Last updated: December 21, 2025
Introduction
Your privacy is important to us. TILT. is a net worth tracking app provided by Aventive GmbH, a company based in Switzerland. This Privacy Policy explains what personal data we collect, how we use and protect that data, and your rights regarding your information. We are committed to handling your personal data in compliance with the Swiss Federal Act on Data Protection (FADP, Datenschutzgesetz, DSG) and the EU General Data Protection Regulation (GDPR). This policy applies to all uses of the TILT. app and any related services or websites. By using TILT., you agree to the collection and use of information as outlined in this Privacy Policy.
1. Data Controller and Contact Information
For the purposes of data protection laws, the “data controller” (the organization responsible for your personal data) is Aventive GmbH, Meierwiesenstrasse 56, 8064 Zurich, Switzerland. If you have questions about this Privacy Policy or wish to exercise your data rights, you can contact us at [email protected]. Aventive GmbH is the responsible entity for processing your data in accordance with the GDPR and FADP.
2. Personal Data We Collect
We collect personal data that you provide to us, as well as data generated through your use of the TILT. app. This includes:
Account Information: When you create a TILT. account, we collect your email address and a password. These are necessary to register and identify your account securely.
Profile Details: You may provide additional profile information such as your name, preferred currency, and language. This information helps personalize your dashboard and user experience.
Financial Data (User-Generated Content): When you use TILT., you manually input data about your assets and liabilities to track your net worth. This includes account names (e.g., "Main Checking"), account types (e.g., "Savings," "Pension"), and numerical balances. We process these details to calculate your total net worth, visualize your financial progress over time, and track your achievements (such as savings streaks).
App Usage Data: We automatically collect certain data about how you use the app and your device for functionality and analytics. This may include your device information (device type, operating system version, unique device IDs), app version, settings, and log files (e.g., time and duration of app use). We also collect technical information such as timestamps and error/crash reports (through tools like Firebase Crashlytics) to diagnose issues and improve the stability of the app. This data helps us understand usage patterns and improve our services.
Communication Data: If you contact us for support or feedback (for example, via email), we will collect the information you choose to give us in that correspondence (such as your contact details and the content of your message). We use this data only to assist you and resolve your inquiries.
We do not intentionally collect any data from children or minors (see Section 8 below), or any personal data not needed for providing our financial tracking services. We also do not collect payment card information directly; all subscription purchases are handled by platform providers like Apple’s App Store (see Section 4).
3. How We Use Your Personal Data (Purposes and Legal Basis)
TILT. uses your personal data to operate, improve, and personalize the app’s services. We ensure that we have a valid legal basis under applicable law for each use of your data. The purposes for which we process personal data, and their legal bases, include:
Providing and Personalizing the Service: We process your personal data to deliver the core functionality of TILT. – for example, creating your account, saving your entries, calculating your net worth, and generating personalized insights. This includes using your profile, financial data, and goals to customize targets (such as net worth milestones) and using your logged assets and liabilities to provide feedback. Legal basis: This processing is necessary to perform the contract with you (i.e. to provide the services you request).
App Functionality and User Experience: We use data about your device and app usage to ensure the app functions correctly, to sync data across devices, and to remember your preferences. For example, device identifiers and account info allow you to log in and access your data from multiple devices. We may also use your data to offer new features or content that align with your goals (for instance, suggesting financial insights if you indicate certain preferences). Legal basis: Performance of our contract (to provide a working service), and our legitimate interest in improving and personalizing our product. Where required by law, we will obtain your consent for certain types of personalization.
Analytics and Improvement: Internally, we analyze aggregate usage patterns, input trends, and performance metrics to understand how our app is used and to improve it. For example, we might analyze which features are most used or where users encounter difficulties, so we can enhance those aspects. We use third-party analytics tools (like Mixpanel, as described in Section 4) to collect this information. Wherever possible, we use this data in a pseudonymized or aggregated form that does not directly identify you. Legal basis: Our legitimate interests in analyzing and improving our services. You have the right to object to certain analytics processing as described in Section 7 (Your Rights). In jurisdictions where analytics data collection requires consent, we will ensure to obtain your consent before using such tools.
