Privacy Policy

1. Introduction

Welcome to EZer, a personal finance management application designed with your privacy as our top priority. This Privacy Policy explains how we handle your information when you use our iOS app.

Developer: EZer Team
Contact: privacy@ezerapp.com

2. Information We Store Locally

The following information is stored only on your device using encrypted SQLCipher database:

• Financial Transactions: Income, expenses, transfers with dates, amounts, categories, and notes
• Accounts: Bank accounts, credit cards, wallets (names and balances only - no account numbers)
• Budgets: Budget categories, limits, and spending tracking
• Goals: Financial goals, target amounts, and progress
• Bills: Recurring bill reminders and payment history
• Loans: Loan tracking information (principal, interest rate, EMI)
• Categories: Custom transaction categories
• Receipts: Photos of receipts attached to transactions (stored in local photo library)
• App Settings: User preferences, theme selection, language, currency

3. Data We Do NOT Collect

EZer does NOT collect or transmit the following to any servers:

• Transaction amounts or details
• Merchant names or payment information
• Bank account numbers or credentials
• Credit card numbers
• Personal identification information (PII)
• Location data
• Contact information
• Device identifiers (IDFA/advertising ID)

4. Optional Data Collection (Opt-In Only)

You can choose to enable the following optional features. All are OFF by default and require your explicit consent:

4.1 Anonymous Analytics (via Firebase Analytics)

What we collect (if enabled):

• Screen navigation patterns (which screens you visit)
• Feature usage (which buttons you tap, which features you use)
• App performance metrics (load times, errors)
• Device type and OS version (e.g., "iPhone 14, iOS 17.0")
• App version

What we DO NOT collect:

• No transaction amounts, merchant names, or financial details
• No personal information or identifiers
• No account information

Purpose: Understand how users navigate the app to improve user experience and fix bugs.

Third Party: Google Firebase Analytics (Privacy Policy)

Control: Enable/disable anytime in Settings → Privacy Dashboard

4.2 Crash Reporting (via Firebase Crashlytics)

What we collect (if enabled):

• Crash logs and stack traces
• Device information (model, OS version)
• App state at time of crash

What we DO NOT collect:

• No financial data
• No user-identifiable information

Purpose: Identify and fix bugs that cause the app to crash.

Third Party: Google Firebase Crashlytics (Privacy Policy)

Control: Enable/disable anytime in Settings → Privacy Dashboard

4.3 Notifications

What we use notifications for:

• Bill payment reminders
• Budget limit alerts
• Goal milestone celebrations

Important: All notifications are generated locally on your device. No data is sent to servers for notifications.

Control: Enable/disable in iOS Settings or in-app Privacy Dashboard

4.4 Google Drive Backup (Optional)

You can optionally back up your encrypted database to your personal Google Drive account.

What happens when you enable backup:

• You sign in with your Google account (Google Sign-In)
• Your encrypted database file is uploaded to YOUR Google Drive
• The backup is stored in YOUR Google Drive storage (not our servers)
• Only you can access this backup file

What we DO NOT do:

• We do NOT have access to your Google Drive
• We do NOT store your data on our servers
• We do NOT decrypt your backup

Third Party: Google Drive API (Google Privacy Policy)

4.5 Referral System (Optional)

If you participate in the referral program:

• Data stored: Referral code, Firebase UID (anonymous identifier), referral count
• Where stored: Cloud Firestore (Google)
• What we DO NOT collect: No personal information, no financial data

Third Party: Cloud Firestore (Privacy Policy)

5. iOS-Specific Features

5.1 SMS Import - NOT AVAILABLE on iOS

Due to iOS platform limitations, SMS transaction import is NOT available on iOS. This feature is only available on Android devices.

5.2 Permissions We Request

EZer requests the following iOS permissions only when needed:

• Camera: To scan receipts for expense tracking (optional)
• Photo Library: To attach receipt images to transactions (optional)
• Face ID / Touch ID: To secure app with biometric authentication (optional)
• Notifications: To send bill reminders and budget alerts (optional)

All permissions can be revoked anytime in iOS Settings → EZer.

