Privacy Policy

1. Introduction

Welcome to Fiby ("we," "our," or "us"). Fiby is a personal finance tracking and organization application developed and owned by Accie Technologies. This Privacy Policy explains what data is processed when you use the Fiby mobile application (the "App").

Accie Technologies
4th Floor, Unispace Business Center
1-90/7/B/125, Plot No: 47, 48, 49
Street No: 1, Patrika Nagar
Madhapur, Hyderabad, Telangana, India - 500081

2. Categories of Data Processed

Fiby processes different categories of data in different ways. Some data is stored primarily on your device, while certain limited data may be processed off-device in the cases described below.

We only process the categories of data described in this policy, and we describe each category below together with its purpose and storage location.

2.1 Account and Authentication Data

When you create an account or sign in, we process:

• Email address: Required for Google Sign-In or email-based authentication through Firebase Authentication
• User ID (UID): Automatically generated by Firebase Authentication

Storage Location: Firebase Authentication servers (Google Cloud Platform)

Purpose: User authentication, account recovery, and security

2.2 Financial and App Data Stored Locally

The following information is stored primarily on your device:

• Financial transactions (expenses, income, investments)
• Budget information and financial goals
• Notes, shopping lists, and reminders
• Account balances and wallet information
• Transaction categories and customizations
• Optional profile information (display name, preferences, language settings)
• Theme preferences and app settings

Important: This data is used to provide app functionality such as expense tracking, reporting, categorization, reminders, and insights. While this data is stored primarily on your device, it may be included in optional backup files if you choose to enable the Google Drive backup feature (see Section 2.3).

2.3 Optional Google Drive Backup Data

If you choose to enable the optional backup feature in the app:

• Backup files are created: Containing your app data (financial transactions, budgets, goals, notes, settings, and other user-entered information)
• Backup files are encrypted: Before upload using encryption implemented in the app
• Backup files are uploaded: To your connected Google Drive account (not to Fiby's servers)
• Backup restoration: Restoring a backup on another device may require a backup recovery code that was displayed when the backup was created
• User control: Backups are optional and user-initiated. You control when backups are created and can disconnect or delete backups through app settings

2.4 Crash Diagnostics Data

Fiby uses Firebase Crashlytics to detect and diagnose app crashes. When the app crashes or encounters errors, diagnostic information may be sent to Firebase Crashlytics, including:

• Device model and manufacturer
• Android version and device OS information
• App version and build information
• Stack traces and error logs
• Crash timestamp and session information
• Technical or pseudonymous identifiers used by the crash reporting service

Purpose: To identify, investigate, and fix app crashes and technical issues

Data Minimization: Crash reports are processed to minimize the inclusion of personal or financial information. However, diagnostic and analytics data may include technical or pseudonymous identifiers used by the service provider.

Retention: Crash data is retained by Firebase Crashlytics according to Firebase's data retention policies

2.5 Optional Analytics Data (Opt-In Only)

Fiby supports Firebase Analytics on an opt-in basis only. Analytics is disabled by default. If you choose to enable analytics in the app settings, Firebase Analytics may collect:

• Screen views: Which screens you visit (e.g., "Home," "Reports," "Settings") - screen names only
• Feature usage: Which features you use (e.g., "expense added," "report viewed") without financial details
• App interaction patterns: How you navigate through the app
• Session information: Session duration and frequency
• Device and performance data: Device type, Android version, app performance metrics (aggregated)
• Technical identifiers: Analytics data may include technical or pseudonymous identifiers used by Firebase Analytics

What Analytics Does NOT Include:

• Financial amounts or transaction values
• Merchant names or payee information
• Account balances
• Transaction details or descriptions
• Your precise location
• Notification content

Your Control: You can enable or disable analytics at any time in the app's Privacy settings.

2.6 Notification Access Data (Optional Permission)

If you grant notification access permission, Fiby may:

• Read financial transaction notifications from banking and payment apps
• Detect and extract transaction information (amount, merchant, date, account)
• Automatically categorize transactions
• Store the structured transaction data on your device for review, categorization, editing, and app functionality

What We Do Not Access: Fiby does not read personal messages, emails, OTPs, passwords, or non-financial notifications.

2.7 Biometric Data

Fiby does not collect or have access to biometric data. If you enable biometric authentication (fingerprint, face recognition), this is handled entirely by your device's secure hardware (Trusted Execution Environment). Fiby only receives a success or failure response from the operating system. Your biometric data never leaves your device and we have no access to it.