Communications and Customer Support: We may use your contact information (email address) to send you important notices about the service, such as account confirmations, password reset emails, changes to our terms or privacy policy, or security alerts. We may also send you guidance, tips, and reminders related to your financial goals (for example, a reminder to update balances or motivational messages), or information about new TILT. features and offers. Legal basis: Our legitimate interest in keeping you informed about the service and ensuring customer satisfaction (for service-related messages), and consent for any promotional or marketing communications. If required by law, we will only send you marketing emails if you have opted in. You can unsubscribe from promotional emails at any time by clicking the “unsubscribe” link in the email or adjusting your app settings. (Please note that even if you opt out of marketing messages, we may still send essential service or account-related communications.)
Subscription Management and Payments: If you choose to subscribe to a Pro version of TILT., the payment will be processed by the app store provider (e.g. Apple’s App Store and/or Google Play Store). We will use data related to your subscription status to enable premium features and manage your account (for example, knowing that you have an active subscription or when it expires/renews). We receive confirmation from Apple or Google that a purchase was made and details like the type of subscription and duration. We do not process your credit card number or payment details ourselves; those are handled securely by the platform. Legal basis: Fulfillment of contract (providing the paid features you signed up for) and compliance with legal obligations (e.g. financial record-keeping). The platform providers (Apple/Google) may act as independent data controllers for your payment information; please refer to their privacy policies for how they handle payment data.
Security and Fraud Prevention: We may process personal data as needed to secure our services and users’ accounts. This includes using certain data (like IP address or device info and account activity) to detect, prevent, and address fraudulent behavior or breaches of our terms. For example, we might detect multiple login attempts to your account from different locations to flag unauthorized access. Legal basis: Legitimate interests in protecting our platform and users, and compliance with legal obligations related to data security. If required by applicable law, we will also rely on legal obligation as a basis to process and retain certain data for security (e.g., logging access to personal data to comply with accountability requirements).
Legal Compliance: Finally, we will use or disclose your information if necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. For instance, we may retain certain data to meet financial reporting obligations, or disclose information if required by a court order. We only do so to the extent required by law and within the safeguards of data protection regulations. Legal basis: Compliance with a legal obligation. In rare cases, we may also process data to protect your vital interests or those of another person or for the establishment, exercise, or defense of legal claims, in accordance with GDPR/FADP.
Research and Development (Aggregated Data): We may anonymize or aggregate your data (so that you are not identifiable) and use those aggregated statistics for research, analysis, and improving our algorithms. For example, we might aggregate data on asset allocation across many users to see general trends or to train our AI models to provide better recommendations. This anonymized data contains no personal identifiers and may be used internally or shared with partners or academic research institutions. Legal basis: Such data is no longer personal data once anonymized. Where any individual-level analysis is done, it will be under our legitimate interest to improve the service, ensuring no harm to your rights.
We do not use your personal data for any purposes other than those described above. In particular, we do not sell your personal information to third parties, and we do not use your data for third-party advertising purposes. If we plan to process your data for new purposes, we will update this Privacy Policy and, if necessary, request your consent.
4. Third-Party Services and Data Sharing
To provide the TILT. service and certain features, we rely on trusted third-party services. We only share your personal data with third parties in the following cases and always under appropriate safeguards:
Firebase (Google Cloud Platform): We use Google Firebase as our backend cloud service for data storage and database, user authentication, and app infrastructure. Firebase is provided by Google LLC/Google Ireland Ltd. and we have configured it to store user data on servers located in the European Union. Your profile information, financial logs, and other app data are stored securely in Firebase’s databases. Google acts as a data processor on our behalf for these services, which means Google is not allowed to use your data for any purpose other than storing and retrieving it for TILT.’s needs, according to our instructions. Firebase also provides Crashlytics (error and crash reporting) which collects diagnostic information (like device model, OS version, and crash traces) when the app experiences an error, to help us fix bugs. All Firebase services we use are governed by Google’s rigorous security measures and data protection terms, including Standard Contractual Clauses for data transfers as needed.
Mixpanel (Analytics): We use Mixpanel, a product analytics service, to better understand overall usage of the TILT. app. Mixpanel collects usage events and statistics, such as how often certain features are used, which screens are visited, and user engagement with the app. This helps us improve features and design a better user experience. The data Mixpanel processes may include your user ID or a device identifier, and events like “Updated asset” or “Changed setting X” along with timestamp and device details. We have configured Mixpanel to limit the amount of personally identifiable information; it mainly deals with pseudonymous analytics data. Mixpanel, Inc. primarily stores data on servers in the United States (and/or EU data centers if applicable). We have entered into a Data Processing Agreement with Mixpanel to ensure that any personal data transferred to Mixpanel is protected according to GDPR standards (including use of EU Standard Contractual Clauses and other required safeguards for international transfer, as discussed in Section 5). Mixpanel acts as our data processor, meaning they only process data on our behalf and cannot use it for their own purposes. You can read more in Mixpanel’s privacy policy for how they handle analytics data. If you wish to opt out of Mixpanel analytics tracking, please contact us (or use any in-app privacy settings if available) and we can arrange to exclude your data from analytics.
Apple App Store (In-App Subscriptions): TILT.’s subscriptions on iOS are managed via Apple’s App Store in-app purchase system. When you subscribe through the App Store, Apple processes the payment and billing information; TILT. does not see your credit card or payment account details. We receive from Apple a confirmation that you purchased a subscription, along with details like the subscription tier (e.g., monthly or yearly plan) and the transaction identifier, subscription start and end dates, and status (active/canceled/renewed). We use this information to activate your premium features and to know when your subscription is up for renewal or has ended. Apple may also provide an anonymous user identifier (the “Apple Subscriber ID” which is a unique code Apple generates that doesn’t reveal your personal identity) so that we can connect your subscription with your TILT. account. Data sharing with Apple: We share certain app-specific identifiers and subscription status information with Apple as needed for subscription management and troubleshooting (for example, verifying a purchase receipt if there’s an issue). Apple, Inc. is an independent data controller for any personal data it requires for payment processing or its own analytics.
Google Play Store (In-App Subscriptions): TILT.’s subscriptions on Android are managed via Google Play’s in-app billing system. When you subscribe through the Google Play Store, Google processes the payment and billing information; TILT. does not have access to your credit card or payment account details. We receive from Google a confirmation that a subscription has been purchased, along with relevant metadata such as the subscription plan (e.g., monthly or annual), transaction ID, start and renewal dates, and subscription status (active, paused, or canceled). This information allows us to activate your premium features and determine whether your subscription is still valid. Google may also assign a unique, anonymized user identifier linked to your Play Store account, enabling us to associate the subscription with your TILT. user profile. Data sharing with Google: We may share app-specific identifiers and subscription status details with Google as needed to troubleshoot subscription-related issues (for example, verifying purchase tokens). Google LLC acts as an independent data controller for any personal data it collects for billing, analytics, or account services.
-
Other Service Providers: In addition to the above, we may use other third-party service providers to help operate TILT. or provide specific features. For example, this could include:
Email service providers or mailing tools (to send out any newsletters or support emails).
Cloud service providers or content delivery networks (to deliver app content efficiently).
Customer support software or CRM tools (to manage support inquiries). Whenever we share your data with such providers, it is only to the extent necessary for them to perform services on our behalf and under strict instructions. All our service providers are bound by confidentiality and data protection agreements. They cannot use your data for their own purposes and must meet our standards for security and privacy (including GDPR/FADP compliance).
Legal and Safety Disclosures: We do not otherwise share your personal information with third parties, except if required to do so by law or if you explicitly request us to. However, we may disclose information to third parties (such as courts, law enforcement or regulators) if a law, subpoena or court order compels us, or if we have to enforce our Terms of Service or protect the rights, property, or safety of TILT., our users, or others. In any such case, we will only disclose the minimum data necessary and will ensure any disclosure is lawful.
