Log in

Privacy Policy

Effective date: 2026-06-10

This Privacy Policy describes how Finnep (“we”, “us”, or “our”) collects, uses, stores, and shares information when you use our budget and expense tracking service, including the website and the Finnep mobile application for Android (package name com.finnep.finnep).

By creating an account or using the service, you agree to this policy. If you do not agree, please do not use the service.

1. Who we are

Finnep is a personal finance tool for tracking budgets, expenses, financial accounts, loans, and shared household spending. The service is operated by the developer of the application.

For privacy questions or requests, contact us at letters@pjoriginal.com.

2. Information we collect

We collect information you provide directly and information generated by your use of the service.

Account information

  • Name — displayed in your profile and shared with collaborators where relevant.
  • Email address — used to sign in, verify your account, reset your password, and send invitations.
  • Password — stored in hashed form; we never store your plain-text password.
  • Profile photo (optional) — a JPEG image you upload, resized to stay under about 200 KB.

Financial and personal content you enter

Depending on how you use the service, this may include:

  • Budgets, categories, category items, tags, and budget line amounts
  • Expenses (amounts, dates, payment method, notes, category lines, and optional receipt photos)
  • Financial accounts (name, currency, institution, last four digits, notes) and account transactions
  • Loans (counterparty, amounts, interest rate, due dates, payment history, notes, and optional images)
  • Todos and task assignments
  • Contacts (email addresses of people you invite to collaborate)
  • In-app notifications related to your activity

This data is financial and personal in nature. You choose what to enter. We do not connect to banks or pull transactions automatically.

Images you upload

  • Expense receipt photos (optional, resized to about 200 KB)
  • Profile photos (optional)
  • Loan timeline images (optional)

Images are stored on our servers and are accessible only to you and users you have granted access through budgets, contacts, or sharing settings.

Technical and usage information

  • Session cookies (website) — to keep you signed in and protect against cross-site request forgery.
  • API tokens (mobile app) — a bearer token stored on your device after login so the app can call the API on your behalf.
  • Server logs — standard web server and application logs (for example IP address, request time, and error details) used for security and troubleshooting.

We do not use third-party advertising networks, analytics SDKs, or crash reporting services in the Finnep Android app. The Android app requests Internet permission only so it can communicate with our API.

Information we do not collect

  • Precise location or GPS data
  • Contacts from your device address book (you type or search email addresses within the app)
  • Payment card numbers or bank login credentials
  • Health, biometric, or government ID data

3. How we use your information

We use the information we collect to:

  • Provide, operate, and maintain the service
  • Authenticate you and keep your account secure
  • Send transactional emails (verification, password reset, budget and contact invitations)
  • Enable collaboration features you choose (shared budgets, shared accounts, todos, and contact-based sharing)
  • Generate reports and notifications you request (for example monthly spending reports or loan due-date reminders)
  • Respond to support requests and enforce our terms
  • Detect, prevent, and address abuse, fraud, or technical issues

We do not sell your personal information or use it for targeted advertising.

4. How we share your information

We share information only in these situations:

With other users you invite

When you share a budget, financial account, category, or todo with another user, that user can see the shared data according to the permission you set (view or edit). Invited users receive your name and the email address associated with your account when relevant to the invitation.

With service providers

We use infrastructure needed to run the service (for example hosting, database, and email delivery). These providers process data on our behalf and only as needed to provide the service. The specific providers depend on how the application is deployed.

For legal reasons

We may disclose information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect rights, safety, or security.

Business transfers

If the service is transferred to another organization (for example through a merger or acquisition), your information may be transferred as part of that transaction. We will notify you if required by law.

5. Local storage on your device (Finnep mobile app)

On Android, the Finnep app may store data locally to improve performance and offline access:

  • An authentication token in device storage so you stay signed in
  • A local SQLite cache of budgets, expenses, categories, tags, and financial accounts synced from your account
  • Temporary session data for invitation deep links until you sign in

Cached data is scoped to your user account and cleared when you log out. Uninstalling the app removes local data from your device. Server-side data remains until you delete your account.

6. Data retention

We retain your information for as long as your account is active or as needed to provide the service. If you delete your account, we delete your user record and associated personal content, including profile and uploaded photos, subject to any backups that may persist for a limited period before being overwritten.

Server logs are retained for a limited time for security and operations, then rotated or deleted.

7. Security

We use reasonable technical and organizational measures to protect your information, including password hashing, HTTPS in production, access controls, and authorization policies so users can only access data they own or that has been shared with them.

No method of transmission or storage is completely secure. You are responsible for keeping your password confidential and for activity on your account.

8. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, or to object to or restrict certain processing.

  • Access and update — edit your name, email, and profile photo in account settings (web or Finnep).
  • Delete your account — available in profile settings on the website or in the Finnep app. Deletion requires your current password and permanently removes your account and associated data from our active systems.
  • Manage sharing — revoke budget members, contact shares, and pending invitations at any time.
  • Email — transactional emails related to security and invitations cannot be disabled while you use the service; you can stop using the service and delete your account to stop further contact.

To exercise other rights or ask questions, email letters@pjoriginal.com. We may need to verify your identity before fulfilling a request.

9. Children’s privacy

The service is not directed to children under 13 (or the minimum age required in your country). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will take steps to delete it.

10. International users

Your information may be processed and stored on servers located in the country or region where the service is hosted. By using the service, you understand that your information may be transferred to and processed in jurisdictions that may have different data protection laws than your own.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the effective date above. For material changes, we may also notify you by email or in-app notice. Continued use after changes take effect means you accept the updated policy.

12. Contact us

If you have questions about this Privacy Policy or our data practices, contact:

Finnep
Email: letters@pjoriginal.com