KharchapatraKharchapatra

Last updated: April 23, 2026

Privacy Policy

This Privacy Policy explains what information Kharchapatra collects, how it is used, who it is shared with, and the choices you have. We follow a principle of collecting only what we need to make the app work for you.

1. Information We Collect

Information you provide:

  • Account information: name, email address, and password (stored hashed; we never see your plain-text password).
  • Financial data you create: accounts, transactions, categories, budgets, recurring rules, and goals.
  • Statement uploads: CSV, PDF, or Excel files you choose to import. Files are processed to extract transactions and retained for your reference.
  • Preferences: notification settings, theme, and other in-app choices.

Collected automatically:

  • Push notification tokens (Firebase Cloud Messaging registration IDs), only if you enable notifications.
  • Basic diagnostics: app version, platform, and error logs used to fix bugs and improve reliability.

We do NOT collect:

  • Your location.
  • Your device contacts, photos, SMS messages, or microphone.
  • Advertising identifiers.

2. How We Use Your Information

Your information is used to:

  • Provide and sync the app's core features across your devices.
  • Categorize transactions and generate the analytics and budgets you see in the app.
  • Send notifications you have opted into (budget alerts, recurring-rule reminders, monthly summaries).
  • Diagnose and fix bugs and improve reliability.
  • Respond to you when you contact us.

We do not use your financial data for advertising, profiling, or to train machine-learning models.

3. How We Store and Protect Your Data

  • Data in transit is encrypted with TLS (HTTPS).
  • Passwords are hashed with bcrypt — we never see or store them in plain text.
  • Authentication tokens on your device are stored in the platform's secure storage (Android Keystore / iOS Keychain).
  • Optional biometric unlock (fingerprint / Face ID) adds a local protection layer when opening the app.
  • On-device data is kept in an app-private SQLite database that other apps on your device cannot access.
  • Our servers are hosted with reputable cloud providers and protected with firewalls, restricted administrative access, and routine backups.

4. Sharing

We do not sell your personal information. We do not share your financial data with advertisers or data brokers.

Limited data is shared with service providers strictly to operate the app:

  • Firebase Cloud Messaging (Google LLC) — delivers push notifications. Only a device registration token is shared.
  • Hosting and infrastructure providers — run our servers and databases under our instruction.

We may disclose information if required by law, a valid legal process from Nepali authorities, or to protect the rights and safety of our users.

5. International Data Transfer

Some service providers (notably Firebase) process data outside Nepal. By using Kharchapatra, you consent to this transfer. We choose providers that commit to industry-standard protections.

6. Your Choices and Rights

From Settings, you can at any time:

  • View and edit your profile and change your password.
  • Export your transaction history as CSV.
  • Toggle each notification channel on or off.
  • Delete your account — this permanently erases your data from our servers, typically within 30 days.

You may also request a copy of your personal data or ask questions about how it is handled by emailing us.

7. Data Retention

  • Active accounts: we retain your data while your account is active.
  • Deleted accounts: data is removed from our active systems within 30 days. Backups are purged on a rolling 90-day cycle.
  • Legal holds: we may retain limited information longer where required by law.

8. Children

Kharchapatra is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

9. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page reflects the most recent version. For significant changes we will notify you in the app.

10. Contact

For privacy questions, data-access requests, or deletion requests that you cannot complete in-app, email parjanya57@gmail.com or reach out on WhatsApp at 9860479548.