Welcome to CashNote (hereinafter referred to as "we", "our", or "us"). We are dedicated to safeguarding your privacy and ensuring the security of your financial information. This Privacy Policy outlines the methods by which we collect, process, and protect your data.
1. Our Core Commitment: Local-First Data Processing
We strictly adhere to a "Local Processing" principle for all sensitive user data, which is implemented as follows:
- SMS & Call Logs: We guarantee that your raw SMS messages and call history are processed solely on your device (locally). Under no circumstances do we upload, store, or share your unprocessed SMS content or call records with our servers or any third-party entities.
2. Permissions and Data Usage
To deliver automated bookkeeping and security features, CashNote requests the following permissions. Below is a detailed explanation of how each permission is used:
A. SMS Permission Optional
Purpose: To automatically track your expenses and income.
How It Works: Our algorithms scan your SMS inbox locally on your device to identify transactional messages (e.g., those from banks or digital wallets). We only extract the amount, merchant name, and transaction date to generate a draft entry for your financial ledger.
Privacy Guarantee: We do not access your personal or private messages (such as OTPs or family conversations). The raw content of your SMS messages is never transmitted to our servers.
B. Call Log Permission Optional
Purpose: For account security and device verification (via Voice OTP).
How It Works: When SMS verification code login is unavailable, you can complete verification and log in by receiving a voice call. Your call log data is only used for login verification purposes and will not be stored, uploaded, or shared with any third parties.
Privacy Guarantee: We do not upload your call history or contact list. This permission is strictly used for local verification processes.
C. Installed Applications
Purpose: To scan your device's security environment.
How It Works: We locally scan the list of installed applications on your device to detect potential malware, screen recorders, or remote access trojans that could compromise the security of your financial data.
D. Camera & Location Optional Permissions
Camera: Only used if you choose to take a photo within the app.
Location: Only used if you opt to tag a specific location to a transaction entry.
3. Data Security
We implement industry-standard security measures to protect your data:
- No Clear Text Transmission: We do not allow unencrypted HTTP traffic; all communications are directed to our secure API endpoints (e.g., https://api.aroneg.click).
4. Data Disclosure and Sharing
- No Sale of Data: We do not sell your personal information to any third parties.
- Service Providers: We may share your mobile phone number with trusted SMS/Voice gateway providers solely for the purpose of sending OTPs (One-Time Passwords) for login authentication.
- Legal Requirements: We may disclose data if required by law enforcement agencies or court orders in accordance with applicable laws and regulations.
5. Your Rights
- Access and Correction: You can view and edit your ledger data directly within the app.
- Deletion: You have the right to apply to cancel your account and delete all associated data stored locally. You can contact customer service for assistance.
6. Contact Us
If you have any questions regarding this Privacy Policy or wish to file a complaint, please contact our Grievance Officer: