Finilog ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal and sensitive information in compliance with the General Data Protection Regulation (GDPR), Dutch privacy laws, and Google Play Developer Program Policies.
1. Information We Collect
We may collect the following categories of information:
- Personal Information: Name, email address, phone number.
- Financial Data: Bank account details, transaction records, invoices, and expenses.
- Usage & Device Data: IP address, device model, operating system, app usage statistics, and crash logs.
- Photos & Files: Images of receipts uploaded via your device's camera or file upload.
- Third-Party SDK Data: Data collected by services such as Firebase (analytics, crash reporting, push notifications) and OCR APIs (for receipt scanning).
2. How We Use Your Information
We use your data to:
- Provide and improve our expense tracking and invoicing services
- Process transactions and sync with your linked bank accounts (with consent)
- Scan receipts and auto-fill expense details using OCR technology
- Send important updates, invoices, and reminders
- Maintain security, detect fraud, and comply with legal obligations
3. Data Sharing
We do not sell your data. We may share it only with:
- Service providers (e.g., Vercel, MongoDB Atlas, Firebase, OCR APIs)
- Financial institutions when you choose to link your bank account
- Regulatory authorities if required by law
All third parties are contractually obligated to protect your data and use it only for the agreed purposes.
4. Data Retention
- Financial data and receipts: retained until you delete them or close your account.
- Bank tokens: deleted immediately upon disconnection.
- Analytics & crash logs: stored for up to 12 months.
5. Data Security
We use TLS 1.2+ encryption for all data in transit, AES-256 for sensitive data at rest, role-based access controls, and regular security audits.
6. Your Rights (GDPR)
You have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request deletion ("right to be forgotten")
- Restrict or object to processing
- Request a portable copy of your data
To exercise these rights, email us at contact@finilog.com.
7. Children's Privacy
Our services are not directed to individuals under 16. We do not knowingly collect personal data from children.
8. Changes to This Policy
We may update this Privacy Policy periodically. Any changes will be posted here with an updated "Last Updated" date.
9. Contact Information
Email: contact@finilog.com
