Overview
CashDiary ("the App"), developed by Golden Roots, respects your privacy. This Privacy Policy explains what data the App accesses, how it is used, how it is shared, and your choices regarding your data.
By using the App, you agree to the collection and use of information in accordance with this policy.
Permissions & Local Data
Camera & Photo Library Access
The App uses your device's camera and photo library to attach receipt photos and images to transactions. Selected images are processed entirely on your device. No image data is transmitted to any server or third party unless you explicitly choose to back up your data via Google Drive.
Financial Data
All your financial data - including transactions, accounts, credit cards, loans, budgets, and categories - is stored locally on your device using an encrypted local database. This data never leaves your device unless you explicitly choose to export or back it up.
Notifications
The App may request notification permission to send you bill reminders, budget alerts, and recurring transaction notifications. You can disable notifications at any time through your device settings.
App Security
CashDiary offers robust security features to protect your financial data:
- 6-digit PIN lock - Required to open the App, keeping your data private
- Biometric authentication - Supports fingerprint and face recognition as a convenient alternative to PIN
- Password hashing - Your PIN is hashed using PBKDF2 with 100,000 iterations, making it extremely difficult to crack even if device data is accessed
- Encrypted local database - All financial data is stored in an encrypted database on your device
- Auto-lock - The App automatically locks when you switch to another app or after a period of inactivity
Google Drive Backup
The App offers an optional Google Drive backup feature. When you choose to use this feature:
- The App requests access to Google Drive's app-specific storage (
appDataFolder) only. - Your financial data is encrypted in transit (HTTPS/TLS) and stored in a private folder that only this App can access.
- No other files on your Google Drive are accessed, read, or modified.
- You can disconnect your Google account or delete the backup data at any time through the App's settings.
Local Backup & Export
The App provides multiple ways to export and back up your data locally:
- Excel (.xlsx) - Export transactions as a spreadsheet
- PDF - Generate formatted reports of your transactions
- JSON - Export raw data for personal backup or migration
- CSV - Export in comma-separated format for use in other applications
Exported files are saved to your device's local storage. These files are not uploaded to any server by the App. You are responsible for managing and securing exported files.
Google Sign-In
If you use the Google Drive backup feature, you will be asked to sign in with your Google account. The App accesses only the following information:
- Email address - to display which account is connected
- Display name - to show your name in the settings screen
- Profile photo - to show your avatar in the settings screen
This information is used only for display purposes within the App and is not stored on any external server or shared with any third party.
Advertising
The App displays advertisements using the following third-party advertising SDKs:
| SDK | Data Collected | Purpose |
|---|---|---|
| Google AdMob | Device identifiers (Advertising ID), app interactions, diagnostics | Ad serving & personalization |
| Unity Ads | Device identifiers (Advertising ID), app interactions, diagnostics | Ad serving & mediation |
| Pangle | Device identifiers (Advertising ID), app interactions, diagnostics | Ad serving & mediation |
| Liftoff (Vungle) | Device identifiers (Advertising ID), app interactions, diagnostics | Ad mediation & personalization |
| InMobi | Device identifiers (Advertising ID), app interactions, diagnostics | Ad mediation & personalization |
These SDKs may collect data automatically to serve relevant advertisements. You can opt out of personalized ads through your device's advertising settings:
- Android: Settings → Privacy → Ads → Delete advertising ID
For more information, see: Google Privacy Policy | Unity Privacy Policy | Pangle Privacy Policy | Liftoff Privacy Policy | InMobi Privacy Policy
Analytics
The App uses Firebase Analytics to collect anonymous usage statistics including:
- App opens and session duration
- Feature usage patterns
- Crash logs and error reports
- App performance diagnostics
This data is aggregated and cannot be used to identify individual users. It is used solely to improve the App's performance and user experience.
For more information, see: Firebase Privacy Policy
Data Collection Summary
| Data Type | Collected | Shared | Required | Purpose |
|---|---|---|---|---|
| Financial data (transactions, accounts, cards, loans) | Yes | No | Core | App functionality |
| Transaction photos | Yes | No | Optional | Receipt attachment |
| Email address | Yes | No | Optional | Google Drive backup |
| App interactions | Yes | Yes | Auto | Analytics, Advertising |
| Crash logs | Yes | No | Auto | Analytics |
| Diagnostics | Yes | Yes | Auto | Analytics, Advertising |
| App performance | Yes | No | Auto | Analytics |
| Device IDs | Yes | Yes | Auto | Advertising, Analytics |
All collected data is encrypted in transit using HTTPS/TLS.
Important: Your financial data (transactions, accounts, credit cards, loans) is never shared with any third party. It stays on your device or in your personal Google Drive backup.
Data Deletion
You can request deletion of your data through the following methods:
1. Delete Financial Data (In-App)
Open the App → go to Settings → use Delete All Data to clear all transactions, accounts, credit cards, loans, categories, and saved images.
2. Delete Google Drive Backup
Open the App → go to Settings → tap your connected Google account → tap Disconnect to revoke access. Then:
- Go to Google Drive → Settings → Manage Apps
- Find CashDiary
- Select Delete hidden app data to permanently remove all backup files
3. Delete Exported Files
Exported files (Excel, PDF, JSON, CSV) are saved to your device's storage. Navigate to your device's file manager and delete the exported files manually.
4. Delete All Local Data
Uninstall the App from your device to remove all locally stored data, including financial records, images, settings, and PIN configuration.
Important: We do not maintain any user data on our own servers. All data is stored locally on your device or in your personal Google Drive account.
Data Security
We take the security of your financial data seriously. The following measures are in place:
- All data transmitted between the App and external services is encrypted using HTTPS/TLS
- Financial data is stored in a local encrypted database on your device
- App access is protected by 6-digit PIN with PBKDF2 hashing (100,000 iterations)
- Biometric authentication (fingerprint/face) provides additional security
- Google Drive backup uses Google's secure infrastructure with app-specific isolated storage
- The App does not store any user data on external servers owned or operated by Golden Roots
No Account Required
The App is fully functional without creating an account or providing any personal information. Google Sign-In is only required for the optional Google Drive backup feature. You can use all financial tracking, budgeting, and export features without signing in.
Children's Privacy
This App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided personal data through the App, please contact us so we can take appropriate action.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in the App or applicable laws. Any changes will be reflected on this page with an updated Last updated date.
Contact Us
If you have any questions about this Privacy Policy, need assistance with data deletion, or have concerns about your privacy, please contact us at:
goldenroots.apps@gmail.com