3. How We Use Your Information

3.1 To Provide and Maintain the App

• User authentication and account management (via Firebase Authentication)
• Enable core app functionality (transaction tracking, budgeting, reporting, reminders)
• Provide optional Google Drive backup and restore features
• Maintain app settings and user preferences

3.2 To Improve App Stability and Performance

• Detect, investigate, and fix crashes and technical issues (via Firebase Crashlytics)
• Monitor app performance and identify areas for improvement
• Test and optimize app features

3.3 To Understand Usage Patterns (If You Opt In to Analytics)

• Understand how users interact with different features
• Identify which screens and features are most used
• Prioritize development and feature improvements
• Optimize user experience and navigation flows

Note: Analytics is disabled by default and requires your explicit opt-in.

3.4 Processing Locations

On Your Device:

• Financial data storage and processing
• Transaction categorization and expense analysis
• Report generation
• Notification processing (if permission granted)
• Local backup file encryption (if backup enabled)

Off-Device (as described in this policy):

• Email address (Firebase Authentication servers)
• Crash diagnostic information (Firebase Crashlytics servers)
• Optional analytics data (Firebase Analytics servers - if opted in)
• Encrypted backup files (user's connected Google Drive account - if backup enabled)

4. Data Storage and Security

4.1 Storage Locations

On Your Device:

• Financial transactions, budgets, goals, notes, and settings are stored in the app's local database
• Data is accessible only through the app while installed on your device
• Optional biometric or PIN protection can be enabled for app access

Firebase Servers (Google Cloud Platform):

• Email address and authentication data (Firebase Authentication)
• Crash diagnostic information (Firebase Crashlytics)
• Optional analytics data if opted in (Firebase Analytics)

Your Google Drive Account (If Backup Enabled):

• Encrypted backup files containing your app data
• Stored in your connected Google Drive account, not on Fiby or Accie Technologies servers
• Backup files remain in your Google Drive until you delete them

4.2 Security Measures

• Encryption in Transit: All communication with Firebase and Google services uses TLS/SSL encryption (HTTPS)
• Backup Encryption: Backup files are encrypted before upload to Google Drive
• Authentication Security: Firebase Authentication provides industry-standard security for user accounts
• Optional App Lock: Users can enable biometric or PIN protection for app access
• Access Controls: We do not have direct access to your financial data stored on your device or in your encrypted Google Drive backups

4.3 Data Retention

• Local Data: Stored on your device until you delete it through app settings or uninstall the app
• Authentication Data: Retained in Firebase Authentication for as long as your account exists
• Crash Data: Retained by Firebase Crashlytics according to Firebase's retention policies
• Analytics Data: If opted in, retained by Firebase Analytics according to Firebase's retention policies
• Backup Files: Stored in your Google Drive until you delete them through the app's backup deletion feature or directly from Google Drive

4.4 Limitations of Security

While we implement reasonable security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the security of your device, Google account, and any backup recovery codes.

5. Data Sharing and Third-Party Service Providers

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your information to anyone for marketing, advertising, or any other commercial purpose.

5.2 Third-Party Service Providers

Fiby uses Google Firebase and Google Drive services to provide certain app functionality. These service providers may process limited data on our behalf as described below.

Firebase Authentication (Google)

• Purpose: User sign-in and account management
• Data Shared: Email address, user ID
• Privacy Policy: Google Privacy Policy

Firebase Crashlytics (Google)

• Purpose: Crash reporting and diagnostics
• Data Shared: Device information, app version, crash logs, technical identifiers
• Privacy Policy: Firebase Privacy Information

Firebase Analytics (Google) - Opt-In Only

• Purpose: Usage analytics (disabled by default)
• Data Shared: If you opt in: screen views, feature usage events, device information, technical identifiers (no financial details)
• Privacy Policy: Firebase Privacy Information

Google Drive API (Google) - Optional Backup Feature

• Purpose: Optional cloud backup storage
• Data Shared: If you enable backup: encrypted backup files are uploaded to your connected Google Drive account
• Important: Backup files are stored in your own Google Drive account, not accessed or controlled by Accie Technologies
• Privacy Policy: Google Privacy Policy

5.3 Legal Requirements and Law Enforcement

We may disclose information if required to do so by law or in response to:

• Valid legal process (court orders, subpoenas, search warrants)
• Government or regulatory investigations
• Compliance with applicable laws and regulations
• Protection of our rights, property, or safety, or that of our users or the public

Note: We can only disclose data that we have access to (authentication data, crash data, analytics data if opted in). We do not have access to your financial data stored locally on your device. Encrypted backups stored in your Google Drive are accessible only through your Google account.

