Is my financial data safe?

Absolutely. Finovra stores all data exclusively on your device. Nothing is ever uploaded to servers, shared with third parties, or sold. Your finances stay completely private.

Do I need to create an account?

No account required. Finovra is fully functional the moment you open it — no sign-up, no email, no password. Just download and start tracking.

What's included in the free version?

The free tier includes unlimited transaction logging, budget tracking, custom categories, and the full dashboard. Pro unlocks advanced analytics, smart forecasts, custom date ranges, and professional export.

How much does Finovra Pro cost?

Finovra Pro costs $4.99/month or $29.99/year. The yearly plan includes a 7-day free trial. You can cancel anytime — no questions asked, no hidden fees.

Does Finovra connect to my bank?

No bank connections, no Open Banking APIs, no screen scraping. You log transactions manually, ensuring your banking credentials are never exposed or at risk.

Legal

Privacy Policy

Finovra — Personal Finance Tracker

Effective March 15, 2026

1. Introduction

This Privacy Policy describes how Vipul Chauhan (“the Developer,” “I,” “me,” or “my”), an individual indie developer, handles information in connection with the Finovra mobile application (“Finovra,” “the App”). Finovra is a personal finance tracking app available on Apple's App Store for iPhone and iPad (iOS 17+).

The core privacy principle of Finovra is simple: your data stays on your device. Finovra is designed from the ground up as an offline-first, local-only application. The Developer does not operate any servers, cloud databases, or backend infrastructure. The Developer has no ability to access, view, collect, or transmit your data.

This Privacy Policy applies to all users of Finovra worldwide. By downloading, installing, or using the App, you acknowledge that you have read and understood this Privacy Policy.

Developer Contact:

Email: hello@finovra.app
Website: https://finovra.app

2. Information You Enter Into the App

All data in Finovra is entered voluntarily by you and stored exclusively on your device. The Developer never receives, accesses, or processes any of the following information:

First Name (optional): You may enter a first name during onboarding for in-app personalization. This is stored locally via Apple's SwiftData framework (on-device SQLite database).
Transactions: Amount, date, type (income or expense), category, and optional free-text notes. Stored locally via SwiftData.
Budgets: Monthly total spending limit and per-category spending limits. Stored locally via SwiftData.
Recurring Transaction Rules: Amount, frequency, start and end dates, category, and optional notes. Stored locally via SwiftData.
Custom Categories: Category name, icon (SF Symbol name), and color (hex string). Stored locally via SwiftData.
App Preferences: Theme selection (light, dark, or system), accent color, currency, language, notification settings, haptic feedback toggle, default transaction type, app lock toggle, daily reminder time, and budget alert threshold. Stored locally via Apple's UserDefaults.
Encryption Key: An AES-256 encryption key used to encrypt backup files. Stored in the iOS Keychain (hardware-protected).
App Lock State: Failure count and lockout expiry timestamp for the optional app lock feature. Stored in the iOS Keychain (hardware-protected).

3. Information the App Does NOT Collect

Finovra does not collect, store, transmit, or process any of the following:

Email addresses (no account system exists)
Passwords (no login system exists)
Phone numbers
Date of birth or age
Physical address or postal code
Location or GPS data
Device identifiers (IDFA, IDFV, or any unique device ID)
IP addresses
Browsing history or search history
Contacts or address book data
Photos, videos, or media
Health or fitness data
Biometric data (Face ID and Touch ID data is processed entirely by iOS; the App never accesses or stores biometric information)
Usage analytics or telemetry of any kind
Crash reports or diagnostics
Cookies or tracking pixels
Advertising identifiers

The Developer has no analytics, tracking, advertising, or crash reporting SDKs integrated into the App. The Developer has no technical ability to identify, track, or profile you.

4. How Your Information Is Stored

All information is stored locally on your device using Apple's first-party frameworks:

SwiftData (on-device SQLite): Primary database for transactions, budgets, recurring rules, categories, and your optional first name. This data resides in the App's sandboxed container, which is inaccessible to other apps by iOS design.
UserDefaults: On-device key-value storage for app preferences.
iOS Keychain: Hardware-backed encrypted storage for the backup encryption key and app lock state. On supported devices, the Keychain is protected by the Secure Enclave.