Rest assured, we do not sell your personal data to anyone. We also do not share your data with third-party advertisers or social media platforms for their independent use. Any third parties that process your data do so only for the specific purposes outlined above, and under contract with obligations to protect your data.
5. Data Storage and International Transfers
Data Location: TILT. stores and processes personal data primarily on servers located in Europe. Our main database is hosted via Firebase in the European Union (for example, in data centers in the EU such as Belgium or Germany). This means that as a Swiss company, your data is held either in Switzerland or in the EU, both of which have strong data protection laws. Transfers of personal data between Switzerland and the EU are permitted as the EU has recognized Switzerland as providing an adequate level of data protection, and Switzerland likewise recognizes the EU/EEA as having adequate protection.
International Data Transfers: Some of our service providers are located outside of Switzerland and the European Economic Area (EEA). In particular, the United States is a country where some of our partners (like Google and Mixpanel, and Apple in part) may process or store data. Whenever we transfer your personal data to a country that is not recognized as having adequate data protection by Swiss or EU authorities, we will ensure appropriate safeguards are in place to protect your information. These safeguards may include:
Standard Contractual Clauses (SCCs): We have agreements that incorporate the European Commission’s approved Standard Contractual Clauses (and equivalent clauses under Swiss law) with our service providers, which legally require them to protect your data to EU/Swiss standards even when it is transferred to a country like the US.
Additional Measures: Where needed, we implement extra technical and organizational measures, such as encryption in transit and at rest, and strict access controls, to ensure that your data remains secure and protected from unauthorized access by foreign authorities.
We continuously monitor the legal developments around international data transfers (for example, any new frameworks or guidance from regulators) and will adjust our practices as necessary. Our goal is to ensure that your personal data enjoys a high level of protection wherever it is processed. If you would like more information about our international data transfer safeguards, you can contact us using the details in Section 1.
6. Data Retention and Deletion
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specifically:
Active Account Data: If you have an active TILT. account, we will retain your profile information, logs, and other personal data for as long as you continue to use the app so that we can provide the service to you. This allows you to have a history of your net worth and financial progress over time. We do not impose a fixed storage limit while your account is active, as many users value long-term data tracking.
Inactive Accounts: If you stop using TILT., we may retain your data for a reasonable period in case you return, unless you delete your account (or request deletion) as described below. Data of accounts that have been inactive for an extended period may be anonymized or deleted in the future in line with our data retention policies. We will provide a notice (for example via email) before deleting accounts that have been inactive for a very long time, to give you an opportunity to keep it active if you desire.
Account Deletion by User: You have the right to delete your account at any time. TILT. provides a Delete Account option in the app settings that allows you to permanently delete your account and all associated personal data. When you initiate a deletion, we will remove or anonymize all personal data that can be linked to you, including profile info and logs, from our active databases. Please note that deletion is irreversible – if you later decide to use TILT. again, you would have to create a new account and start fresh, as your old data cannot be recovered.
-
Retention for Legal Obligations: In certain cases, we might need to retain some data even after account deletion, if required for legal compliance. For example:
We may keep transaction records or subscription payment history (which might include personal data like an email or transaction ID) for the period required by accounting/tax laws or financial regulations. Such data will typically be limited and kept only as long as mandated (for instance, Swiss accounting regulations might require retaining records for 10 years).
If there is an unresolved issue, dispute, or legal claim relating to your account, we may retain necessary information until the issue is resolved.
Information that is stored in our backup systems may persist for a short period (backup data is periodically purged on a rolling schedule). We maintain backups to ensure the integrity of our service, but if you have deleted your account, your personal data will be scrubbed from active use and will not be restored from backups except if required for disaster recovery. Any backups containing personal data are protected and eventually overwritten/destroyed in the normal backup rotation.
Anonymized and Aggregated Data: We may retain data in an anonymized or aggregated form (which is not identifiable to you) indefinitely for statistical purposes, improvement of our services, and historical analysis. For example, overall financial trends or average usage patterns may be kept in a form that does not identify any individual user. This is not considered personal data and may be retained even after your account is deleted.
