Privacy Policy
Last updated: 20 June 2026
The short version
- Your financial data stays on your device. The expenses, income, wallets and categories you record are stored locally on your phone. We never receive them and cannot see them.
- No ads, no analytics, no selling of data. We do not run advertising, behavioural tracking, or sell or rent any information.
- Optional cloud backup goes to your own Google Drive — not to us — and only if you turn it on.
- We collect crash & diagnostic reports so we can fix bugs. These contain technical information, not your financial records.
This Privacy Policy explains how Expense Ledger (“we”, “us”, the “App”) handles information when you use the Expense Ledger mobile application. By using the App, you agree to the practices described here.
1. Who we are & how to contact us
Expense Ledger is a personal-finance application that helps you track your money privately, on your own device. For any privacy question or request, contact us at:
- Email: info.expledger@gmail.com
- Website: https://expledger.com
For the purposes of the EU/UK GDPR, Expense Ledger is the “data controller” for the limited diagnostic data described below. Under India’s Digital Personal Data Protection Act, 2023, we act as the equivalent “Data Fiduciary”.
2. Information we collect
2.1 Data you create in the App (stored on your device)
Everything you enter — transactions (expenses, income, transfers), amounts, notes, categories, wallets/accounts, currency and reminder settings — is stored locally on your device. This data is not transmitted to us and we have no access to it. It exists only on your device unless you choose to back it up (see §2.2) or export it yourself.
2.2 Google account & Google Drive (only if you enable backup)
If you choose to enable cloud backup, the App uses Google Sign-In to authenticate you and the Google Drive API to store a backup file in your own Google Drive (in an app-specific area of your personal Drive).
- The backup is stored in your Google account — not on any server operated by us.
- We request only the minimum Drive permission needed to create and restore your backup; we do not read your other Drive files.
- If you do not enable backup, no Google account information is used at all.
- Your use of Google Drive is also governed by Google’s Privacy Policy.
2.3 Crash & diagnostic data
To keep the App stable, we collect crash logs and diagnostic information through a third-party crash-reporting service. This may include:
- device model, operating-system version and app version;
- the technical details of a crash or error (stack traces, the screen or action that triggered it);
- a randomly-generated, non-identifying installation identifier.
These reports are used solely to diagnose and fix problems. They are not used to identify you and do not contain the contents of your transactions or financial records.
2.4 Device permissions
| Permission | Why it is used |
|---|---|
| Notifications | To send the optional daily reminder you schedule. |
| Biometric / device credential | For App Lock, so only you can open the app. Authentication happens on-device; we never receive your biometrics. |
| Internet / network | Only to back up to your Google Drive (if enabled) and to send crash reports. |
| Storage / files | To import and export your data as CSV files that you choose. |
3. How we use information
- To provide the App’s core features (which run on your device).
- To back up and restore your data to your own Google Drive, at your request.
- To detect, diagnose and fix crashes and bugs, and improve reliability.
We do not use your information for advertising, profiling, or automated decision-making, and we do not sell or rent it.
4. Legal bases for processing (GDPR/UK)
- Consent — for enabling Google Drive backup, and for optional notifications.
- Legitimate interests — for limited crash/diagnostic data, to keep the App secure and working. You can object as described in §7.
5. Sharing & third-party services
We do not sell your data or share it for advertising. Information is shared only with the service providers that make the features above work:
- Google (Google Sign-In & Google Drive) — when you enable backup. See Google’s Privacy Policy.
- Our crash-reporting provider — which processes the diagnostic data in §2.3 on our behalf.
We may also disclose information if required by law, or to protect our rights and the safety of users.
6. Data retention
- On-device data stays until you delete it or uninstall the App.
- Google Drive backups remain in your Drive until you delete them; you control them through your Google account.
- Crash/diagnostic data is retained only as long as needed to investigate issues and is then deleted or anonymised.
7. Your rights & choices
Depending on where you live (including under GDPR and India’s DPDP Act), you may have the right to access, correct, delete, or export your personal data, to withdraw consent, and to object to or restrict certain processing. Because your financial data lives on your device, you are already in direct control of most of it:
- Access / export: view your data in the App or export it to CSV at any time.
- Delete on-device data: delete entries within the App, or uninstall the App to remove all local data.
- Delete your backup: remove the backup file from your Google Drive, or disconnect Google in the App’s settings.
- Diagnostic data / other requests: email info.expledger@gmail.com and we will action your request, including deletion of any diagnostic data associated with your installation, within the time required by law.
You may also lodge a complaint with your local data-protection authority (e.g. the Data Protection Board of India, or your EU/UK supervisory authority).
8. Data security
Your data is stored on your device and protected by your device’s security and the App’s optional biometric App Lock. Backups are transmitted to Google Drive over encrypted (HTTPS/TLS) connections. No method of storage or transmission is 100% secure, but we take reasonable measures to protect your information.
9. Children’s privacy
The App is intended for a general audience and is not directed to children under the age of 13 (or the minimum age required in your country). We do not knowingly collect personal data from children. If you believe a child has provided us information, contact us and we will delete it.
10. International data transfers
The third-party providers above (such as Google and our crash-reporting provider) may process data on servers located outside your country. Where required, such transfers are protected by appropriate safeguards (for example, the European Commission’s Standard Contractual Clauses).
11. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, for material changes, provide notice within the App or on our website. Your continued use of the App after changes take effect constitutes acceptance of the updated policy.
12. Contact us
Questions or requests about this policy or your data? Email info.expledger@gmail.com.