1 Introduction
FinTrack ("we," "us," or "our") is committed to protecting your privacy. This policy explains how we
handle your information when you use our mobile application. Our core philosophy is Privacy by
Design: your financial data belongs to you and should remain on your device.
2 Data Collection and Usage
We process the following data locally on your device to provide expense tracking services:
- SMS Messages: With your explicit permission (
READ_SMS and
RECEIVE_SMS), the app monitors incoming messages for specific financial sender patterns
(e.g., bank identifiers like "HDFCBK"). The app only processes messages that match these
pre-defined or user-selected sender patterns. If a message does not match a financial
sender, it is immediately discarded and its content is never read or stored. Personal messages
are strictly ignored. You have full control to enable or disable specific senders within the
app's settings.
- Manual Entries: Any financial data or notes you manually enter into the app.
Lawful Basis for Processing: We process this data based on your
explicit consent, which you provide when granting SMS permissions.
3 Prominent Disclosure & User Consent
Before requesting SMS permissions, FinTrack displays a Prominent Disclosure screen
within the app that clearly explains:
- What is accessed: Incoming SMS messages, specifically filtering for financial
sender IDs (e.g., bank alerts).
- Why it is accessed: To automatically detect and categorize financial transactions
from bank and payment service alerts. Only messages from recognized financial senders
are processed; personal messages are discarded without being read.
- How it is used: Data is processed locally on your device only; no SMS content is
transmitted to any server or third party. You can customize the list of allowed senders at
any time.
You must explicitly tap "Allow" on this disclosure screen
before the system permission prompt appears. You may decline at any time; the app remains functional
with manual entry only. You can revoke this permission at any time via Settings > Apps >
FinTrack > Permissions.
4 Local Storage Only
- No Server Transmission: All personal and financial data is stored exclusively in a
local database on your mobile device.
- No Cloud Sync: We do not use any APIs, cloud storage, or external servers to store
or backup your personal details or message content.
- Data Control: Because the data never leaves your device, you have full control.
Deleting the app or clearing app data permanently removes all stored information.
5 No Third-Party Tracking
- Analytics: We do not use third-party digital analytics software (such as Google
Analytics or Mixpanel) to track your behavior.
- Third-Party Sharing: We do not share, sell, trade, or transfer your personal data,
financial information, or SMS message content with any third parties under any circumstances.
6 Data Retention
- Indefinite Local Storage: Your transaction data and personal information remain in
the app's local database for as long as the application is installed on your device. FinTrack does
not perform any automatic archiving or remote backups.
- User-Managed Deletion: You are the sole custodian of your data. You may delete
individual records within the app or wipe the entire database at any time by navigating to your
phone's Settings > Apps > FinTrack > Clear Data.
- Effect of Uninstallation: Once the application is uninstalled, all locally stored
data is permanently deleted by the operating system and cannot be recovered by us.
7 Your Rights (DPDP Act & GDPR)
Under the DPDP Act, 2023, you have the following rights:
- Right to Access: You can view all stored data within the app interface.
- Right to Correction: You can edit or correct any categorized transaction.
- Right to Erasure: You can delete specific entries or all data by uninstalling the
app.
- Right to Withdraw Consent: You can revoke SMS permissions at any time via your
phone's system settings.
8 Security
The local database is protected via Android's internal storage security and system-level encryption.
App data is stored in the application's private directory, which is inaccessible to other apps without
root access. We implement all reasonable security measures provided by the mobile operating system
to protect this data from unauthorized access.
However, physical device security remains your responsibility. Please secure your device with a PIN,
pattern, or biometric lock to prevent unauthorized physical access to your data.
9 Children's Privacy
Our Service is not intended for use by children under the age of 18 (or the legal age in your
jurisdiction).
- No Intentional Collection: FinTrack does not knowingly collect or solicit personal
information from children. Since all data is stored locally on the device and is not transmitted to
our servers, we have no way of identifying if a user is a minor.
- Parental Responsibility: We encourage parents and guardians to monitor their
children's mobile usage. If a child has installed the app and granted SMS permissions, their
financial transaction data will be stored locally on that device.
- Data Removal: If you are a parent or guardian and discover that your child is using
FinTrack, you can immediately delete all processed information by uninstalling the app from the
child's device or selecting "Clear Data" in the device settings.
10 Changes to this Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new
Privacy Policy on this page.
We will let you know via a prominent notice within the Application, prior to the change becoming
effective, and update the "Last Updated" date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy
Policy are effective when they are posted on this page.
11 Contact Us
If you have any questions about this Privacy Policy, you can contact us: