DebtZen

DebtZen ("we", "our", or "the app") is a personal finance management application designed to help users in India track their income, expenses, loans (EMIs), investments, assets, and plan for financial freedom. We are committed to protecting your personal data and your privacy.

This Privacy Policy explains what data we collect, why we collect it, how it is stored and protected, and your rights regarding your data under the Digital Personal Data Protection (DPDP) Act, 2023 of India.

1. Information We Collect

We collect only the information necessary to provide you with a complete personal finance management experience:

Account Information:

• Mobile phone number (used for authentication via OTP only)
• Name, date of birth, city, marital status, number of dependents

Financial Information (entered by you):

• Monthly and annual income details
• Monthly and annual expense categories and amounts
• Loan details — principal, interest rate, EMI, tenure
• Investment details — mutual funds, stocks, PPF, EPF, FD, etc.
• Physical assets — property, gold, vehicle values
• Bank balance and liquid savings
• Insurance coverage details
• Retirement age and financial goals

Technical Information:

• Device type and operating system version
• App usage analytics (anonymised — no personal data)
• Crash reports (to fix bugs and improve stability)
• Push notification token (for EMI reminders)

We do NOT collect:

• Bank account credentials or passwords
• UPI PINs or card details
• Location data
• Contacts or SMS messages
• Any data without your explicit input

2. How We Use Your Information

Your data is used solely to provide and improve the DebtZen service:

• To authenticate your account via Firebase Phone OTP
• To calculate your financial health score, net worth, and freedom number
• To display your EMI schedule and debt-free date
• To send EMI reminder push notifications
• To back up your financial data to the cloud so it is available on re-login
• To improve app stability using anonymised crash reports
• To personalise your financial insights and recommendations

3. Data Storage and Security

Local Storage: Your financial data is stored securely on your device using encrypted local storage.

Cloud Storage: Your data is backed up to Google Firebase Firestore, hosted on Google Cloud servers. Firebase encrypts all data at rest and in transit using industry-standard AES-256 encryption and TLS.

Access Control: Your data is protected by Firestore security rules that ensure only you (authenticated by your phone number) can read or write your financial data. No other user can access your data.

Data Residency: Firebase Firestore data for Indian users is stored in the asia-south1 (Mumbai) region, ensuring your data stays within India.

4. Third-Party Services

DebtZen uses the following third-party services:

• Firebase Authentication (Google) — Phone OTP login. Privacy policy: firebase.google.com/support/privacy
• Firebase Firestore (Google) — Cloud data storage and sync
• Firebase Cloud Messaging (Google) — Push notifications for EMI reminders
• Firebase Crashlytics (Google) — Anonymised crash reporting
• Firebase Analytics (Google) — Anonymised app usage analytics. No personal financial data is logged in analytics events.

None of these services receive your financial data (income, loans, expenses). They only receive the data necessary for their specific function (authentication, notification delivery, crash logs).

5. Push Notifications

DebtZen sends push notifications to remind you of upcoming EMI due dates. These notifications are:

• Sent only based on loan data you have entered in the app
• Scheduled 3 days before each EMI due date
• Optional — you can disable them in your device notification settings

6. Children's Privacy

DebtZen is not intended for children under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided data to us, please contact us and we will delete it immediately.

7. Your Rights Under the DPDP Act, 2023

Under India's Digital Personal Data Protection Act, 2023, you have the following rights:

• Right to Access: You can view all your data inside the DebtZen app at any time
• Right to Correction: You can edit all your financial and personal data inside the app
• Right to Erasure: You can permanently delete your account and all associated data from Settings → Delete Account. This deletes your data from both the app and our cloud servers.
• Right to Withdraw Consent: You can sign out and request deletion at any time
• Right to Nominate: You may nominate another person to exercise your data rights in the event of your death or incapacity

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all your personal and financial data is permanently deleted from our servers within 30 days. Anonymised analytics data (with no personally identifiable information) may be retained for up to 2 years for product improvement purposes.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page and notify you through the app. Continued use of DebtZen after changes constitutes your acceptance of the updated policy.

10. Grievance Officer

In accordance with the DPDP Act, 2023 and the Information Technology Act, 2000, if you have any grievances regarding the processing of your personal data, you may contact our Grievance Officer: