Privacy Policy

Last updated: March 5, 2026

Dutch Defend is privacy-first and local-first by design. This policy explains what data stays on your device, what data may be sent when monetization features are enabled, and how consent works.

Data Stored On Your Device

Core planning data is stored locally in app storage and secure storage. This includes:

  • Salary and tax simulation inputs
  • Savings, debts, contracts, and windfalls
  • Visa and contract timeline fields
  • Preference state (language, notification settings, consent toggles)

Reference API Calls

We fetch public reference data for app behavior. These calls do not include your full financial profile:

  • /api/config: tax rules and feature flags
  • /api/translations: localized UI strings
  • /api/providers: provider metadata for contracts/offers
  • /api/forex: exchange rates
  • /api/inflation: inflation reference data

Monetization and Consent

Some monetization features use backend events and partner integrations. These are controlled by feature flags and your consent choices:

  • Personalized Offers Consent: controls consent-based monetization event tracking.
  • Partner Contact Consent: required before submitting advisor/partner lead forms.
  • Affiliate Attribution: if enabled and consented, offer interactions may include attribution IDs and campaign context.
  • Paid Features: checkout and entitlement flows may exchange purchase metadata with payment/subscription processors.

You can disable or withdraw consent in app settings at any time. If consent is off, monetization tracking and lead/contact flows are blocked by design.

Third-Party Processors

Depending on enabled features, we may use:

  • Frankfurter API: exchange-rate reference data
  • CBS Open Data: inflation reference data
  • Stripe: payment processing for paid report/subscription checkout flows
  • RevenueCat: subscription/entitlement orchestration

These services may process limited operational metadata under their own privacy terms.

Retention and Deletion

Local app data can be deleted with in-app reset controls. Monetization event, lead, and order data retained on backend systems follows operational retention windows documented in release and compliance materials. You may request data deletion through support channels.

Policy Changes

We may update this policy when features, processors, or legal obligations change. Updates are posted on this page with a new “Last updated” date.

Questions?

If you have privacy concerns, please open an issue on GitHub or contact us through the app.