In summary, we keep your personal information for only as long as necessary, and we delete or anonymize it when it is no longer needed. If you have any specific questions about our data retention practices, feel free to contact us.
7. Your Rights as a Data Subject
Under the GDPR, FADP, and other privacy laws, you have a number of important rights regarding your personal data. TILT. is committed to facilitating your exercise of these rights. These include:
Right to Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to receive a copy of that data along with relevant information about how and why we process it. This is sometimes called a Subject Access Request. Upon request, we will provide you with a copy of the personal data we have about you in a commonly used electronic format. (For your own privacy and security, we may need to verify your identity before releasing the data.)
Right to Rectification: If any of your personal data that we have is inaccurate or incomplete, you have the right to have it corrected or updated. You can directly edit much of your profile and account information within the TILT. app (for example, you can update your asset values, change your email, etc.). For any data that you cannot update yourself, you can contact us and we will make the correction where possible.
Right to Erasure (Deletion): You have the right to request deletion of your personal data. This is sometimes known as the “right to be forgotten.” As noted above in Section 6, you can delete your account (which erases your data from our systems) via the app settings at any time. If you prefer, you may also contact us to request deletion, and we will handle it for you. We will erase your personal data without undue delay unless a legal exception applies (for example, if we are required to keep certain data for legal compliance, we will inform you). Once deleted, your data (aside from any minimal data we must keep for legal reasons) will be unrecoverable.
Right to Withdraw Consent: In cases where we process your personal data based on your consent, you have the right to withdraw that consent at any time. If you consented to receive promotional emails, you can withdraw by unsubscribing. Withdrawing consent will not affect the lawfulness of any processing we conducted prior to your withdrawal.
-
Right to Object to Processing: You have the right to object to certain types of processing of your data.
Direct Marketing: You can always object to your personal data being used for direct marketing purposes. If you object, we will stop using your data for that purpose immediately. (As noted, we only send you marketing communications with your opt-in consent, but if you change your mind you can opt out anytime.)
Legitimate Interests: If we are processing your data based on our legitimate interests (or those of a third party), you have the right to object to that processing if you feel it impacts your fundamental rights and freedoms. This includes, for example, profiling we do for personalization or data we process for analytics. In some cases, we may have compelling legitimate grounds to continue processing despite an objection, but we will assess each objection case-by-case. If you object to analytics tracking (Mixpanel) or similar, we will offer an opt-out or exclude your data from those processes.
Right to Restriction of Processing: You have the right to request that we limit or “pause” the processing of your personal data in certain circumstances. For instance, if you contest the accuracy of the data we hold about you, or you have objected to processing (and we are evaluating that objection), you can ask that we restrict processing in the meantime. When processing is restricted, we will still store your data but not use it until the issue is resolved. If this situation arises, we will inform you when the restriction is lifted.
Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another service provider (where technically feasible). In practice, this means you can ask us for an export of your data (for example, your logged assets, profile, etc.) in a format like JSON or CSV, and we will provide it so you could import it into another app if you wish. Where feasible, and if you request, we may also directly transfer the data to another company at your direction. This right applies to data processed by us by automated means, where the processing is based on your consent or on a contract with you.
Right not to be Subject to Automated Decisions: TILT. does not make any legal or similarly significant decisions about you solely by automated means (without human involvement). The analyses and insights provided by our AI and algorithms are intended to support your financial goals, but not to make decisions that significantly affect your rights. If we ever implement automated decision-making that has a significant effect, you would have the right to request human review of such a decision. (This is more a precaution; currently our AI suggestions are not decisions, but recommendations you can choose to follow or not.)
To exercise any of your rights, you can contact us via email at [email protected] or by mail at the address provided in Section 1. For certain requests like access, we will ask for some verification of identity to ensure we’re fulfilling requests to the correct person. We will respond to your request as soon as possible, and in any case within the timeframes required by law (under GDPR, typically within 30 days). There is no fee for exercising your rights unless the requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request (as allowed by law), but we will inform you of any such decision.
8. Children’s Privacy (Minors)
TILT. is not intended for use by children or anyone under the age of 18. We do not knowingly collect personal data from individuals under 18 years old. By creating an account and using TILT., you confirm that you are at least 18 years of age.
We do not perform strict age verification upon sign-up; therefore, we rely on the truthfulness of the information provided. If you are under 18, please do not use the TILT. app or send us any personal information. If we discover that we have inadvertently collected personal data from a user under 18, we will take prompt steps to delete such data and terminate the account.
If you are a parent or guardian and you believe that your child under 18 has created a TILT. account or otherwise provided personal data to us without your consent, please contact us immediately at [email protected]. We will remove the information and deactivate the account to ensure compliance with this policy and applicable laws.
9. Data Security Measures
We take the security of your personal data very seriously. Aventive GmbH has implemented a variety of technical and organizational measures to protect your information against unauthorized access, loss, misuse, or alteration. These measures include:
Encryption: All data transmitted between your device and our servers is encrypted using HTTPS (TLS encryption). This ensures that personal data (such as login credentials, profile details, and logs) cannot be easily intercepted during transmission. We also encrypt sensitive data at rest in our databases whenever feasible. For example, passwords are stored in hashed form (never in plain text), and certain sensitive financial metrics may be encrypted in the database for an extra layer of protection.
Access Controls: Access to personal data within our organization is restricted on a need-to-know basis. Only authorized staff or contractors who require access to your data to perform their duties (e.g., customer support, engineering troubleshooting a specific issue) are permitted to access it, and even then, only the minimum necessary data. We ensure that those with access are bound by confidentiality and trained in data protection.
Security Testing and Updates: We regularly update our application, backend systems, and third-party libraries to address security vulnerabilities. We employ industry best practices in software development to prevent common security issues. Additionally, our systems are monitored for suspicious activity, and we use firewalls and intrusion detection/prevention systems to guard against unauthorized access. We may also engage in periodic security audits or penetration testing by security experts to assess and improve our defenses.
Data Minimization: We collect and retain only the personal data that we need to operate the TILT. service. By limiting the data we store and deleting data that is no longer needed (per our retention policy), we reduce the risk associated with holding personal information.
Backup and Recovery: We maintain secure backups and have disaster recovery procedures, but those backups are also protected with encryption and subject to strict access control. This means your data is safe from accidental loss while also kept secure from unauthorized eyes.
Despite all these precautions, it’s important to note that no system can be 100% secure. The internet and mobile ecosystems come with inherent risks. We cannot guarantee absolute security of your data. However, we strive to use commercially acceptable means to protect your personal information and we continuously enhance our security measures to keep up with evolving threats. In the unfortunate event of a data breach that affects your personal data, we will follow all applicable breach notification laws, which may include notifying you and relevant authorities of the breach and taking steps to mitigate its impact.
As a user, you also play a role in keeping your data safe. Please use a strong, unique password for your TILT. account and do not share it with others. If you suspect any unauthorized access to your account or any security vulnerabilities, contact us immediately.
10. Changes to this Privacy Policy
We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will do the following:
Notification of Changes: We will post the updated Privacy Policy on our website and (within the app) and update the “Last updated” date at the top. If the changes are significant, we will provide a more prominent notice or notify you directly (for example, by email or an in-app alert) prior to the change becoming effective.
Consent for Material Changes: If any change to the policy will materially affect the way we handle previously collected data (for example, if we were to propose using your data for a new purpose that requires consent), we will obtain your consent for those new uses as required by law. Minor changes that do not substantially affect your rights (like clarifications or improvements in wording) will be effective when posted.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of TILT. after any modifications to this Policy will signify your acknowledgment of the updated terms.
11. Contact Us
If you have any questions, concerns, or feedback about this Privacy Policy or how we handle your personal data, please don’t hesitate to contact us. We are here to help and address any issues you may have. You can reach our team at:
Aventive GmbH
Meierwiesenstrasse 56
8064 Zurich
Switzerland
Email: [email protected]
We will respond as promptly as possible to address your questions or requests.
Thank you for trusting TILT. with your financial journey. We are dedicated to safeguarding your privacy and helping you achieve your financial goals safely and securely.