Privacy Policy

1. The "Local First" Philosophy

Unlike traditional fintech apps that store your sensitive banking credentials and transaction history in the cloud, CashFlow operates on a "Local First" architecture. This means:

• Zero Cloud Storage: All your transactions, budgets, and goals are stored locally on your device's encrypted storage (SQLite/AsyncStorage).
• No Data Mining: We do not sell, trade, or analyze your spending habits for advertising purposes.
• Offline Availability: You can access all features without an internet connection.

2. Data We Collect

Since we do not have a backend server for user data, our collection is minimal and strictly operational:

• App Usage Data (Anonymous): We may collect anonymous crash reports and performance metrics (e.g., app launch time) to improve stability. This is processed by third-party services like Sentry.
• Device Information: Model, OS version, and screen size—used solely for UI optimization.

We DO NOT collect: Names, Email addresses, Phone numbers, Bank credentials, Location data, or Contacts.

3. Data Security

Security is our top priority. We employ the following measures to protect your local data:

• Encryption: Data at rest is sandboxed within the application's private storage directory, accessible only by the OS kernel.
• Biometric Lock: (Upcoming Feature) The app supports Android BiometricPrompt for an additional layer of access control.

4. Your Rights (GDPR & CCPA)

Because we do not store your personal data on our servers, traditional "Right to be Forgotten" requests are fulfilled automatically—simply deleting the application from your device permanently erases all associated data.

You have the right to request a copy of the little operational data we might have (e.g., support ticket history if you emailed us).

5. Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13.