No cloud sync of any kind is used. The App does not use iCloud, CloudKit, Firebase, or any other cloud storage service. Your data does not leave your device unless you explicitly choose to export it using the App's export features.

5. How Your Information Is Used

Your data is used solely to provide the App's functionality on your device:

Transaction and budget data is used to display financial summaries, charts, insights, and budget tracking within the App.
Your first name (if provided) is used only for in-app personalization (e.g., greetings).
App preferences are used to customize the App's appearance and behavior.
The encryption key is used solely to encrypt and decrypt your backup files.

Your information is never transmitted to any server, never sold, rented, or shared with any third party, never used for advertising or profiling, and never used for any purpose other than the App's on-device functionality.

6. Third-Party Services

Finovra uses zero third-party SDKs or libraries. Every framework integrated into the App is an Apple first-party framework.

The only external communication that occurs is between Apple's StoreKit 2 framework and Apple's App Store servers for the purpose of processing and validating in-app subscription purchases (Finovra Pro). This communication is managed entirely by Apple's operating system and frameworks. The Developer:

Does not initiate, intercept, or control this communication.
Does not receive any payment information (credit card numbers, billing addresses, Apple ID details, etc.).
Does not receive personally identifiable information from Apple related to your purchase.

For information about how Apple handles your data in connection with App Store transactions, please refer to Apple's Privacy Policy.

7. Data Security

Finovra employs the following security measures to protect your data:

App Sandbox: All App data is stored within iOS's sandboxed container, which prevents other apps from accessing it.
Encrypted Backups: Backup files exported in the .finovra format are encrypted using AES-GCM 256-bit encryption with HMAC-SHA256 integrity verification.
Keychain Storage: The backup encryption key and app lock state are stored in the iOS Keychain, which is protected by hardware-backed encryption (Secure Enclave on supported devices).
Optional App Lock: You may enable biometric (Face ID / Touch ID) or device passcode authentication to lock access to the App. A progressive lockout mechanism applies after failed attempts (5-minute lockout after the first failure, escalating to 1 hour after 4 or more failures).
File Protection: Backup files use iOS FileProtectionType.complete, meaning they are encrypted at rest and inaccessible when the device is locked.
No Network Attack Surface: Because the App does not communicate with any server, there are no remote network endpoints that could be targeted.

8. Data Export, Backup, and Portability

Finovra provides three user-initiated export options, all accessible via the iOS Share Sheet:

Encrypted Backup (.finovra format): An AES-GCM 256-bit encrypted file containing all your transactions, categories, budgets, recurring rules, profile name, and app settings, with HMAC-SHA256 integrity verification. You choose the destination (Files app, AirDrop, email, cloud drive, etc.).
CSV Export: A plain text CSV file of all transactions and categories, compatible with spreadsheet applications and other financial tools.
PDF Financial Report: A formatted report for a selected time period, including summaries and breakdowns.

You may also restore your data from an encrypted .finovra backup file using the App's restore function. Restoring fully replaces all existing data on the device.

Once you export a file, it leaves the App's sandbox and is subject to the security and privacy policies of whichever destination you choose. The Developer has no control over exported files.

9. Data Deletion and Retention

In-App Deletion: You may permanently delete all App data at any time via Settings → “Reset All Data.” This action is irreversible.
App Removal: Deleting the App from your device removes all associated data, as is standard iOS app sandbox behavior.
No Server-Side Retention: Because no data is ever transmitted to any server, there is no server-side data to request deletion of. The Developer does not retain any copy of your data.

10. Children's Privacy

Finovra is not directed at children under 13 (as defined by the U.S. Children's Online Privacy Protection Act, “COPPA”), under 16 (as defined by the EU General Data Protection Regulation, “GDPR”), or under the applicable minimum age in your jurisdiction.

The App does not collect personal information from any user on a server, does not require account creation, does not contain advertisements, does not include social features or user-to-user communication, and does not provide any mechanism for children to share personal information with the Developer or other users.

If a parent or guardian wishes to delete data that a child has entered into the App, they may use the in-app “Reset All Data” function or simply delete the App from the device.

