Privacy Policy
Effective: March 20, 2026
FinPal is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal and financial information.
1. Personal Data We Collect
When you sign up via social login, we collect your account info (name, email, profile photo) and preferred currency. Optionally: gender, birth year, country. During use: receipt images (for AI analysis), financial data (expenses, subscriptions, budgets, income), NFC transit card transactions. Automatically collected: device info, push notification tokens, app usage analytics, crash logs. For Free plan users: advertising identifier (IDFA, with consent) and ad interaction data.
2. How We Use Your Data
Service delivery: expense tracking, receipt analysis, subscription management, budget management, monthly report generation. AI analysis: extracting merchant names, amounts, and items from receipt images. Personalization: auto-categorization, spending pattern analysis, smart alerts. Notifications: budget alerts, subscription renewal reminders, service announcements. Service improvement: usage analytics, bug fixes, feature enhancements. Advertising: personalized ads for Free plan users. Payments: in-app subscription management (App Store).
3. Legal Basis for Processing (GDPR)
For EU/EEA residents: Contract performance (essential data processing for service delivery), Consent (marketing, ad personalization via IDFA, optional profile info), Legitimate interests (service improvement, security, fraud prevention), Legal obligations (data retention required by law).
4. Third-Party Data Sharing
We use these categories of third-party services: cloud infrastructure provider (data storage, authentication, analytics), AI service provider (server-side receipt analysis), advertising network (ads for Free plan users), social login provider, App Store (subscription payments). Receipt images are sent to AI via secure servers. AI extracts text data only; original images are NOT used for AI model training. FinPal does NOT sell your personal data to third parties for marketing purposes.
5. Data Retention & Deletion
Account info: retained until account deletion. Financial data: Free plan — last 6 months; Pro — unlimited (deleted on account deletion). Receipt images: retained until account deletion. AI cost tracking logs: 90 days. Crash logs: 90 days. Notification logs: 30 days. Account deletion: Settings > Account > Delete Account. All personal data is immediately and irreversibly deleted.
6. Your Rights
All users: Right to access (Settings > Profile), Right to rectify (Settings > Edit Profile), Right to delete (Settings > Account > Delete Account), Right to object (via in-app support), Right to portability (CSV/PDF export), Right to withdraw consent (via Settings or support). GDPR additional rights (EU/EEA): Right to object to automated decisions (AI categorization), Right to lodge complaint with supervisory authority. CCPA additional rights (California): Right to opt-out of sale — FinPal does not sell personal data. Non-discrimination for exercising rights.
7. Children's Privacy
FinPal is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we discover such data, it will be immediately deleted. Parents/guardians can request deletion via in-app support.
8. International Data Transfers
FinPal servers are located on the cloud (asia-northeast1, Tokyo). User data may be transferred across borders for service delivery. For EU/EEA to third-country transfers, appropriate safeguards such as Standard Contractual Clauses are applied.
9. Security Measures
Technical and administrative measures: TLS 1.3 encryption in transit, industry-standard encryption at rest. Role-based access control. App integrity verification. API security with rate limiting, daily limits, anomaly detection. Anti-abuse with automatic kill switch and user blocking. 24/7 monitoring with anomaly alerts.
10. Changes to This Policy
This policy may be updated for service improvements or legal changes. Changes will be announced via in-app notice. Significant changes will be communicated via push notification or in-app popup. Updated policy takes effect from the announced effective date.
11. Contact
For privacy inquiries, data access/modification/deletion requests: In-app: Settings > Info > Customer Support > Contact FinPal Team. Inquiries are processed within 7 business days.