MaxFin AI (“we”, “our”, or “us”) operates the MaxFin mobile application (the “App”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. By using MaxFin, you agree to the collection and use of information in accordance with this policy.
1 Information We Collect
1.1 Information You Provide
- Account Information: Name, email address, and password when you create an account.
- Profile Information: Phone number, preferred currency, and language preference.
- Financial Data: Transaction records (income and expenses), budget configurations, categories, and notes that you manually enter into the App.
- Receipt Images: Photos of receipts you capture using the camera for OCR (Optical Character Recognition) processing.
- Family & Social Data: Family group names, member invitations (email or phone), and split bill participant details.
- Chat Data: Messages you send to the AI assistant for financial guidance.
1.2 Information Collected Automatically
- Device Information: Device model, operating system version, and unique device identifiers.
- Usage Data: App interaction patterns, feature usage, and crash reports via Firebase Analytics and Firebase Crashlytics.
- Push Notification Tokens: Firebase Cloud Messaging tokens for delivering notifications.
1.3 Information from Third-Party Services
- Google Sign-In / Apple Sign-In: If you choose to sign in with Google or Apple, we receive your name and email address from these providers. We do not receive your password.
2 How We Use Your Information
We use the information we collect to:
- Provide Core Services: Process and store your financial transactions, budgets, and reports.
- Receipt OCR: Analyze receipt images using AI vision models to extract transaction data. Receipt images are processed in real-time and are not permanently stored on our servers after processing.
- AI Financial Insights: Analyze your spending patterns to provide personalized insights, saving suggestions, anomaly detection, and budget recommendations.
- AI Chat Assistant: Provide conversational financial guidance based on your financial context.
- Gamification: Track your financial habits to award experience points, badges, and streaks.
- Family Features: Enable shared budget tracking and expense visibility within your family group.
- Notifications: Send budget alerts, spending insights, achievement notifications, and other relevant updates.
- Sync & Backup: Synchronize your local data with our servers so you can access your data across sessions.
- Improve the App: Analyze aggregated, anonymized usage patterns to improve features and fix bugs.
3 Data Storage & Security
3.1 Local-First Architecture
MaxFin is designed with an offline-first architecture. Your financial data is primarily stored locally on your device using an encrypted SQLite database. Data is synced to our servers only when you are online, to enable backup and cross-device access.
3.2 Security Measures
We implement industry-standard security measures including:
- Encryption in Transit: All data transmitted between the App and our servers is encrypted using TLS (Transport Layer Security).
- Secure Token Storage: Authentication tokens are stored using platform-secure storage (Android Keystore).
- Authentication: Password hashing with bcrypt, JWT-based session management with short-lived access tokens and secure refresh token rotation.
- Biometric Authentication: Optional fingerprint or face authentication for App access, processed entirely on your device.
3.3 AI Processing
- Financial data sent to AI providers (for chat and insights) is transmitted securely and is not used by third-party AI providers to train their models.
- Receipt images sent for OCR processing are used solely for text extraction and are not retained after processing.
4 Data Sharing & Disclosure
We do not sell, trade, or rent your personal financial data to third parties.
We may share information only in the following circumstances:
- AI Service Providers: We use third-party AI providers (Google Gemini, Qwen, OpenAI) to power the AI chat assistant, financial insights, and receipt OCR. Only the minimum necessary data is shared with these providers for processing, subject to their respective privacy policies.
- Firebase (Google): We use Firebase for authentication, push notifications, and analytics. Firebase processes data according to Google’s privacy policy.
- Family Members: If you join a family group, your transaction data and budget information may be visible to other members of that group, according to the permissions you set.
- Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.
5 Your Rights & Choices
You have the following rights regarding your data:
- Access & Export: You can view all your financial data within the App. Export functionality (CSV, PDF, Excel) is available in the Reports section.
- Edit & Delete Transactions: You can edit or delete any transaction, budget, or category at any time.
- Delete Account: You can permanently delete your account and all associated data from Settings > Account > Delete Account. This action is irreversible.
- Notification Preferences: You can customize which notifications you receive and set quiet hours in Settings > Notifications.
- Biometric Authentication: You can enable or disable biometric login at any time in Settings > Security.
- Withdraw Consent: You can stop using the App at any time. Uninstalling the App removes all locally stored data.
6 Data Retention
- Active Accounts: We retain your data for as long as your account is active.
- Deleted Accounts: When you delete your account, all personal data is permanently removed from our servers within 30 days.
- Receipt Images: Processed in real-time for OCR and not permanently stored on our servers.
- Analytics Data: Aggregated, anonymized analytics data may be retained indefinitely for service improvement.
7 Children’s Privacy
MaxFin is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete such information promptly.
8 Third-Party Links & Services
The App may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
9 Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy within the App and updating the “Last updated” date. Your continued use of the App after changes constitutes acceptance of the updated policy.
10 Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: