Privacy Policy for Xpensio

Effective Date: May 12, 2026

🔒 Privacy-First Approach: Xpensio is designed with your privacy as the top priority. We believe your financial data belongs to you and you alone. This app operates on an offline-first model, meaning your data stays on your device unless you explicitly choose to back it up.

📱Overview

Xpensio is a personal finance management application that helps you track expenses, manage budgets, set savings goals, and organize your financial life. We are committed to protecting your privacy and ensuring your financial data remains secure and under your control.

💾Data Storage & Collection

What Data We Store Locally

All of the following data is stored only on your device using secure local storage:

Transactions: Income, expenses, and transfers you record
Budgets: Monthly budget allocations and categories
Savings Goals: Your financial goals and progress
Wallets: Your wallet/account information
Reminders: Bill payment reminders you create
Profile Information: Your name, currency preference, and app settings
Categories: Custom expense and income categories

What We Do NOT Collect

❌ We do not collect any personal information
❌ We do not track your usage or behavior
❌ We do not use analytics or tracking tools
❌ We do not sell or share your data with third parties
❌ We do not require account creation or login
❌ We do not access your bank accounts

☁️Optional Cloud Backup (Google Drive)

How It Works

Xpensio offers an optional cloud backup feature that allows you to back up your data to your personal Google Drive account. This feature is:

Completely Optional: You choose whether to enable it
User-Controlled: You can connect or disconnect at any time
Private: Data is stored in your private Google Drive AppDataFolder
Encrypted: Backup files are compressed and secured

What Gets Backed Up

When you enable Google Drive backup, the following data is backed up to your personal Google Drive:

All transactions, budgets, goals, wallets, and reminders
Your profile settings and preferences
Custom categories and payment methods

Google Drive Privacy

Your backup data is stored in the AppDataFolder of your Google Drive account, which means:

Only Xpensio can access this folder
The data is not visible in your regular Google Drive files
Only you can access it by signing in with your Google account
We (the app developers) cannot access your Google Drive or your backup data
Google's privacy policy applies to data stored in Google Drive

Google Drive Privacy Policy: https://policies.google.com/privacy

Disconnecting Cloud Backup

You can disconnect your Google account at any time from the app settings. When you disconnect:

Your local data remains on your device
Your backup remains in your Google Drive (you can manually delete it)
No further backups will be created

🔐Permissions We Request

Camera Permission

Purpose: To scan receipts and bills for automatic transaction entry.
How it's used: Photos are processed locally on your device using OCR (Optical Character Recognition). Receipt images are temporarily sent to OCR.space API for text extraction only. No financial data or personal information is transmitted.
Optional: You can use the app without granting camera permission.

Photo Library Permission

Purpose: To attach receipt images to transactions and set profile pictures.
How it's used: Images are stored locally on your device only.
Optional: You can use the app without granting photo library access.

Notification Permission

Purpose: To send you reminders for bill payments and financial goals.
How it's used: All notifications are generated locally on your device based on reminders you create.
Optional: You can disable notifications in your device settings.

Internet Permission

Purpose: Required for optional features like cloud backup and receipt scanning.
How it's used: Only used when you explicitly enable cloud backup or scan a receipt. The app works fully offline otherwise.

🔗Third-Party Services

OCR.space (Receipt Scanning)

When you use the bill scanning feature, receipt images are sent to OCR.space for text extraction. Only the image is sent – no personal or financial data accompanies it. The extracted text is returned to your device and processed locally.

OCR.space Privacy Policy: https://ocr.space/privacypolicy

Google OAuth & Drive API

When you connect your Google account for cloud backup, we use Google's OAuth 2.0 authentication. We only request access to the AppDataFolder in your Google Drive – we cannot access your emails, documents, or other Google services.

🛡️Data Security

We implement several security measures to protect your data:

Local Encryption: Sensitive data is encrypted on your device
Secure Storage: We use platform-specific secure storage mechanisms
No Server Storage: We don't operate any servers that store your data
Backup Validation: Cloud backups include checksums to detect corruption
Code Obfuscation: App code is obfuscated to prevent reverse engineering

👶Children's Privacy

Xpensio does not knowingly collect personal information from children under 13 years of age. Since we don't collect any personal data, the app can be used by anyone. However, we recommend parental guidance for children using financial management tools.

🌍International Users

Xpensio can be used anywhere in the world. All data processing happens locally on your device. If you use the optional Google Drive backup, your data is stored in Google's data centers according to Google's data residency policies.

🔄Data Retention & Deletion

Local Data

Your local data remains on your device until you:

Manually delete transactions, budgets, or other items
Uninstall the app
Clear app data from your device settings

Cloud Backup Data

Your Google Drive backup remains in your Google Drive until you:

Manually delete it from your Google Drive
Disconnect your Google account (backup remains but won't be updated)

📝Your Rights

Since all your data is stored locally on your device or in your personal Google Drive, you have complete control:

Access: You can access all your data within the app at any time
Export: You can export your data (future feature)
Delete: You can delete any or all of your data at any time
Portability: Your data is stored in standard formats

🔔Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the app or legal requirements. We will notify you of any material changes by:

Updating the "Effective Date" at the top of this policy
Displaying a notice in the app
Requiring you to accept the new policy before continuing to use the app

Your continued use of Xpensio after any changes indicates your acceptance of the updated Privacy Policy.

📧Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: hbssolutionsdev@gmail.com
Response Time: We aim to respond within 48 hours

⚖️Legal Compliance

This Privacy Policy is designed to comply with:

General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
Children's Online Privacy Protection Act (COPPA)
Google Play Store and Apple App Store privacy requirements

📌 Summary: Xpensio is built with privacy at its core. Your financial data stays on your device. Cloud backup is optional and uses your personal Google Drive. We don't collect, track, or sell your data. You have complete control over your information.