Privacy Policy

Welcome to Evinta. We are committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

By using Evinta, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

Personal Information

We collect the following types of personal information:

• Account Information: Name, email address, phone number, and password when you create an account
• Profile Information: Optional profile details you choose to provide
• Contact Information: Communication preferences and contact details

Financial Information

Evinta automatically reads and processes transaction-related SMS messages from your financial institutions to provide you with expense tracking services. This includes:

• Transaction Data: Transaction amounts, dates, merchant names, and payment methods extracted from SMS messages
• Bank Information: Names of financial institutions (derived from SMS sender information)
• Account Balances: Balance information when included in transaction SMS messages

Important: We only read SMS messages from recognized financial institutions. We do not store the raw content of your SMS messages. We extract only transaction-relevant information and discard the rest.

Usage Information

We automatically collect certain information about your device and how you interact with our app:

• Device Information: Device type, operating system, unique device identifiers
• Log Data: IP address, browser type, pages visited, time and date of visits
• App Usage: Features used, actions taken, preferences set
• Location Data: Approximate location based on IP address (not precise GPS location)

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our expense tracking services
• AI Processing: To categorize transactions, identify spending patterns, and provide intelligent financial insights
• Account Management: To create and manage your account, authenticate your identity, and process your requests
• Personalization: To customize your experience and provide relevant features
• Communication: To send you service-related notifications, updates, and support messages
• Analytics: To understand how users interact with our app and improve our services
• Security: To detect, prevent, and address technical issues, fraud, and security threats
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

Why We Need SMS Access

Evinta requires permission to read SMS messages on your device to automatically extract transaction information from your bank and financial institution notifications. This is a core feature of our service and eliminates the need for manual expense entry.

How We Process SMS Data

• We only read SMS messages from recognized financial institutions and payment services
• We use AI to extract transaction details (amount, merchant, date, category) from these messages
• We do not read personal messages, OTPs for other services, or non-financial SMS
• Raw SMS content is processed locally on your device when possible and not permanently stored
• Only extracted transaction data is transmitted to our servers for categorization and storage

Your Control

You can revoke SMS permissions at any time through your device settings. However, this will disable automatic transaction tracking, and you will need to enter transactions manually.

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our app (e.g., cloud hosting, analytics, AI processing) under strict confidentiality agreements
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets, where your data may be transferred to the acquiring entity
• Protection of Rights: To enforce our terms of service, protect our rights and property, or ensure user safety
• With Your Consent: When you explicitly authorize us to share your information

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols
• Data Storage: Your financial data is encrypted at rest using AES-256 encryption
• Access Controls: Strict access controls limit who can access your data within our organization
• Regular Audits: We conduct regular security audits and vulnerability assessments
• Secure Infrastructure: Our services are hosted on secure, SOC 2 compliant cloud infrastructure

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to continuously improving our security practices.

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active and for a reasonable period after account closure
• Transaction Data: Retained to provide historical financial insights and for compliance purposes
• Usage Data: Typically retained for up to 2 years for analytics purposes
• Legal Requirements: Some data may be retained longer to comply with financial regulations and legal obligations

You can request deletion of your data at any time by contacting us or deleting your account through the app.

We respect your right to delete your account and personal data. If you wish to permanently delete your Evinta account, please follow the process outlined below.

How to Request Account Deletion

To delete your account, please send an email to support@evinta.net with the subject line "Account Deletion Request" and include:

• Your registered email address
• Your account username or phone number
• Confirmation that you want to permanently delete your account

Account Deletion Process

Once we receive your deletion request:

• Review Period: Your account will remain active while we review and verify your deletion request to ensure it's legitimate and authorized by the account owner
• 30-Day Grace Period: After approval, you have 30 days to cancel the deletion request and recover your account by contacting support
• Permanent Deletion: After the 30-day grace period, your account and associated data will be permanently deleted

What Gets Deleted

When your account is permanently deleted, the following data will be removed from our systems:

• All Transaction Data: All expense tracking records, transaction history, and financial information
• Profile Information: Your name, email address, phone number, and any other personal details
• App Preferences: Your settings, categories, and customizations

Data Retention for Legal Compliance

Please note that some aggregated or anonymized data may be retained for analytical purposes. This data cannot be used to identify you personally. Additionally, we may retain certain information if required by law or necessary for legitimate business purposes such as fraud prevention or resolving disputes.

Important: Account deletion is permanent and cannot be undone after the 30-day grace period. Please ensure you have exported any data you wish to keep before requesting deletion.

You have the following rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Data Portability: Request a copy of your data in a machine-readable format
• Opt-Out: Unsubscribe from marketing communications (service-related communications may still be sent)
• Withdraw Consent: Withdraw consent for SMS access or other permissions through your device settings

To exercise these rights, please contact us at privacy@evinta.net. We will respond to your request within 30 days.

Evinta is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to remove such information from our systems.

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

Our app may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our app.

We use the following categories of third-party services:

• Cloud Infrastructure: For hosting and data storage
• AI Services: For transaction categorization and financial insights
• Analytics: For understanding app usage and performance
• Customer Support: For providing user assistance

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website and app
• Updating the "Last updated" date at the top of this policy
• Sending you an email notification (for significant changes)

Your continued use of Evinta after any changes indicates your acceptance of the updated Privacy Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We take your privacy seriously and will respond to all legitimate requests within 30 days.

By using Evinta, you consent to the collection, use, and processing of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use our services.