Back to Home

Privacy Policy

Last Updated: June 20, 2026

1. Information We Collect

To provide our expense tracking service, we collect the following information:

  • Account information: Email address, display name, and an encrypted password (or Google identity when you sign in with Google). An account is required to use Finsighto.
  • Financial data: Expense amounts, merchant names, categories, transaction dates, notes, budgets, and recurring expense configurations that you enter or that are extracted from your receipts and voice entries.
  • Receipts and attachments: Photos of receipts you scan, PDF documents you upload, and any OCR text extracted from them.
  • Voice transcripts: When you use voice input, your spoken expense description is transcribed and sent to our servers for AI parsing.
  • Device metadata: Your device's currency preference and timezone to display amounts and dates correctly.

2. How We Use Your Data

Your data is used exclusively to provide the Finsighto service:

  • Storing and displaying your expense history, budgets, and analytics.
  • Processing receipts and bank notification text through AI to extract merchant names, amounts, and categories.
  • Generating spending insights and budget progress summaries.
  • Synchronizing your data across your own devices when you sign in.

We do not sell, rent, or share your personal data with third parties for their own marketing or advertising purposes. We do not track your location, device advertising IDs, or browsing history.

3. AI Processing & Third-Party Services

Finsighto uses a third-party AI service provider to power receipt parsing, text extraction, voice categorization, and spending insights. When you scan a receipt or use voice input, the relevant content is sent to this provider for processing. The provider processes this data solely to return parsed results and does not use your data to train its models. You can disable AI features by turning off AI-powered extraction in the app settings.

Receipt images and attachments are stored using secure cloud storage infrastructure to enable fast loading and access across your devices.

4. Data Storage & Security

Your account data, expenses, budgets, and receipt metadata are stored on our servers in a secure database. Receipt images and PDF files are stored in cloud object storage. All communication between the Finsighto app and our servers is encrypted in transit using TLS (HTTPS).

A local copy of your expense data is cached on your device in encrypted local storage, allowing you to view your recent transactions offline. This local cache is automatically synchronized with the server when you are online.

5. Google Sign-In

You may optionally sign in using your Google account. When you use Google Sign-In, we receive your Google email address and display name. We do not access your Google Drive, contacts, or any other Google service data. You can unlink your Google account at any time from the app settings (provided you have a password set to prevent account lockout).

6. Data Retention & Deletion

We retain your data for as long as your account remains active. You can permanently delete your account and all associated data at any time from the app settings. Account deletion is irreversible and cascades to all your expenses, receipts, budgets, and recurring expense configurations — both on our servers and in cloud storage.

You can also export your expense data to CSV or JSON format at any time before deleting your account.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct any inaccurate or incomplete data.
  • Erasure: Request deletion of your data (also available directly in the app).
  • Portability: Receive your data in a structured, machine-readable format (CSV/JSON export is available in the app).
  • Restriction: Request that we limit how we process your data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time.
  • Complaint: Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us at the email address listed in the Contact section below.

8. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contractual necessity: Processing required to provide the Finsighto service you have requested (e.g., storing your expenses, syncing across devices).
  • Consent: Where you have given clear consent (e.g., using Google Sign-In, enabling AI-powered extraction).
  • Legitimate interests: For purposes such as improving our service, preventing fraud, and ensuring security, where these interests are not overridden by your rights.

9. Children's Privacy

Finsighto is not directed to children under the age of 13 (or the relevant age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately so we can remove it.

10. International Data Transfers

Your data is stored on servers and cloud infrastructure that may be located outside your country of residence. We take appropriate safeguards to ensure your data remains protected in accordance with this Privacy Policy, including using service providers that adhere to recognized data protection frameworks where applicable.

11. Contact Us

Finsighto is operated by Webbers Network (Malaysia). If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons. We will notify you of material changes through the app or via email.