Privacy Policy

We collect the following categories of data based on features you use:

• Account data: Google account identifier, email, profile name, and profile photo URL.
• Financial entries: transaction amount, category, note, type (income or expense), and date.
• Subscription entries: service name, amount, billing cycle, renewal date, reminder preferences, icon/color choices.
• Gmail integration data (optional): connected Gmail address, OAuth access and refresh tokens (encrypted at rest), parsed receipt data such as merchant, amount, currency, date, subject, snippet, and message identifier.
• Voice and text inputs: expense text you type and transcribed audio text for parsing assistance.
• Payment records: billing plan, order IDs, payment IDs, signature metadata, order status, and timestamps.
• App and diagnostics data: request metadata, rate limit counters, and operational logs needed for security and abuse prevention.
• Device-level local data: secure auth token storage and app preferences stored on your device.

• Authenticate users and maintain account sessions.
• Provide core features including expense tracking, dashboards, and subscriptions.
• Process voice expense capture and AI-assisted parsing.
• Connect Gmail (when enabled by you) to identify likely receipt emails.
• Process premium purchases and entitlement restoration.
• Send subscription reminder notifications on your device.
• Protect platform security, detect abuse, and improve reliability.

• Contract: to provide the services you request.
• Consent: for optional Gmail access, microphone use, and notifications.
• Legitimate interests: platform security, fraud prevention, and service quality.
• Legal obligations: accounting, tax, and compliance requirements as applicable.

We use trusted third-party services to operate MoneyAI:

• Google Sign-In and Google APIs (account sign-in and optional Gmail access).
• OpenAI APIs (voice transcription and AI-based parsing assistance).
• Razorpay (payment order and payment verification workflows).
• Hosting and infrastructure providers used to run APIs and databases.

We do not sell personal data. We share data only with service providers necessary to operate MoneyAI, comply with law, enforce our terms, or protect users and platform security.

• Transport security: API communication is protected in transit using HTTPS in production.
• Token protection: Gmail OAuth tokens are stored encrypted at rest.
• Session protection: app auth tokens are stored in secure storage on supported devices.
• Operational safeguards: authentication checks, access controls, and request rate limiting.

We retain account, transaction, subscription, billing, and receipt records for as long as needed to provide services, maintain legal records, resolve disputes, and enforce agreements.

When you disconnect a Gmail account in-app, connected account data and associated pending email receipts for that account are removed from our active systems.

• Access and update: you can update many details through the app.
• Gmail control: you may connect or disconnect Gmail at any time.
• Notifications: you can disable reminder notifications from device settings.
• Data deletion requests: use our Account Deletion page linked below.

Account deletion page: /account-deletion

MoneyAI is not directed to children under the age required by local law for independent consent. If you believe a child provided personal data, contact us to request deletion.

Your information may be processed in countries where our service providers operate. We apply reasonable safeguards appropriate to the transfer.

We may update this Privacy Policy to reflect service, legal, or security changes. The updated effective date will be shown at the top of this page.

Contact us for privacy requests or questions:
Email: privacy@mobileai.com