Privacy Policy

FinanceTrackPro (the “App”) is a financial tracking application that helps people manage weekly cash and credit ledgers, partner equity distribution, document records and team communications across one or more business entities. This Privacy Policy explains what personal information we collect, how we use it, who we share it with and the choices you have.

The App is provided by the FinanceTrackPro team. If you have questions about this policy you can reach us at privacy@financetrackpro.com.

When you create an account or use the App, we collect:

• Account information — your name (or display name), email address, profile picture (if your sign-in provider supplies one), and a unique account identifier.
• Authentication data — username, password hash (we never store passwords in clear text), two-factor authentication secret (if you enable 2FA), biometric credential identifiers (used by your device, not transmitted to us).
• Financial data you enter — daily cash and credit entries, partner percentages, payouts, business profile names, currency settings and goals. This data is stored encrypted on our servers and is only readable by you and the people you explicitly share a profile with.
• Documents and order lists — invoices, receipts, statements, photos and other files you upload, plus the data we extract from them.
• Messages — in-app messages exchanged with other team members. When both you and the recipient have published a device key, messages are end-to-end encrypted in your browser using ECDH P-256 + HKDF + AES-GCM, and the server only stores ciphertext it cannot read. If the recipient has not yet generated a key on a device they have signed in to, the message is instead encrypted at rest on our server with a server-held key — meaning we are technically able to decrypt that fallback message until the recipient’s device upgrades the conversation to end-to-end encryption. The app shows a lock icon on messages that were sent end-to-end encrypted.
• Wallet data — shared wallet income and expense entries, wallet member records, and balance information you enter in the Wallet section.
• Check Guide data — check details you save using the Check Guide (payee name, amount, memo, check number, date, and payout period label). This data is stored on our servers and is only accessible by you.
• Settings and preferences — your chosen language, theme, notification preferences, custom labels, and similar configuration.

• Login activity — date, time, IP address, user agent string and method of each sign-in attempt (used to detect unauthorized access).
• Activity logs — a record of changes you make inside the App so you and your administrators can audit edits.
• Push notification subscription — if you opt in to push notifications, we store the endpoint and keys provided by your browser or device push service.
• Cookies and session data — a single httpOnly, secure session cookie is used to keep you signed in. We do not use third-party advertising cookies.

The App uses the following third-party services. Each one receives only what is necessary for it to do its job:

• Sign in with Apple (Apple Inc.) — used for Apple sign-in. Apple gives us your unique Apple identifier and (on first sign-in only) the email address and name you choose to share. If you use Hide My Email, we receive a private relay address.
• Google Sign-In (Google LLC) — used for Google sign-in via Replit Auth. We receive your Google account ID, email, name and profile image.
• Replit Authentication (Replit, Inc.) — handles OIDC sign-in and session management.
• OpenAI (OpenAI, L.L.C.) — used to extract structured data from documents, receipts and order lists you upload. Files you choose to process are sent to OpenAI’s API and processed under OpenAI’s API data usage policy (data is not used to train OpenAI models).
• Gmail SMTP (Google LLC) — used to send transactional emails such as weekly reports, monthly reports and data backups that you opt in to.
• Web Push services (Apple Push Notification service, Google FCM, Mozilla autopush, etc.) — used only when you opt in to push notifications.
• PostgreSQL database hosting — your encrypted data is stored in a managed PostgreSQL database operated on our behalf.

We do not sell your personal information, and we do not share it with advertisers or data brokers.

• To create and secure your account.
• To store and display the financial data, documents, lists and messages you create.
• To extract structured data from documents and orders you ask the App to process.
• To send you reports and notifications you opt in to.
• To detect, investigate and prevent fraud, abuse and security incidents.
• To comply with legal obligations.

• Financial data, documents, order lists and activity logs are encrypted at rest using AES-256-GCM.
• In-app messages between users who have both published a device key are end-to-end encrypted with ECDH P-256 + HKDF + AES-GCM, and your private key never leaves your device unencrypted. When end-to-end encryption is not yet available (for example, the recipient has not signed in on a device that has generated a key), the message is encrypted at rest on our server with a server-held key as a fallback until the conversation can be upgraded to end-to-end encryption.
• Connections between your device and our servers use HTTPS / TLS.
• Passwords are hashed with bcrypt (cost factor 12) and never stored in plain text.
• We support two-factor authentication (TOTP) and biometric unlock on supported devices.
• Sessions can be configured to auto-lock after a period of inactivity.

We retain your data for as long as your account is active. When you request account deletion, we permanently delete your account record, financial entries, documents, order lists, push subscriptions, encryption keys, two-factor secret, login logs and activity logs within 30 days. If a legal obligation (such as fraud prevention or tax record-keeping) requires us to retain specific records for longer, we will keep only the minimum necessary and isolate it from active use.

You can, at any time:

• Access and export your data using the “Export Data” option in Settings → Data Management.
• Correct or update any data you have entered directly inside the App.
• Delete your account and all associated data using Settings → Account → Delete Account, or by emailing privacy@financetrackpro.com.
• Withdraw consent for optional features such as push notifications or email reports at any time.
• Lodge a complaint with your local data protection authority if you believe we have not handled your data lawfully.

Depending on where you live, you may also have rights under the GDPR, UK GDPR, CCPA / CPRA or similar laws (including the right to portability and the right to object to processing). We honour those rights. To exercise them, email privacy@financetrackpro.com.

FinanceTrackPro is intended for use by adults running businesses or managing partner finances. It is not directed at children under 13 (or under 16 in jurisdictions where that age applies), and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at privacy@financetrackpro.com and we will delete it.

Our servers and the third-party providers above may process data in countries other than your own, including the United States. By using the App you consent to that transfer. We take appropriate safeguards (such as standard contractual clauses) where required.

We may update this policy from time to time. When we do, we will change the “Last updated” date at the top and, for material changes, notify signed-in users inside the App. Your continued use of the App after the update means you accept the revised policy.

Questions or concerns about privacy? Email privacy@financetrackpro.com or general support at support@financetrackpro.com.