Privacy Policy

Effective date: September 17, 2025

Our Privacy Commitment

This Privacy Policy explains how Smart Spend collects, uses, discloses, and protects information about you when you use our applications, APIs, and services.

1. Information We Collect

Account & Contact Data

Name, email, role, and signup timestamps

Authentication Data

Hashed passwords, one-time codes, and access/refresh tokens

Biometric Registration Data

Device IDs, device public keys, device info, and non-reversible hashes used for verification

Finance Data You Provide

Income, expenses, budgets, bills, payments, goals, assets/liabilities

Usage & System Logs

Audit logs of events like login, created expenses, and budget changes

Preferences & Communications

Notification preferences, upcoming-bill alerts, app settings, OTP and transactional emails, support messages

2. Sources of Information

We collect information in the following ways:

  • Directly from you (when you create an account, enter financial records, configure budgets, or register a device)
  • Automatically through the Service
  • From service providers (e.g., email delivery)

3. How We Use Information

Service Provision

  • Store your finance records
  • Compute budget and balance updates
  • Generate alerts and reports
  • Maintain and improve the Service

Security & Authentication

  • OTP and token-based sessions
  • Optional biometric verification
  • Detect and prevent fraud
  • Investigate security incidents

Communications

  • Welcome messages
  • OTP and password reset
  • Reminders and notifications
  • Transactional communications

AI Insights

  • Optional AI coaching
  • Spending insights
  • Goal recommendations
  • Informational analysis only

5. Sharing of Information

We do not sell your personal information.

We share information with service providers who help us deliver the Service (e.g., email infrastructure). We may disclose information to comply with law, protect rights and safety, or in connection with business transactions (e.g., merger).

6. Data Retention

We retain information for as long as needed to provide the Service and for legitimate business or legal purposes. You can request deletion subject to our legal, security, and operational needs.

7. Security

Industry-Standard Security Measures:

  • Password hashing and signed tokens
  • Optional biometric verification using device-specific keys
  • Device challenges for enhanced security

Important: No method is 100% secure—use strong passwords and keep your devices safe.

8. Your Choices and Rights

Data Access & Control

  • Access, correct, or delete personal data
  • Export your finance data (CSV/PDF)
  • Subject to verification and legal exceptions

Preferences & Settings

  • Manage alerts and reminders
  • Control marketing communications
  • Opt out of non-essential analytics

Device Management

  • Disable biometric devices
  • Unregister biometric authentication
  • Revoke access tokens

9. Account Deletion

Permanent Data Deletion

You have the right to delete your account at any time. This can be done from the 'Account Actions' section of the Profile screen in the app.

Please be aware that this action is permanent and cannot be undone. When you delete your account, all associated data—including your transactions, budgets, bills, goals, and personal information—will be permanently erased from our systems. We cannot recover this information once the deletion process is complete.

10. International Users

Your data may be stored and processed in locations where we or our providers operate. Transfers will be protected by appropriate safeguards as required by applicable law.

11. Children's Privacy

The Service is not directed to children under 13. If we learn we collected personal information from a child, we will delete it.

12. Changes to this Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice. Continued use after updates means you consent to the revised policy.

13. Contact Us

Privacy Support

If you have questions about this Policy or our data practices, contact info@endevsols.com