Fin Os LogoFin OS

Legal

Privacy Policy

Absolute transparency on how your data remains yours.

Effective Date: January 1, 2026 · DPDP Act 2023 Compliant

📱

Stays on your device

All financial data is processed and stored locally by default. Nothing leaves without your action.

🔐

Encrypted before upload

Cloud backups are encrypted with your personal password on-device before leaving your phone.

🚫

Zero data harvesting

We do not sell, share, or use your financial data for advertising or analytics. Ever.

You control sharing

Shared Spaces requires your explicit consent and transmits only the data you choose to post.

Introduction

Effective Date: January 1, 2026 Fin OS ("we", "our", "us"), developed by Veera Manikanta, is built on a single principle: your financial data is yours alone. This Privacy Policy explains what information is collected, how it is used, how it is protected, and what rights you have when you use the Fin OS mobile application. By using the App, you agree to the practices described in this policy. This policy complies with India's Digital Personal Data Protection Act 2023 (DPDP Act).

1. Our Core Privacy Principle

Fin OS is local-first by design. Your financial data — transactions, accounts, budgets, goals — is stored and processed exclusively on your device by default. We do not operate servers that store your financial data in plain text. We do not sell, rent, share, or use your financial data for advertising or profiling of any kind. What you record in your financial vault is your business, not ours.

2. Information We Collect

2.1 DATA YOU ENTER All financial data you create within the App — transactions, accounts, balances, categories, budgets, scheduled bills, and notes — is stored locally on your device. This data does not leave your device unless you explicitly enable Cloud Backup or Shared Spaces. 2.2 AUTHENTICATION DATA If you sign in with Google, we receive your name, email address, and a unique account identifier (Google UID) from Firebase Authentication. This is used only to identify your account for cloud backup and Shared Spaces purposes. 2.3 SHARED SPACES DATA If you choose to use Shared Spaces (an optional feature), the specific transaction fields you post to a shared ledger — title, amount, category, date, and payment mode — are transmitted to your connected partner's device via an encrypted relay. Your account identifier is included so your partner can attribute the entry to you. No other data is transmitted. 2.4 SUBSCRIPTION DATA If you subscribe to a paid plan, RevenueCat processes your subscription status on our behalf. Fin OS receives only a confirmation of your active entitlement. No payment card details are handled by our infrastructure. 2.5 CLOUD BACKUP DATA If you enable cloud backup, your data is encrypted on your device before upload. The encrypted file is stored in your personal Google Drive or Firebase account. We do not host a copy of your financial data on our own servers.

3. Information We Do NOT Collect

We want to be explicit about what we do not do: • We do not collect your SMS messages. SMS-based transaction parsing is not a feature of this App. • We do not access your bank credentials or connect to your bank accounts. • We do not use your financial data for advertising, profiling, or sale to third parties. • We do not collect your precise GPS location. • We do not use behavioural analytics, session recording, or screen-tracking tools (such as Google Analytics, Mixpanel, or Hotjar) within the App. • We do not share your data with data brokers.

4. How Your Data Is Protected

LOCAL VAULT Your financial database is encrypted on your device using strong encryption. The encryption key is stored in your device's secure hardware processor and never leaves it. CLOUD BACKUP Before any backup data is uploaded to Google Drive or Firebase, it is encrypted on your device using your personal backup password. This password is never transmitted to us or stored on our servers. Without your password, the backup file is unreadable — by us, by Google, and by anyone else. SHARED SPACES RELAY Data transmitted through Shared Spaces is protected in transit by industry-standard TLS encryption. Access controls on the relay server ensure only you and your explicitly connected partner can read the shared records. BIOMETRIC PROTECTION If you enable App Lock, your device's biometric or PIN system provides an additional hardware-backed access layer before the App opens.

5. Third-Party Services

Fin OS uses the following third-party services. Each is listed with what data they receive and a link to their privacy policy. FIREBASE (Google) Purpose: Authentication (sign-in), optional cloud sync (Firestore). Data received: Your Google account name, email, and UID. Encrypted vault data if cloud sync is enabled. Policy: policies.google.com/privacy GOOGLE DRIVE Purpose: Optional encrypted backup storage. Data received: Your encrypted backup file, stored in your private Google Drive app folder. We cannot access your other Drive files. Policy: policies.google.com/privacy SUPABASE Purpose: Relay infrastructure for the Shared Spaces feature only. Data received: Only the transaction fields you explicitly post to a Shared Space (title, amount, category, date, payment mode, your UID). This data is only accessible to you and your connected partner. Policy: supabase.com/privacy REVENUECAT Purpose: Subscription status validation. Data received: Your device ID and subscription entitlement status. RevenueCat does not receive your financial data. Policy: revenuecat.com/privacy GOOGLE PLAY BILLING Purpose: Payment processing for subscriptions. Data received: Google handles all payment information. We do not receive your card details. Policy: play.google.com/intl/en/about/play-terms

6. Shared Spaces — What Leaves Your Device

Because Shared Spaces involves transmitting data to another person, we want to be fully transparent about exactly what is shared. WHAT IS SHARED (only when you post to a Space): • Transaction title • Amount • Category • Date • Payment mode • Your account identifier (so your partner can see who posted it) WHAT IS NEVER SHARED: • Your total account balance • Your full transaction history • Transactions you do not explicitly post to a Space • Your personal account names or financial goals • Any data from your personal accounts You must provide explicit in-app consent before the Shared Spaces feature activates. You can revoke this consent at any time in the Network settings.

7. Your Rights Under DPDP Act 2023

Under India's Digital Personal Data Protection Act 2023, you have the following rights as a Data Principal: RIGHT TO ACCESS You may request a summary of what personal data we hold about you. Contact us at finosapp.dev@gmail.com. RIGHT TO CORRECTION You may correct or update inaccurate data at any time within the App. RIGHT TO ERASURE You may permanently delete all your data from Settings > Data Management > Delete Account. This removes your authentication profile and any cloud-linked data from our systems. RIGHT TO WITHDRAW CONSENT You may withdraw consent for Shared Spaces at any time from Network Settings within the App. Withdrawal stops future data transmission immediately. RIGHT TO GRIEVANCE REDRESSAL If you have a privacy concern that is not addressed by this policy, contact finosapp.dev@gmail.com. We will respond within 72 hours.

8. Data Retention

LOCAL DATA — Retained on your device until you uninstall the App or use the Reset App Data function. CLOUD BACKUP — Retained in your Google Drive or Firebase account until you delete it. Because this data is in your own account, deletion is within your control. SHARED SPACES DATA — Retained on the relay server until you remove the connection. Data already delivered to your partner's local device is outside our control. AUTHENTICATION DATA — Your Firebase sign-in profile is retained until you delete your account from within the App.

9. Children's Privacy

Fin OS is not directed at anyone under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal data from children under this threshold. If you believe a child has provided us with data, please contact finosapp.dev@gmail.com and we will act promptly.

10. Changes to This Policy

We may update this Privacy Policy when the App's features change or when required by law. When changes are material, we will update the Effective Date above and, where the change affects data sharing, display an in-app notice. Your continued use of the App after changes constitutes acceptance.

11. Contact & Grievance Officer

For any questions, data requests, or privacy concerns: Email: finosapp.dev@gmail.com Website: www.finosapp.com Developer: Veera Manikanta, Andhra Pradesh, India