11. Device Permissions

Finovra requests only the following optional device permissions:

Face ID (NSFaceIDUsageDescription): Requested only when you enable the App Lock feature. The App uses Apple's LocalAuthentication framework to verify your identity. The App never accesses or stores your biometric data — all biometric processing is handled entirely by iOS.
Notifications (UNUserNotificationCenter): Requested during onboarding. Used for local notifications only, including daily expense logging reminders (at a time you configure), budget threshold and budget-exceeded alerts, and free trial expiry reminders. All notifications are generated locally on your device. No push notification server exists.

The App does not request access to: Camera, Photos, Location, Contacts, Microphone, Bluetooth, Calendars, Reminders, Health, HomeKit, Motion, App Tracking Transparency (ATT), or any other system permissions.

12. Region-Specific Rights

Because Finovra stores all data locally on your device and the Developer has no access to your data, exercising most traditional data subject rights (such as access requests or deletion requests directed to a data controller) is inherently fulfilled by the App's design — you already have full, exclusive control over your data.

12.1. European Union / European Economic Area (GDPR)

Under the General Data Protection Regulation, you have the right to access, rectify, erase, restrict processing, object to processing, and port your personal data. Because all data processing occurs locally on your device and the Developer does not collect or access your data, you exercise these rights directly within the App: you can view, edit, delete, and export your data at any time.

Legal Basis for Processing: The App processes data on your device based on your consent (you choose what data to enter) and the Developer's legitimate interest in providing the App's functionality. No data is transmitted to the Developer.

Data Protection Officer: As an individual developer with local-only data processing, the Developer is not required to appoint a Data Protection Officer. For privacy inquiries, contact hello@finovra.app.

Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority.

12.2. United Kingdom (UK GDPR)

Under the UK General Data Protection Regulation, you have equivalent rights to those described in Section 12.1 above. You may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

12.3. California, USA (CCPA/CPRA)

Under the California Consumer Privacy Act and the California Privacy Rights Act, California residents have the right to know what personal information is collected, to delete personal information, to opt out of the sale or sharing of personal information, and to non-discrimination for exercising these rights.

Finovra does not sell, share, or disclose your personal information to any third party. No personal information is collected by the Developer. You have full control of your data on your device and can export or delete it at any time.

12.4. Canada (PIPEDA)

Under the Personal Information Protection and Electronic Documents Act, you have the right to access your personal information, to request corrections, and to challenge the Developer's compliance with PIPEDA. Because all data is stored locally on your device, you exercise these rights directly within the App.

12.5. Brazil (LGPD)

Under the Lei Geral de Proteção de Dados, you have the right to access, correct, anonymize, delete, and port your data, and to obtain information about entities with which your data has been shared. Finovra does not share your data with any entity. All rights are exercisable directly within the App.

12.6. India (IT Act, 2000 & DPDP Act, 2023)

Under the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, you have the right to access, correct, and erase your personal data, and to seek grievance redressal. Because all data is stored locally on your device, you exercise these rights directly within the App. For grievance redressal, contact hello@finovra.app.

12.7. Australia (APPs)

Under the Australian Privacy Principles, you have the right to access and correct your personal information. You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. All rights are exercisable directly within the App.

12.8. South Africa (POPIA)

Under the Protection of Personal Information Act, you have the right to access, correct, and delete your personal information, to object to processing, and to lodge a complaint with the Information Regulator at inforegulator.org.za. All rights are exercisable directly within the App.

13. International Data Transfers

No international data transfers occur. All user data is stored and processed exclusively on your local device. The Developer does not operate servers in any jurisdiction, and no data is transmitted across borders by the App. The only external communication is between Apple's StoreKit 2 framework and Apple's servers for subscription validation, which is governed by Apple's privacy practices and terms.

14. Changes to This Privacy Policy

The Developer may update this Privacy Policy from time to time. Changes will be communicated through:

Updated App Store release notes accompanying a new version of the App.
A revised “Last Updated” date at the top of this document.
A notice on the Finovra website at https://finovra.app.

Your continued use of the App after a revised Privacy Policy takes effect constitutes your acceptance of the revised Privacy Policy. The Developer encourages you to review this Privacy Policy periodically.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or the App's privacy practices, please contact:

Vipul Chauhan

Independent Developer · Finovra

hello@finovra.app|finovra.app

Back to Home Terms & Conditions