5.3 In-App Purchases & Subscriptions

EZer offers an optional EZer Plus monthly subscription through the Apple App Store. Here is how your data is handled during this process:

Payment processing:

• All payments are processed entirely by Apple through the App Store
• EZer never receives, processes, or stores your credit card number, billing address, or Apple ID credentials
• Apple's payment terms and refund policies apply — see Apple Media Services Terms

What EZer receives from Apple after a purchase:

• A transaction receipt (a cryptographic proof of purchase)
• The product identifier (e.g., "ezer_plus_monthly")
• A transaction ID (a unique purchase reference)

How this data is used:

• The receipt is used to verify your purchase and activate your EZer Plus subscription
• Your subscription status (tier and expiry date) is stored locally on your device
• If analytics is enabled, the receipt may be sent to a secure cloud function for server-side validation only — no financial data is extracted or stored

What EZer does NOT collect during purchases:

• Credit or debit card numbers
• Billing name or address
• Apple ID email or password
• Payment method details

Subscription management: You can view, modify, or cancel your subscription at any time in iOS Settings → [Your Name] → Subscriptions.

6. Data Security

We take your financial data security seriously:

• SQLCipher Encryption: All data stored with 256-bit AES encryption
• Secure Storage: Sensitive data (keys, tokens) stored in iOS Keychain
• Screenshot Prevention: Financial screens cannot be screenshot (release mode)
• App Lock: Optional Face ID/Touch ID protection
• Local-Only Storage: Data never transmitted to servers

7. Third-Party Services

EZer integrates with the following third-party services (all opt-in):

Important: You can disable ALL third-party services and still use 100% of EZer's core functionality.

7.1 Detailed Third-Party Service Disclosure

Firebase Analytics (Google):

• If enabled: Collects anonymous usage patterns, screen views, feature interactions
• Does NOT collect: Transaction amounts, merchant names, account details
• Purpose: Improve app performance and user experience
• Privacy Policy: https://firebase.google.com/support/privacy

Firebase Crashlytics (Google):

• If enabled: Collects device information, crash logs, app version
• Does NOT collect: Financial data or personal information
• Purpose: Identify and fix bugs
• Privacy Policy: https://firebase.google.com/support/privacy

Cloud Firestore (Google):

• If enabled: Stores referral codes, Firebase UID (anonymous)
• Does NOT collect: Transaction data or personal information
• Purpose: Manage referral rewards
• Privacy Policy: https://firebase.google.com/support/privacy

IMPORTANT: You can disable all third-party services in the Privacy Dashboard. All financial data remains on your device regardless of these settings.

8. Your Privacy Rights & Controls

You have complete control over your data:

8.1 Privacy Dashboard

Access: Settings → Privacy Dashboard

• View all consents: See exactly what you've enabled
• Toggle features: Enable/disable analytics, crash reporting, notifications
• Consent history: View audit log of all consent changes with timestamps
• Export data: Download all your data in CSV, JSON, or ZIP format
• Delete all data: Permanently delete all financial data from device

8.2 Data Portability

Export your data anytime in multiple formats:

• CSV: Import into Excel or Google Sheets
• JSON: For developers or advanced users
• ZIP: Complete database backup

8.3 Right to Deletion

• Delete individual transactions, accounts, or budgets
• Delete all data via Privacy Dashboard
• Uninstall app to remove all data

9. Children's Privacy (COPPA)

EZer is not intended for use by children under the age of 13. We do not knowingly collect information from children under 13. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us.

10. Data Retention

• Financial Data: Retained on your device until you delete it
• Consent Logs: Retained for 3 years for compliance purposes
• Analytics Data: Anonymous data retained by Google for 2 years (if enabled)
• Deleted Data: Permanently removed and cannot be recovered

11. International Users & Compliance

EZer complies with:

• India: Digital Personal Data Protection Act (DPDP) 2023
• Europe: General Data Protection Regulation (GDPR)
• United States: COPPA, state privacy laws
• Apple: App Store Privacy Requirements

12. Financial Disclaimer

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

• We will update the "Last Updated" date at the top
• Major changes will be announced in the app
• Continued use of the app after changes constitutes acceptance

14. Contact Us

15. Consent

By using EZer, you consent to this Privacy Policy. You can withdraw consent for optional features anytime via the Privacy Dashboard.