Privacy Policy

Effective date: 2025-10-06

Spendrix ("we", "our", "us") is designed with a privacy-first approach. We minimize permissions and store data locally whenever possible. This page explains how our Money Tracker app uses permissions and data, specifically for optional Google Drive backup and restore.

Permission Use Disclosure: Google Drive Sync (no GET_ACCOUNTS)

This section explains how the Money Tracker app enables optional Google Drive backup/restore without requesting the legacy Android permission android.permission.GET_ACCOUNTS. We removed GET_ACCOUNTS, MANAGE_ACCOUNTS, and USE_CREDENTIALS from our manifest and rely on modern Google APIs and user consent flows.

Where it is declared

<!-- Required permissions for money tracker -->
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE_DATA_SYNC" />
<!-- No GET_ACCOUNTS / MANAGE_ACCOUNTS / USE_CREDENTIALS -->

How Google Drive sync works without GET_ACCOUNTS

• Modern OAuth consent: We use Google APIs that present an OAuth consent screen where the user explicitly selects their Google account. We do not query device accounts.
• Scoped access: The app requests only the minimal Google Drive scopes needed to create, read, and update the app’s backup files in the user’s own Drive.
• No password access: The app never accesses passwords or broad account lists; it receives an access token bound to the chosen account and scopes.

Why no GET_ACCOUNTS is needed

• Drive-only feature: The app currently offers Google Drive backup/restore only; there is no app-wide sign-in. The OAuth consent handles account selection.
• Permissions minimization: Removing GET_ACCOUNTS reduces permission surface area and avoids unnecessary access to device-wide account lists.

Data we access and process

• Account identifier (limited): The Google APIs may provide the selected account’s basic identifier associated with the OAuth token to route backups correctly.
• No sensitive content: We do not read emails, contacts, or passwords, and we do not request Contacts permission.

How we use this data

• OAuth session: To obtain and refresh Drive-scoped tokens for backup/restore.
• Backup association: To ensure backups and restores occur under the correct Google account.

Storage and retention

• Local storage: The selected account identifier or token references may be stored locally (e.g., in shared preferences or app-private storage) to keep the user signed in.
• Cloud storage: If the user enables Drive backup, their app data is written to their own Google Drive. We do not store users’ personal account data on our servers.
• Retention: Account identifiers are retained only as long as needed for sign-in and backup. Clearing app data or signing out removes these references.

Sharing and third parties

• No sale of data: We do not sell or rent personal data.
• Third-party processors: Google (Identity/Sign-In, Google Drive) processes data under its own terms. Data sharing is limited to what is necessary to enable sign-in and backup.

Security

• Transport security: All communications with Google services use HTTPS/TLS.
• App sandboxing: Data is stored in app-private storage. Tokens/identifiers are handled using recommended SDK flows.

User control and choices

• Opt-in: Users choose to sign in with Google and can cancel at any time.
• Opt-out: Users can sign out in-app and/or disable backup. They can also revoke the app’s access from their Google Account security settings.
• Access & deletion: Users can clear app data, uninstall the app, or delete backups from Google Drive at any time.

Children’s data

Money Tracker is not directed to children. If you are a parent/guardian and believe we have collected a child’s data, contact us (see Contact section) to request deletion.

Compliance notes (Google Play/Data safety)

• GET_ACCOUNTS is considered a permission that requires a published privacy policy. This page provides our rationale and usage details to comply with Google Play requirements.
• We disclose how the permission is used (identity and backup features), the data types accessed (account identifier), purposes (authentication, backup), sharing (limited to Google services), and user controls.

Minimization

We removed GET_ACCOUNTS, MANAGE_ACCOUNTS, and USE_CREDENTIALS. The app uses OAuth consent and Drive scopes only.

Contact

If you have questions or requests regarding this permission or our privacy practices, contact: nikhilmeena809@gmail.com.

Change log

• 2025-10-06: Updated to reflect removal of GET_ACCOUNTS and Drive-only sync.