FinLite

Privacy Policy

Last Updated: November 3, 2025 • Version 0.1

1. Introduction

FinLite ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal and financial information when you use the FinLite mobile application ("App").

By downloading and using the App, you acknowledge that you have read and understand this Policy.

2. Information We Collect

2.1 Information You Provide

Account Information

  • Name and email address
  • Phone number (optional)
  • Password (hashed and encrypted)
  • Profile picture (optional)

Financial Information

  • Income and expense transactions
  • Budget amounts and limits
  • Financial goals and targets
  • Category preferences
  • Account balances

Receipt Data

  • Receipt images uploaded by you
  • OCR-extracted text from receipts
  • Transaction details from scanned documents

2.2 Information Collected Automatically

Device Information

  • Device model and operating system
  • Unique device identifier
  • Device language and region settings

Usage Information

  • Features accessed
  • Time and duration of use
  • App interactions and navigation patterns

3. How We Use Your Information

3.1 Service Delivery

  • Creating and maintaining your account
  • Processing transactions and receipt scans
  • Delivering App features and functionality
  • Providing customer support

3.2 Improvement and Analytics

  • Analyzing App usage patterns
  • Identifying technical issues
  • Improving App features and performance

3.3 Personalization

  • Customizing your experience
  • Delivering tailored nudges and reminders
  • Providing personalized insights

3.4 Security and Compliance

  • Detecting and preventing fraud
  • Enforcing our Terms of Use
  • Complying with legal obligations

4. How We Share Your Information

4.1 We Do NOT Share

  • Your financial data with advertisers
  • Your transactions with third-party marketers
  • Your data with data brokers
  • Your information for commercial purposes

4.2 Service Providers

We share data only with essential service providers:

  • Supabase: Database and cloud storage
  • Google Cloud: Infrastructure services
  • OpenAI: Receipt scanning and AI analysis

4.3 Legal Requirements

We may disclose information when required by law or to protect our rights and safety.

5. Data Storage and Retention

5.1 Where We Store Data

  • Primary database: Supabase (cloud-hosted)
  • File storage: Supabase Storage
  • Backup location: Encrypted backup systems

5.2 Retention Periods

  • Active Account Data: Retained while you use the App
  • Deleted Transactions: Permanently deleted within 30 days
  • Account Data After Deletion: Deleted within 90 days of termination
  • Server Logs: Retained for 90 days

6. Data Security

6.1 Security Measures

  • End-to-end encryption for sensitive data
  • HTTPS/TLS for data in transit
  • AES-256 encryption for data at rest
  • Secure password hashing
  • Regular security audits
  • Two-factor authentication (optional)
  • Session timeouts for inactive users

6.2 Your Responsibilities

  • Keep your password confidential
  • Use strong, unique passwords
  • Enable two-factor authentication
  • Report unauthorized access immediately

7. Your Privacy Rights

7.1 Access

You can request a copy of your personal data we hold.

7.2 Rectification

You can correct inaccurate or incomplete information.

7.3 Erasure

You can request deletion of your personal data, subject to legal obligations.

7.4 Data Portability

You can receive your data in a portable format (CSV/JSON) and transfer it to another service.

7.5 Object

You can opt-out of marketing communications and certain processing activities.

7.6 Exercising Your Rights

To exercise any of these rights, contact us at: finlite@redentor.dev

We will respond to requests within 30 days.

8. Children's Privacy

FinLite is not intended for children under 13. We do not knowingly collect information from children under 13.

For users aged 13-18, parental consent is required and additional privacy protections apply.

9. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted in the App and sent to your registered email. Your continued use after changes constitutes acceptance of the updated Policy.

10. Contact Us

For questions about this Privacy Policy:
Email: finlite@redentor.dev

11. Jurisdiction-Specific Notices

11.1 Philippines (Data Privacy Act of 2012)

FinLite complies with Republic Act No. 10173. You have rights under this law including the right to information, correction, and blocking of data.

11.2 European Union (GDPR)

If you are in the EU, GDPR applies. You have additional data subject rights and the right to lodge a complaint with your local data protection authority.

11.3 California (CCPA)

California residents have additional rights to know, delete, and opt-out under the California Consumer Privacy Act.