pfm.nefsof.com

privacy-policy

Privacy Policy – PFM

App: PFM  |  Package: com.nefsof.pfm  |  Effective date: May 13, 2025  |  Last updated: May 13, 2025

PFM (“we”, “our”, or “us”) is a personal finance management application developed by Avishkaram. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what choices you have. By using PFM you agree to the practices described here.

1. Information We Collect

We collect the following categories of information when you use PFM:

  • Account information – first name, last name, email address, and profile photo (optional).
  • Authentication data – password (stored as a one-way hash) or OAuth tokens when you sign in with Google.
  • Financial records – expenses, income entries, budgets, account balances, currencies, and categories you create within the app.
  • Shared account data – member lists, invitations, and contribution data for accounts you share with others.
  • Uploaded files – receipts, attachments, or any files you attach to expense records.
  • Imported data – CSV or XLSX files you upload to bulk-import expenses.
  • Notification preferences – budget alert settings and push-notification opt-in status.
  • Subscription status – your current plan, subscription source (Google Play or Stripe), and billing period.
  • Device token – a push-notification token so we can deliver budget alerts to your device.
  • Usage data – basic server logs (IP address, request timestamps, error traces) retained for security and debugging.

We do not collect precise GPS location, contacts, call logs, or any data unrelated to personal finance management.

2. How We Use Your Information

  • Provide, maintain, and improve the PFM service.
  • Authenticate your identity and keep your account secure.
  • Process and store your financial records so you can access them across devices.
  • Send budget alerts, account invitations, and other transactional notifications you have requested.
  • Generate AI-powered spending insights using Gemini (your data is sent to Google’s Gemini API solely to produce these insights; it is not used to train Google’s models).
  • Process subscription payments through Google Play or Stripe.
  • Diagnose errors and monitor service reliability.
  • Comply with legal obligations.

We do not use your financial data for advertising, sell it to data brokers, or share it for third-party marketing.

3. Third-Party Services

PFM integrates with the following third-party services. Each service operates under its own privacy policy:

  • Google Sign-In – used for OAuth-based login. We receive your name and email from Google when you choose this option.
  • Google Play Billing – handles in-app subscription purchases on Android. Payment details are processed by Google; we receive only a purchase token to verify your subscription.
  • Stripe – used for web-based subscription checkout. Payment card details are handled entirely by Stripe; we never store card numbers.
  • Backblaze B2 – stores files and attachments you upload. Files are stored in a private bucket and are not publicly accessible.
  • Google Gemini API – powers AI spending insights. Anonymized spending summaries are sent to Gemini to generate analysis. This data is not used to train Gemini models.
  • Firebase Cloud Messaging (FCM) – delivers push notifications to your device.

4. Data Sharing

We share your information only in the following circumstances:

  • With other account members – if you invite someone to a shared account, they can see the expenses, budgets, and member data within that account.
  • With service providers – the third-party services listed above receive only the data necessary to perform their specific function.
  • For legal reasons – if required by law, court order, or to protect the rights and safety of users or the public.
  • Business transfers – in the event of a merger or acquisition, your data may transfer to the new entity, which will be bound by this policy or will notify you of any changes.

We do not sell your personal data to any third party.

5. Data Retention

We retain your account data and financial records for as long as your account is active. If you delete your account, we remove your personal information and financial records within 30 days, except where retention is required by law or for fraud prevention. Server access logs are retained for up to 90 days.

6. Data Security

We implement industry-standard security measures including TLS encryption in transit, hashed passwords, access controls, and private cloud storage for uploaded files. No method of transmission over the internet is 100% secure; we encourage you to use a strong, unique password and keep your device secure.

7. Your Rights and Choices

Depending on your jurisdiction you may have the right to:

  • Access – request a copy of the personal data we hold about you.
  • Correction – update or correct inaccurate data (most fields are editable directly in the app).
  • Deletion – request deletion of your account and associated data.
  • Portability – export your expense data using the CSV export feature in the app.
  • Withdraw consent – you can revoke Google Sign-In access through your Google account settings at any time.
  • Notification opt-out – disable push notifications in the app or through your device settings.

To exercise any of these rights, contact us at the address below.

8. Children’s Privacy

PFM is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. International Users

PFM is operated from Nepal. If you access the app from outside Nepal, your information may be transferred to and processed in countries that may have different data protection laws. By using the app you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. For significant changes we will notify you through the app or by email. Continued use of PFM after changes take effect constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions, requests, or concerns about this Privacy Policy, please contact:

© 2025 Avishkaram. All rights reserved.