Privacy Policy
Last updated: December 8, 2025
Introduction

Welcome to ExpenseFlow. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your information when you use our expense tracking application.

By using ExpenseFlow, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.

Information We Collect

Personal Information

  • Account Information: Email address and authentication credentials when you create an account
  • Financial Data: Transaction records, wallet information, categories, and budgets you create within the app
  • Usage Data: Information about how you use the app, including features accessed and preferences set

Automatically Collected Information

  • Device Information: Device type, operating system, and browser information
  • Log Data: IP address, access times, and pages viewed for security and troubleshooting purposes
How We Use Your Information
  • Service Provision: To provide, maintain, and improve ExpenseFlow's functionality
  • Account Management: To create and manage your user account and authenticate your access
  • Data Synchronization: To sync your financial data across your devices securely
  • Customer Support: To respond to your inquiries and provide technical assistance
  • Security: To detect, prevent, and address technical issues and security threats
  • Legal Compliance: To comply with applicable laws and regulations
Data Storage and Security

Data Storage

Your financial data is securely stored using Supabase, a trusted cloud database platform. All data is encrypted both in transit and at rest using industry-standard encryption protocols.

  • Data is stored in secure, SOC 2 Type II compliant data centers
  • Regular automated backups ensure data integrity and availability
  • Access controls and monitoring systems protect against unauthorized access

Security Measures

  • End-to-end encryption for all data transmission
  • Secure authentication using industry-standard protocols
  • Regular security audits and vulnerability assessments
  • Minimal data collection principle - we only collect what's necessary
Payment Processing

ExpenseFlow uses PayPal for processing premium upgrade payments. We do not store your payment information on our servers.

  • All payment processing is handled securely by PayPal
  • We only receive confirmation of successful payments, not payment details
  • PayPal's privacy policy and terms of service apply to payment transactions
  • Premium upgrade is a one-time payment with lifetime access
Data Sharing and Third Parties

We do not sell, trade, or otherwise transfer your personal information to third parties, except as described below:

  • Service Providers: Supabase (database hosting) and PayPal (payment processing) as necessary to provide our services
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with prior notice)
  • Protection: To protect our rights, property, or safety, or that of our users or others
Your Rights and Choices

You have several rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your account and associated data
  • Data Portability: Request export of your data in a machine-readable format
  • Withdrawal: Withdraw consent for data processing (may limit app functionality)

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

Data Retention

We retain your personal information only as long as necessary to provide our services and fulfill the purposes outlined in this policy:

  • Active Accounts: Data is retained while your account remains active
  • Free Tier: Transaction history is automatically limited to 2 months
  • Account Deletion: Data is permanently deleted within 30 days of account closure
  • Legal Requirements: Some data may be retained longer if required by law
Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you of significant changes through the app or via email
  • Provide a reasonable notice period before changes take effect

Your continued use of ExpenseFlow after any changes indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ExpenseFlow Support

Email: limweijen96@gmail.com

Response Time: Within 48 hours

We are committed to resolving any privacy-related concerns promptly and transparently. Your privacy is important to us, and we appreciate your trust in ExpenseFlow.

Thank you for using ExpenseFlow. Your financial privacy and security are our top priorities.