers.
Identity verification data. Document type, verification outcome, date of birth, and liveness check result. This data is collected and processed by FinAPI GmbH on our behalf solely for the purpose of identity verification. We store only the outcome (passed / failed), the verification reference ID, and the timestamp of completion. No raw identity document data is retained by Saveshore.
Bank account data. Your IBAN, transaction history (up to 90 days), account balances, and derived signals including salary patterns and spending categories. This data is retrieved read-only via FinAPI under PSD2 AISP authorisation. Saveshore cannot initiate payments or access your banking credentials.
Saving and platform data. Your saving configuration, pot allocation state, transfer history, Shore AI conversation logs, and financial behaviour signals derived from your transaction data.
Device and usage data. App usage events collected for product improvement and security purposes. No advertising identifiers are collected or processed.
We process your personal data on the following legal bases under the GDPR:
Where we rely on consent as the legal basis, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal. Withdrawing consent for open banking will pause saving engine functionality, as that data is required for the service to operate.
Saveshore uses automated analysis of your bank transaction data to generate personalised saving suggestions and spending insights. This constitutes automated processing under Article 22 GDPR. Your explicit consent is obtained during onboarding before any analysis begins.
No automated action is executed without your explicit confirmation. You may withdraw consent for automated analysis at any time from Settings, which will pause saving engine functionality.
All personal data is stored exclusively on Microsoft Azure infrastructure located in the EU Frankfurt (Germany) region. No personal data is transferred outside this region. No personal data leaves the European Economic Area under any circumstances.
We share your personal data only with the following processors, under written data processing agreements in accordance with Art. 28 GDPR:
We do not sell, rent, or share your personal data with advertisers, data brokers, or any third party not listed above.
Data Category
Retention Period
Following account deletion, all personal data not subject to a statutory retention obligation is purged within 30 days.
Under the GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, contact us at hello@saveshore.com or use the data export and deletion tools available in Settings. We will respond within 30 days of receiving your request.
We implement the following technical and organisational measures to protect your personal data:
You have the right to lodge a complaint with the competent supervisory authority at any time:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
datenschutz-berlin.de
We will notify you of material changes to this Privacy Policy by email and in-app notification at least 14 days before they take effect. The effective date at the top of this document will be updated on each revision.
If you have questions about this policy or how we handle your data, contact us at hello@saveshore.com.
SaveShore UG (haftungsbeschränkt) · Antwerpner Str. 5 · 13353 Berlin · Germany