1. Introduction

Welcome to Finlio ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App"). Finlio is developed and maintained by CodEnity.

By using Finlio, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

2. Information We Collect

2.1 Personal Financial Data (Stored Locally)

All your financial data is stored locally on your device using encrypted SQLite database (Drift). This includes:

• Transactions: Amounts, categories, dates, descriptions, and receipt images
• Budgets: Budget limits, spending amounts, and categories
• Investments: Investment names, amounts, returns, and dates
• Debts: Debt amounts, creditors, interest rates, and payment schedules
• Savings Goals: Goal names, target amounts, and progress
• Recurring Payments: Subscription names, amounts, and frequencies
• Categories: Custom category names and icons

Important: This data never leaves your device unless you explicitly choose to create a backup.

2.2 Security Settings (Stored Locally)

• Biometric Data: Used for app lock authentication (stored in device's secure enclave, never uploaded)
• PIN/Password: Encrypted and stored in device's secure storage
• App Preferences: Currency, language, theme, notification settings

2.3 Analytics Data (Firebase Analytics)

We collect anonymous usage data to improve the app experience:

• App opens and session duration
• Feature usage (which screens you visit)
• Button clicks and interactions
• Device model, OS version, and app version
• Crash reports (via Firebase Crashlytics)

Note: Analytics data is anonymous and cannot be traced back to you personally.

2.4 Advertising Data (AdMob)

We use Google AdMob to display advertisements. AdMob may collect:

• Advertising ID (can be reset in device settings)
• Device information (model, OS, screen size)
• App usage patterns for ad targeting
• IP address (approximate location)

You can opt out of personalized ads in your device settings.

2.5 Backup Data (Google Drive - Optional)

If you choose to enable Google Drive backup:

• Your financial data is encrypted (AES-256) before upload
• Backups are stored in your private Google Drive app folder
• Only you can access your encrypted backups
• We cannot read or access your backup data
• Google's privacy policy applies to data stored in Google Drive

3. How We Use Your Information

3.1 Local Data Usage

• Display your financial information in the app
• Calculate budgets, savings progress, and analytics
• Send local notifications (reminders, budget alerts)
• Provide personalized insights and recommendations

3.2 Analytics Usage

• Improve app performance and stability
• Understand which features are most used
• Identify and fix bugs and crashes
• Make informed decisions about new features

3.3 Advertising Usage

• Display relevant advertisements (free version only)
• Monetize the app to support development

4. Data Security

We implement industry-standard security measures:

• Local Encryption: All financial data is encrypted using SQLCipher
• Secure Storage: PINs and passwords stored in Flutter Secure Storage
• Biometric Protection: Optional app lock using fingerprint/Face ID
• Backup Encryption: Google Drive backups encrypted with AES-256
• No Cloud Storage: No financial data stored on our servers
• Secure Connections: All network requests use HTTPS

5. Data Sharing and Disclosure

5.1 We DO NOT Share Your Financial Data

Your transaction amounts, budgets, investments, debts, and savings are never shared with anyone.

5.2 Third-Party Services

We use the following third-party services:

• Google Firebase: Analytics and crash reporting
  Firebase Privacy Policy
• Google AdMob: Advertisement display
  Google Privacy Policy
• Google Drive API: Optional encrypted backups
  Google Privacy Policy

5.3 Legal Requirements

We may disclose anonymous analytics data if required by law, but we cannot disclose your financial data because we don't have access to it.

6. Your Privacy Rights

6.1 Data Access and Control

• Access: All your data is in the app - you have full access anytime
• Export: Export your data to CSV/PDF format anytime
• Delete: Use "Clear All Data" in Settings to permanently delete everything
• Backup Control: Enable/disable Google Drive backup at any time

6.2 Analytics Opt-Out

Currently, analytics helps us improve the app. In a future update, we'll add an option to disable analytics if desired.

6.3 Advertising Control

• Reset your Advertising ID in device settings
• Opt out of personalized ads in Google settings

7. Data Retention

• Local Data: Retained until you delete it manually
• Analytics Data: Retained by Firebase for up to 14 months
• Backup Data: Retained in your Google Drive until you delete it
• Account Deletion: Deleting the app removes all local data immediately

8. Children's Privacy

Finlio is not intended for users under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us.

9. International Users

Finlio stores data locally on your device. If you use Google Drive backup, your data may be transferred to and stored on Google's servers worldwide. We comply with GDPR (Europe) and CCPA (California) requirements:

• Right to Access: Export your data anytime
• Right to Deletion: Clear all data in Settings
• Right to Portability: Export to CSV/PDF
• Right to Opt-Out: Disable backups and analytics

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. We'll notify you of significant changes through the app.

Continued use of Finlio after changes means you accept the updated policy.

11. Third-Party Links

Finlio may contain links to external websites (our website, YouTube channel). We are not responsible for the privacy practices of these sites. Please review their privacy policies.