5.4 Business Transfers

If Accie Technologies is involved in a merger, acquisition, sale of assets, or bankruptcy:

• We will notify you via email and/or a prominent notice in the app
• Your data may be transferred to the acquiring entity
• The new entity will be bound by this Privacy Policy unless you are notified otherwise
• You will have the option to delete your account before any transfer

5.5 No Other Third-Party Sharing

We do not share your data with:

• Advertisers or marketing companies
• Data brokers or aggregators
• Social media platforms (except as required for Google Sign-In authentication)
• Financial institutions or fintech companies
• Any other third parties except as described in this Privacy Policy

6. Data Deletion and Retention

6.1 Delete Data (Keep Account)

You can delete your local app data while keeping your account:

• What it does: Removes all locally stored financial data, transactions, budgets, goals, notes, and settings from your device
• What remains: Your account (email address) in Firebase Authentication
• Cloud backups: If you have previously created Google Drive backups, those backup files remain in your Google Drive unless you delete them separately
• How to do it: Use the "Delete Data" option in app settings
• Timeline: The deletion process starts immediately when you confirm it in the app and is intended to permanently remove local app data from your current device as part of that in-app flow
• No questions asked: You do not need to contact support to request this deletion

6.2 Delete Account

You can permanently delete your Fiby account:

• What it does: Removes your account and authentication data from Firebase Authentication, and deletes local app data from your device
• Effect: You will be signed out and will not be able to sign in again with the deleted account
• Cloud backups: Backup files stored in your Google Drive may remain in your Google Drive unless you delete them. Depending on your selection during account deletion, you may be offered the option to delete cloud backups as part of the deletion process
• Crash and analytics data: Previously collected crash and analytics data may be retained by Firebase according to their retention policies
• How to do it: Use the "Delete Account" option in app settings
• Irreversible: Account deletion is permanent and cannot be undone
• Timeline: The deletion request starts immediately when you confirm it in the app. Local app data is deleted as part of that flow, while backup files in your Google Drive remain until you delete them separately
• No questions asked: You do not need to email us or provide a reason to use the in-app account deletion flow

6.3 Delete Cloud Backups

To remove backup files stored in your Google Drive:

• Option 1: Use the backup management or deletion feature in the app while connected to the same Google account used for backups
• Option 2: Manually delete backup files directly from your Google Drive
• Important: Deleting your local data or Fiby account does not automatically delete backup files from your Google Drive

6.4 Data Retention Summary

• Local app data: Retained on your device until you delete it, delete your account, or uninstall the app
• Authentication data: Retained in Firebase Authentication until you delete your account
• Crash diagnostics: Retained by Firebase Crashlytics according to Firebase's data retention policies
• Analytics data: If opted in, retained by Firebase Analytics according to Firebase's data retention policies
• Google Drive backups: Retained in your Google Drive until you delete them

7. Your Rights and Choices

7.1 Access Your Data

• Local data: All financial data stored on your device is accessible through the app
• Export: You can export your data to CSV format through the app's export feature
• Authentication data: Contact us at [email protected] to request a copy of your email address and account information

7.2 Control Analytics

• Default: Analytics is disabled by default
• Enable/Disable: You can enable or disable Firebase Analytics at any time in the app's Privacy settings
• Effect: Changes apply immediately; previously collected analytics data may be retained according to Firebase's retention policies

7.3 Manage Permissions

• Notification Access: You can grant or revoke notification access permission at any time through your device's Settings > Apps > Fiby > Permissions
• Google Drive Access: You can disconnect Google Drive access through the app's backup settings or through your Google Account permissions
• Effect of Revocation: Revoking notification access will stop automatic transaction detection. Revoking Google Drive access will disable backup and restore features.

7.4 Core User Rights

• Access: You can access your local financial data directly in the app and export supported records when needed
• Delete: You can delete local data, delete your account, and delete backups as described in Section 6
• Withdraw Consent: You can withdraw consent for optional analytics, notification access, biometric use, and Google Drive backup by changing settings or revoking permissions

7.5 Rights for EU Users (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your personal data (email address) that we process
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your account and data
• Right to Data Portability: Export your data in a machine-readable format (CSV)
• Right to Object: Object to data processing (disable analytics, revoke permissions)
• Right to Withdraw Consent: Withdraw consent for optional features (analytics, notifications, backup) at any time
• Right to Lodge a Complaint: Contact your local data protection authority if you believe your rights have been violated

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

7.6 Rights for California Users (CCPA)

If you are a California resident, you have the following rights:

• Right to Know: Request disclosure of what personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information (use account deletion feature or contact us)
• Right to Opt-Out of Sale: We do not sell personal information, so no opt-out is necessary
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected] or use the in-app settings.

8. Children's Privacy

Fiby is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

If you believe a child under 18 has created an account or provided information to us, please contact us at [email protected] and we will take steps to delete the account and information.

9. Third-Party Banking and Financial Apps

Fiby may read notifications from third-party banking, payment, and financial services apps if you grant notification access permission. These third-party apps include but are not limited to:

• Banking apps (e.g., HDFC Bank, ICICI Bank, SBI, Axis Bank, and others)
• Payment apps (e.g., Google Pay, PhonePe, Paytm, and others)
• Credit card issuers and financial institutions

Your use of third-party banking and financial apps is governed by their respective terms of service and privacy policies. Fiby is only a tool for tracking and organizing financial information you provide or that is detected from notifications you authorize us to read.

