ExpenseFlow - Privacy Policy

1 Introduction

ExpenseFlow ("we", "our", or "the app") is a personal expense tracking mobile application built for Android. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

By using ExpenseFlow, you agree to the practices described in this policy. If you do not agree, please do not use the app.

2 Information We Collect

We collect only the minimum data necessary to provide our service:

Account Information - Email address and password when you create an account or log in.
Expense Data - Expense entries you create, including amounts, categories, descriptions, and dates.
Ask AI Messages - Questions you send in the Ask AI chat and recent conversation context needed to generate a response.
AI Usage Logs - Limited metadata such as model used, token usage, tool-call usage, and a short preview of your question.
Authentication Tokens - Securely generated tokens stored locally on your device to keep you signed in.

                We do not collect your location, contacts, photos, device identifiers, or data beyond what is listed above.
            

3 How We Use Your Information

Your data is used solely to:

Authenticate your identity and maintain your session.
Store and retrieve your expense records so they are available across sessions.
Provide analytics and summaries of your spending habits within the app.
Power the Ask AI feature so you can ask natural-language questions about your expenses.
Enforce AI usage limits, monitor reliability, and improve response quality and safety.
Enable password reset and account recovery via email.

4 Data Storage & Security

Your data is stored securely using Supabase, a cloud-hosted backend platform.

Encrypted data transmission via HTTPS / TLS.
Row-level security policies ensuring users can only access their own data.
Passwords are hashed and never stored in plain text.

5 Third-Party Services

Supabase - For authentication and database storage. Policy: supabase.com/privacy.
Google Gemini API - For Ask AI responses based on your prompts and expense context. Policy: policies.google.com/privacy.

6 Data Sharing

We do not sell, trade, rent, or share your personal data with third parties.

When you use Ask AI, your prompt and relevant expense data may be sent to our AI provider only to generate the response you requested.

We may disclose information only if required by law.

7 Data Retention & Deletion

Your data is retained as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us.

Upon account deletion, your expense records and personal information are permanently removed from our servers within 30 days.

8 Children's Privacy

ExpenseFlow is not intended for use by children under the age of 13. We do not knowingly collect personal information from children.

9 Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated effective date.

10 Contact Us

If you have any questions about this Privacy Policy, contact us at:

Email: akashsarki12345@gmail.com