Privacy Policy — RupeTrack

1. Information We Collect

1.1 Information You Provide

When you use RupeTrack, you may provide the following types of information:

• Financial Transaction Data: Transaction amounts, dates, descriptions, categories, payment methods, and associated notes or photos
• Wallet and Account Information: Wallet names, types (cash, bank, credit card, etc.), currency preferences, and initial balances
• Budget Information: Budget limits, periods, and category associations
• User Preferences: Currency settings, theme preferences (light/dark mode), and other app configuration choices
• Export/Import Data: If you choose to export or import data, the files you create may contain your transaction history

1.2 Information Automatically Collected

When you use RupeTrack, we automatically collect certain technical information:

• Device Information: Device model, operating system version (Android/iOS), app version, and unique device identifiers (such as Android Advertising ID or iOS Identifier for Advertisers, if available)
• Usage Analytics: App launch events, screen views, feature usage patterns, session duration, and interaction events (collected through Firebase Analytics)
• Crash Reports and Error Logs: Stack traces, error messages, device state information, and performance metrics when the app crashes or encounters errors
• Network Information: IP address (temporarily, for analytics purposes), network type (Wi-Fi, cellular), and connection quality

1.3 Information from Third-Party Services

• Firebase Analytics: Google Firebase Analytics collects aggregated, anonymized usage statistics and crash reports. This data is processed according to Google's Privacy Policy and is used to improve app stability and user experience.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Core Functionality: To provide expense tracking, budget management, wallet management, transaction categorization, and financial insights
• Data Visualization: To generate charts, graphs, and reports based on your transaction history
• App Improvement: To analyze usage patterns, identify bugs, and improve app performance and user experience
• Crash Reporting: To diagnose and fix technical issues, crashes, and errors
• Personalization: To remember your preferences (currency, theme, default wallet) and customize your app experience
• Data Export/Import: To enable you to backup, export, and restore your financial data
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

• Contractual Necessity: Processing your financial transaction data is necessary to perform our contract with you (providing the expense tracking service)
• Legitimate Interests: We process analytics and crash report data based on our legitimate interest in improving the app and ensuring its stability
• Consent: Where required by law, we obtain your consent before processing certain types of data (such as analytics, where applicable)

You have the right to withdraw consent at any time, though this may affect app functionality.

4. Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Third-Party Service Providers: We share anonymized analytics and crash report data with Google Firebase Analytics, which is subject to Google's Privacy Policy (https://policies.google.com/privacy)
• Legal Requirements: We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections
• With Your Consent: We may share information if you explicitly consent to such sharing

5. Data Security Measures

We implement industry-standard security measures to protect your information:

• Local Encryption: Financial data stored on your device is encrypted using AndroidX Security Crypto (on Android) and iOS Keychain (on iOS)
• Secure Storage: All sensitive data is stored in encrypted databases (Room/SQLite with encryption) and secure key-value storage
• No Cloud Sync (Current): As of the current version, your financial data is stored only on your device and is not synced to cloud servers
• Network Security: All network communications (for analytics) use HTTPS/TLS encryption
• Access Controls: App data is protected by the operating system's sandboxing and permission systems

6. Data Retention

• Financial Transaction Data: Retained on your device until you delete it manually through the app, delete the app, or clear app data. We do not automatically delete your transaction history.
• Analytics Data: Firebase Analytics retains aggregated, anonymized usage data according to Google's data retention policies (typically up to 14 months for standard analytics, up to 50 months for certain aggregated reports)
• Crash Reports: Retained by Firebase Crashlytics (if enabled) for up to 90 days, after which they are automatically deleted
• App Preferences: Retained on your device until you change them or uninstall the app
• Backup/Export Files: Any files you export are stored where you choose to save them and are subject to your device's file system policies

If you uninstall the app, all locally stored data is deleted by the operating system. We do not maintain copies of your data after uninstallation.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: You can request a copy of the personal information we hold about you
• Right to Correction: You can update or correct your information directly in the app (transaction data, wallet information, etc.)
• Right to Deletion: You can delete individual transactions, wallets, or categories within the app, or uninstall the app to delete all data
• Right to Data Portability: You can export your data in CSV or JSON format through the app's export feature
• Right to Object: You can opt out of analytics data collection by disabling analytics in your device settings (though this may limit our ability to improve the app)
• Right to Restrict Processing: You can stop using the app or disable certain features to limit data processing
• Right to Withdraw Consent: If processing is based on consent, you can withdraw it at any time

To exercise these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days (or as required by applicable law).

California Residents (CCPA): You have the right to know what personal information we collect, the right to delete personal information (subject to certain exceptions), and the right to opt out of the sale of personal information (we do not sell personal information). You also have the right to non-discrimination for exercising your privacy rights.

8. Cookies and Similar Technologies

RupeTrack is a mobile application and does not use traditional web cookies. However, we use similar technologies:

• Local Storage: We use local device storage (Room database, SharedPreferences/UserDefaults) to store your financial data and app preferences
• Analytics Identifiers: Firebase Analytics uses a unique, anonymized identifier to track app usage across sessions (this identifier does not personally identify you)
• Crash Reporting Identifiers: Crash reports may include device identifiers to help diagnose issues, but these are anonymized and not linked to your identity

You can reset your advertising identifier (Android: Settings > Google > Ads > Reset advertising ID; iOS: Settings > Privacy > Apple Advertising > Reset Advertising Identifier) to change your analytics identifier.

9. Children's Privacy

RupeTrack is not intended for users under the age of 13 (or 13 in jurisdictions that require it, such as the United States under COPPA). We do not knowingly collect personal information from children under this age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

If you are located in the EEA, the minimum age may be 16 (or lower if your country permits). If you are under the applicable minimum age, please do not use RupeTrack without parental consent.

10. International Data Transfers

If you are located outside your home jurisdiction, your information may be transferred to and processed in other countries where our service providers (such as Google Firebase) operate. These countries may have different data protection laws than your country.

• Firebase Analytics: Data is processed by Google, which operates globally. Google complies with applicable data protection laws, including GDPR, and provides appropriate safeguards (such as Standard Contractual Clauses) for international transfers.
• EU/UK Users: If you are in the EEA or UK, we ensure that international transfers are subject to appropriate safeguards as required by GDPR.

By using RupeTrack, you consent to the transfer of your information to these countries.

11. Third-Party Services

RupeTrack uses the following third-party services that may collect or process your information:

• Google Firebase Analytics: Collects anonymized usage analytics and crash reports. Firebase's privacy practices are governed by Google's Privacy Policy: https://policies.google.com/privacy. You can opt out of Firebase Analytics by disabling it in your device settings or by contacting us.

We recommend reviewing the privacy policies of these third-party services to understand how they handle your information.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy in the app (with a notification or in-app banner)
• Updating the "Effective Date" at the bottom of this policy
• Sending an email notification (if you have provided an email address and opted in to communications)

We encourage you to review this policy periodically. Your continued use of RupeTrack after changes become effective constitutes acceptance of the updated policy.

13. How to Contact Us

14. Effective Date