10. International Data Transfers

While Fiby is primarily designed for users in India, some data may be transferred to and processed in countries outside of India through our use of Google Firebase services.

Data Transferred Outside India:

• Email address and authentication data (Firebase Authentication servers may be located in the United States or other regions)
• Crash diagnostic information (Firebase Crashlytics)
• Optional analytics data if opted in (Firebase Analytics)

Data Stored in Your Region:

• Financial data is stored primarily on your device in India (or your location)
• Google Drive backups (if enabled) are stored in your Google Drive account, which may be subject to Google's data residency policies

Safeguards for International Transfers:

• Google implements appropriate safeguards including Standard Contractual Clauses (SCCs) for international data transfers
• Data in transit is encrypted using TLS/SSL
• Google Cloud Platform maintains various compliance certifications

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

• Updating the "Last Updated" date at the top of this policy
• Posting a notice in the app
• Sending an email notification to your registered email address (where appropriate)

Reservation of Rights: As the sole owner and operator of Fiby, Accie Technologies expressly reserves the right, at its sole discretion and at any time, to modify the App, this Privacy Policy, the categories of data processed, the third-party services we use, the features offered, and the monetization or revenue model (including introducing an ad-free or premium plan, advertising, or in-app purchases). We will make commercially reasonable efforts to notify you of material changes through the App, our website, or your registered email. Your continued use of the App after such notice constitutes acceptance of the updated Privacy Policy.

Your continued use of the app after notification of changes constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you should stop using the app and delete your account.

12. Contact Information and Grievance Redressal

For India-Specific Grievances: If you have a privacy concern or grievance related to data processing, you may contact us using the information above. We will acknowledge receipt of your complaint and work to resolve it in accordance with applicable Indian law.

13. Important Disclaimers

13.1 Fiby Is Not a Financial Service Provider

Fiby is a personal finance tracking, organization, and reporting tool. Fiby is NOT:

• A bank, lender, or Non-Banking Financial Company (NBFC)
• A payment service provider, payment aggregator, or payment intermediary
• A registered investment adviser or broker-dealer
• An insurance provider, agent, or broker
• A tax preparation or accounting service
• A credit bureau or credit information company
• Subject to regulation by the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority of India (IRDAI), or similar regulatory bodies

Fiby does NOT:

• Provide financial, investment, tax, legal, or accounting advice
• Recommend or endorse specific financial products or services
• Access your bank accounts, investment accounts, or other financial institution accounts directly through APIs or account aggregation
• Facilitate, process, or transmit payments or financial transactions
• Guarantee the accuracy, completeness, or reliability of transaction detection or categorization

What Fiby Does: Fiby helps you manually track and organize your personal financial information on your device, with optional features like automatic transaction detection from notifications (if you grant permission) and optional cloud backup. Any financial decisions you make based on information in Fiby are your own responsibility. You should consult qualified professionals for financial, investment, tax, or legal advice.

13.2 No Warranties

Fiby is provided "as is" without warranties of any kind. We do not warrant that:

• The app will operate error-free or without interruptions
• Transaction detection or categorization will be 100% accurate
• Data backup or restore will always succeed
• The app meets your specific requirements or expectations

13.3 Accuracy of Information

Automated transaction detection and categorization may contain errors. You are responsible for reviewing and verifying all financial information in the app before relying on it for any purpose.

14. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify affected users within 72 hours of discovering the breach (where feasible)
• Send notification via email to your registered email address
• Post a notice in the app and on our website
• Describe the nature of the breach and what information may have been affected
• Provide guidance on steps you can take to protect yourself

Important: Since your financial data is stored primarily on your device (not on our servers), most types of server-side breaches would not affect your financial information. Any breach notifications would likely relate to authentication data or other limited data processed off-device.

15. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, or other regions with similar data protection laws, we process personal data based on the following legal bases:

Email Address and Authentication Data:

• Legal Basis: Contract Performance (to provide authentication services necessary for app functionality)

Crash Diagnostic Data:

• Legal Basis: Legitimate Interest (to identify and fix technical issues, improve app stability and user experience)
• Balancing Test: Our legitimate interest in maintaining a stable, functional app is balanced against minimal privacy impact, as crash data is processed to minimize personal information and is limited to technical diagnostics

Optional Analytics Data:

• Legal Basis: Consent (you must explicitly opt in to analytics; consent can be withdrawn at any time through app settings)

Google Drive Backup:

• Legal Basis: Consent (you must explicitly enable the optional backup feature; you can disable or delete backups at any time)

16. Acknowledgment and Effective Date

This Privacy Policy is effective as of April 5, 2026.

By using Fiby, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

If you do not agree with this Privacy Policy, please do not use the app and delete your account if you have already created one.