Privacy Policy for Xpenso - Expense Manager

Effective Date: September 13, 2025
Last Updated: September 13, 2025

1. Introduction

Welcome to Xpenso ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Xpenso - Expense Manager ("Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

2. Information We Collect

2.1 Personal Information

Account Information: When you sign in with Google OAuth, we collect your name, email address, and profile picture from your Google account
Financial Data: Expense amounts, dates, categories, account information, and notes you enter
Custom Categories: Category names and colors you create
Usage Preferences: App settings, theme preferences, and customization choices

2.2 Automatically Collected Information

Device Information: Device type, operating system, and app version
Usage Analytics: App usage patterns and feature interaction (anonymized)
Technical Data: Error logs and crash reports for app improvement

2.3 AI Chat Data

Chat Messages: Conversations with our AI assistant about your expenses
Expense Context: Financial data shared with AI for personalized insights
API Keys: Securely stored for AI service integration

3. How We Use Your Information

3.1 Core Functionality

Expense Management: Store, organize, and track your financial expenses
Data Synchronization: Sync your data across devices when signed in
Account Management: Maintain your user account and preferences

3.2 Enhanced Features

AI Insights: Provide personalized financial insights and recommendations
Analytics: Generate spending reports and financial analysis
Customization: Remember your preferences and settings

3.3 Service Improvement

Bug Fixes: Identify and resolve technical issues
Feature Development: Improve existing features and develop new ones
Performance Optimization: Enhance app speed and reliability

4. Data Storage and Security

4.1 Local-First Architecture

Primary Storage: Your data is primarily stored locally on your device
Offline Functionality: Full app functionality without internet connection
Data Control: You maintain control over your data at all times

4.2 Cloud Synchronization

Supabase Integration: Secure cloud backup and sync across devices
Encrypted Storage: All data transmitted and stored with encryption
Row-Level Security: Database-level security ensuring users only access their own data

4.3 Security Measures

Data Encryption: All sensitive data encrypted in transit and at rest
Secure Authentication: Google OAuth 2.0 for secure sign-in
Access Controls: Strict access controls and user isolation
Regular Security Updates: Continuous security monitoring and updates

5. Data Sharing and Disclosure

5.1 Third-Party Services

We integrate with the following third-party services:

Google OAuth: For secure authentication (Google's Privacy Policy applies)
Supabase: For cloud storage and synchronization (Supabase's Privacy Policy applies)
OpenAI: For AI chat functionality (OpenAI's Privacy Policy applies)

5.2 We Do Not Sell Your Data

We do not sell, trade, or otherwise transfer your personal information to outside parties.

5.3 Legal Disclosure

We may disclose your information only when required by law or to protect our rights, property, or safety.

6. Guest Mode and Data Privacy

6.1 Anonymous Usage

Guest Mode: Use the app without creating an account
Local Storage Only: Guest data remains on your device
No Cloud Sync: Guest data is not synchronized to cloud services
Data Migration: Option to convert guest data when creating an account

7. User Rights and Controls

7.1 Your Rights

Access: View all personal data we have about you
Correct: Update or correct inaccurate information
Delete: Request deletion of your personal data
Export: Download your data in a portable format
Withdraw Consent: Opt out of data collection at any time

7.2 Data Management

Local Data Control: Delete local data through app settings
Account Deletion: Completely remove your account and associated data
Selective Deletion: Choose specific data to delete

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us to have it removed.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your personal information in accordance with applicable privacy laws.

10. Data Retention

10.1 Retention Period

Account Data: Retained while your account is active
Expense Data: Retained until you delete it or close your account
Log Data: Automatically deleted after 30 days
Chat History: Stored locally with option to clear

10.2 Deletion Policy

Account Closure: All data permanently deleted within 30 days
User Request: Data deleted within 7 days of verified request
Guest Data: Automatically deleted when app is uninstalled

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Updating the "Last Updated" date at the top of this policy
Sending an in-app notification for significant changes
Posting updates on our app store listing

Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: technomob.official@gmail.com
App Store: Search "Xpenso Expense Manager"