Privacy Policy

Effective Date: February 14, 2026

Welcome to Hisab Master (Package: com.codeinherit.hisabmaster), developed by CodeInherit ("we," "our," or "us"). This Privacy Policy explains how we handle your information when you use our mobile application.

1. App Overview

Hisab Master is a comprehensive personal finance tracker that helps you manage your income, expenses, budgets, savings, loans, credit cards, and financial reports. The app includes features such as credit card management with bill tracking and payment reminders, savings instrument tracking (DPS, Fixed Deposits, Sonchoypatra), receipt scanning for quick transaction entry, app lock for security, advanced transaction filtering, and recurring transaction alerts. The app supports English and Bengali (বাংলা) languages. Your financial data is stored locally on your device. The app displays advertisements through Google AdMob to support free access, with an optional premium in-app purchase to remove ads.

2. Information We Collect

Hisab Master is designed with your privacy as a core principle. We do not collect any data from you. All information you enter into the app remains on your device under your full control.

2.1 Data You Enter

The app allows you to store the following types of information locally on your device:

• Accounts: Account names, types (Cash, Bank, Credit Card, Wallet), balances, currency preferences, and fund limits
• Transactions: Income, expense, and transfer records including amounts, dates, descriptions, and notes
• Categories: Income and expense categories with custom names and icons
• Budgets: Budget targets with daily, weekly, monthly, or yearly periods and alert thresholds
• Recurring Transactions: Scheduled transaction templates with recurrence intervals
• Loans: Records of lent and borrowed amounts, including status and settlement history
• People/Contacts: Names, phone numbers (optional), and email addresses (optional) of people involved in loan transactions
• Tags: Custom labels for organizing transactions
• Credit Card Details: Credit limits, billing dates, due dates, and outstanding balances for credit card accounts. This data is stored locally and used to generate bill summaries and payment reminders.
• Savings Instruments: Details of savings products including type (DPS, Fixed Deposit/FDR, Sonchoypatra), principal amounts, monthly installments, interest rates, start and maturity dates, institution names, and maturity status. All savings data is stored locally on your device.
• Receipt Scans: When you use the receipt scanning feature, the app captures images using your device's camera and processes them on-device using optical character recognition (OCR) to extract transaction details such as amounts, dates, and merchant names. Receipt images are processed locally and are not stored or transmitted externally.

2.2 App Preferences

The app stores your preferences locally, including:

• Selected language (English or Bengali)
• Currency preference (default: BDT)
• Dark mode setting
• Theme color preference
• Notification, budget alert, recurring transaction alert, and credit card alert preferences
• Default account selections
• App lock settings (enabled/disabled, biometric preference)
• App lock PIN stored as an irreversible SHA-256 hash (the original PIN cannot be recovered)
• Premium (ad-free) purchase status

2.3 What We Do NOT Collect

We want to be clear about what we do not collect:

• No personal identification information (government IDs, social security numbers)
• No banking credentials, credit card numbers, or PINs
• No location or GPS data
• No usage analytics or behavioral data
• No photos or camera data (receipt images are processed on-device and not stored permanently)
• No biometric data (the app uses Android's BiometricPrompt API for authentication, but biometric data such as fingerprints or face scans are handled entirely by the Android operating system and are never accessed or stored by the app)
• No contact list or calendar data
• No health or medical information

2.4 Data Collected by Third-Party Advertising (Google AdMob)

The app displays advertisements through Google AdMob to support free access. While Hisab Master itself does not collect any personal data, Google AdMob may automatically collect certain information to serve and personalize ads, including:

• Device identifiers (such as the Android Advertising ID)
• IP address
• Device information (model, operating system version, screen size)
• Ad interaction data (impressions, clicks)

This data is collected and processed by Google, not by us. We do not have access to any personally identifiable information collected by Google AdMob. You can manage your ad preferences or opt out of personalized advertising through your device's settings (Settings > Google > Ads) or by visiting Google Ads Settings. For more details, please refer to Google's Privacy Policy.

Important: Your financial data (transactions, accounts, budgets, loans, credit card details, etc.) is never shared with Google AdMob or any advertising network. Ads are served based on Google's own data, not your in-app financial information.

3. Data Storage and Security

All data you enter into Hisab Master is stored locally on your device using Android's secure private storage:

• Local Database: Financial data is stored in a local SQLite database (via Android Room) within the app's private storage, inaccessible to other apps
• Local Preferences: App settings are stored using Android DataStore in the app's private storage
• Your data never leaves your device unless you explicitly choose to export or backup
• We cannot access, view, or retrieve your financial information
• Your data is protected by your device's built-in security measures (screen lock, encryption)
• Uninstalling the app will permanently delete all stored data

4. App Features and Data Usage

Here is how each feature uses your locally stored data:

Feature	Data Used	Purpose
Dashboard	Accounts, Transactions	Display total balance, recent transactions, and financial summary
Transactions	Transactions, Accounts, Categories, Tags	Record and view income, expenses, and transfers
Accounts	Accounts, Transactions	Manage financial accounts and track balances
Categories	Categories	Organize transactions by custom or default categories
Budgets	Budgets, Transactions, Categories	Set spending limits and track budget usage
Reports	Transactions, Accounts, Categories	Generate visual charts and financial analytics
Recurring Transactions	Recurring Transactions, Accounts, Categories	Automate regular transaction entries
Loans	Loans, People, Settlements, Accounts	Track money lent to or borrowed from others
Credit Card Management	Credit Card Accounts, Transactions	Track credit card limits, billing cycles, outstanding balances, and bill details
Savings Tracking	Savings Instruments	Track DPS, Fixed Deposits (FDR), and Sonchoypatra bonds including principal, interest rates, maturity dates, and expected returns
Receipt Scanning	Camera images (temporary)	Capture and process receipt images on-device using OCR to auto-fill transaction details
App Lock	PIN hash, Biometric preference	Secure app access with PIN and/or biometric authentication
Advanced Filtering	Transactions, Categories	Filter transactions by date range, amount range, categories, and transaction type
Export	Transactions, Accounts, Categories	Export data to CSV or PDF files on your device
Backup & Restore	Entire database	Create and restore full data backups
Advertisements	None of your financial data	Display banner and interstitial ads via Google AdMob to support free access. Google may collect device and ad interaction data (see Section 2.4)
Premium (Ad Removal)	Purchase status (local preference)	Optional in-app purchase via Google Play Billing to remove all advertisements. Purchase verification and processing are handled by Google Play; only the premium status is stored locally

5. Data Export and Backup

The app provides several ways to export and backup your data, all under your control:

5.1 CSV Export

Export your transactions to CSV (Comma-Separated Values) format, including date, type, amount, category, account, description, and notes. Files are saved to your device's storage.

5.2 PDF Export

Generate formatted PDF reports of your transactions with summaries of total income, expenses, and net balance. Files are saved to your device's storage.

5.3 Full Database Backup

Create a complete backup of your entire database, including all accounts, transactions, categories, budgets, loans, and settings. Backup files include metadata such as app version and record counts for verification during restore.

5.4 Restore from Backup

Restore your data from a previously created backup file. The app shows a preview of the backup contents before you confirm the restore operation.

Important: All exported and backup files are saved to your device and are under your full control. We do not receive copies of any exported or backup files.

6. Receipt Scanning

The app includes an optional receipt scanning feature that uses your device's camera to capture receipt images and extract transaction details automatically.

• Camera Access: The app requests camera permission only when you choose to scan a receipt. You can deny this permission and continue using all other app features.
• On-Device Processing: Receipt images are processed entirely on your device using Google ML Kit's text recognition (OCR) technology. No images or extracted text are sent to external servers.
• Data Extraction: The OCR engine extracts transaction-relevant details such as total amount, date, and merchant name. This extracted data is used to pre-fill the transaction form for your review before saving.
• No Image Storage: Receipt images are processed in memory and are not permanently stored by the app.
• ML Kit Model: Google ML Kit may download text recognition model files to your device when the feature is first used. This download does not involve transmitting any of your personal or financial data.

7. App Lock (PIN & Biometric Authentication)

Hisab Master offers an optional app-level security feature to protect your financial data from unauthorized access:

• PIN Lock: You can set a 4-digit PIN to lock the app. The PIN is stored as an irreversible SHA-256 cryptographic hash in the app's local preferences. The original PIN cannot be recovered from this hash.
• Biometric Authentication: You can optionally enable fingerprint or face unlock as an alternative to entering your PIN. Biometric authentication is handled entirely by the Android operating system via the BiometricPrompt API. The app never accesses, processes, or stores your biometric data — it only receives a success or failure result from the system.
• Auto-Lock: The app automatically locks when moved to the background, requiring authentication to regain access.
• Local Only: All authentication data (PIN hash, lock preferences) is stored locally on your device and is never transmitted externally.

8. Device Permissions

Hisab Master requests only the minimum permissions necessary for its functionality:

Permission	Purpose	Required
CAMERA	Capture receipt images for on-device OCR processing to auto-fill transaction details. Images are processed locally and not stored permanently or transmitted externally.	Optional
USE_BIOMETRIC	Enable biometric authentication (fingerprint/face) for the optional app lock feature. Biometric data is handled entirely by the Android operating system; the app only receives authentication results.	Optional
POST_NOTIFICATIONS	Send budget alerts when spending approaches your set limits, recurring transaction reminders for upcoming scheduled transactions, and overdue loan alerts	Optional
INTERNET & ACCESS_NETWORK_STATE	Required by Google AdMob to load and display advertisements. No personal or financial data from the app is transmitted over the network.	Automatic
AD_ID	Used by Google AdMob to serve relevant advertisements. You can reset or opt out of your advertising ID in your device's Google settings.	Automatic
RECEIVE_BOOT_COMPLETED	Reschedule background tasks (budget checks, recurring transactions, and credit card payment reminders) after your device restarts	Automatic
WRITE_EXTERNAL_STORAGE	Save exported CSV, PDF, and backup files to device storage (only on Android 8 and below)	Legacy only
READ_EXTERNAL_STORAGE	Read backup files for restore functionality (only on Android 12 and below)	Legacy only

Permissions we do NOT request:

• No MICROPHONE access
• No LOCATION or GPS access
• No CONTACTS or CALENDAR access
• No PHONE or SMS access
• No BLUETOOTH or NFC access

9. Background Services

The app uses Android WorkManager to run the following background tasks that operate entirely on your device:

• Recurring Transaction Processing: Runs once daily to automatically create transactions based on your recurring transaction schedules. No network access is used.
• Budget Alert Checks: Runs every 6 hours to check your spending against your budget limits and send local notifications when spending approaches your alert threshold (default: 80%). No network access is used.
• Recurring Transaction Reminders: Runs periodically to check for upcoming recurring transactions within the next 24 hours and sends local notifications to remind you. This feature can be enabled or disabled in Settings. No network access is used.
• Overdue Loan Alerts: Runs every 12 hours to check for overdue loan repayments and sends local notifications to remind you. This feature can be enabled or disabled in Settings. No network access is used.
• Credit Card Payment Reminders: Runs every 12 hours to check for upcoming or overdue credit card payments. Sends local notifications when a credit card payment is due within 3 days or is overdue. This feature can be enabled or disabled in Settings. No network access is used.

All background tasks run entirely on your device and only access your locally stored data. None of your financial data is transmitted over the network by these tasks.

10. Third-Party Services and SDKs

Hisab Master integrates the following third-party services:

10.1 Google AdMob (Advertising)

The app uses Google AdMob to display banner and interstitial advertisements to support free access. Google AdMob may collect certain data to serve and personalize ads, including device identifiers, IP address, and ad interaction data. This data is collected and processed by Google in accordance with Google's Privacy Policy. Your financial data stored in the app is never shared with Google AdMob or any advertising network. You can manage your ad preferences through your device's Google settings or by visiting Google Ads Settings.

10.2 Google Play Billing (In-App Purchases)

The app offers an optional premium in-app purchase to remove advertisements. This purchase is processed entirely through Google Play Billing. Hisab Master does not collect or process any payment information — all payment details (credit card numbers, billing addresses, etc.) are handled securely by Google Play. The app only receives confirmation of the purchase status from Google Play and stores the premium status locally on your device. For more details on how Google handles payment data, please refer to Google Payments Privacy Notice.

10.3 Google ML Kit (On-Device OCR)

The app uses Google ML Kit for on-device text recognition (OCR) in the receipt scanning feature. ML Kit processes images entirely on your device; no image data or OCR results are sent to Google or any external server. ML Kit may download text recognition model files to your device, but this does not involve transmitting any of your personal or financial data.

Hisab Master does not integrate with any:

• Analytics services (e.g., Google Analytics, Firebase Analytics)
• Crash reporting services (e.g., Crashlytics, Sentry)
• Social media SDKs
• Cloud storage or synchronization services
• Any other third-party tracking or data collection services

Apart from Google AdMob, Google Play Billing, and ML Kit, the app uses only standard Android libraries for its user interface, local database, and background processing. No personal or financial data is shared with any third parties.

11. Internet Usage

Hisab Master does not require an internet connection for its core financial management features. All transaction, account, budget, loan, and credit card data is processed and stored locally on your device. No personal or financial data is ever transmitted from the app to any server.

The app uses an internet connection for the following purposes only:

• Advertisements: Google AdMob requires an internet connection to load and display banner and interstitial ads. Google may collect device and ad interaction data as described in Section 2.4 and Section 10.1. If no internet connection is available, ads will simply not appear, and all other app features will continue to function normally.
• In-App Purchases: Google Play Billing requires an internet connection to verify and process premium purchase transactions. No personal or financial data from the app is transmitted — only purchase status is communicated between Google Play and the app.
• ML Kit Model Download: The receipt scanning feature uses Google ML Kit for on-device text recognition, which may download machine learning model files to your device when first used. This model download does not involve transmitting any of your data — it only retrieves the model needed for local processing.

12. Android Auto Backup

Hisab Master has disabled Android's automatic cloud backup (allowBackup="false"). This means your app data — including your local database, preferences, and financial records — is not automatically backed up to Google's cloud servers. Your data remains exclusively on your device unless you manually create a backup using the app's built-in backup feature (see Section 5).

If you uninstall and reinstall the app, or switch to a new device, your data will not be restored automatically. Use the app's manual backup and restore feature to transfer your data.

13. Data Retention

Since all data is stored locally on your device:

• Your data is retained indefinitely until you choose to delete it
• You can delete individual transactions, accounts, categories, loans, or other records at any time within the app
• Uninstalling the app permanently deletes all app data from your device
• Factory resetting your device will also remove all app data
• We have no ability to retain, access, or recover your data

14. Data Security

Your data is protected through multiple layers of device-level security:

• App Sandboxing: Android isolates each app's private data, preventing other apps from accessing your Hisab Master data
• Device Encryption: On supported devices, your data is encrypted at rest by the Android operating system
• Device Lock: Your financial data is protected by your device's security measures (PIN, pattern, fingerprint, face unlock)
• In-App Lock: Hisab Master offers an optional app-level lock using a 4-digit PIN and/or biometric authentication (fingerprint/face). The PIN is stored as an irreversible SHA-256 hash. Biometric verification is delegated to the Android operating system via BiometricPrompt; the app only receives a success or failure response and never accesses or stores raw biometric data. The app automatically locks when moved to the background.
• No Financial Data Network Exposure: Your financial data (transactions, accounts, credit cards, savings, budgets, loans) is never transmitted over the network. Internet connectivity is used solely for loading advertisements via Google AdMob and processing in-app purchases via Google Play Billing.

We recommend keeping your device's operating system and security features up to date, and using a strong screen lock to protect your data.

15. Children's Privacy

Hisab Master is not directed at children under the age of 13. The app is intended for general audiences who want to manage their personal finances. Since no data is collected or transmitted by the app, we do not knowingly collect personal information from children or any other users.

16. Your Rights and Data Control

You have complete control over all your data:

• Access: View all your financial data within the app at any time
• Modify: Edit any transaction, account, category, budget, loan, or other record
• Export: Export your data to CSV or PDF files, or create full database backups at any time
• Delete: Delete individual entries or entire categories of data within the app
• Erase All: Uninstall the app to permanently remove all data
• Portability: Use the export and backup features to take your data with you

Since we do not collect or store your data, there is no need to submit data access or deletion requests to us. You can exercise all these rights directly within the app.

17. Compliance

While Hisab Master does not collect personal data, we are committed to respecting the principles of applicable data protection regulations including:

• GDPR (General Data Protection Regulation): No personal data is collected or processed by us. Google AdMob, as a third-party service, handles its own GDPR compliance for ad-related data collection.
• CCPA (California Consumer Privacy Act): No personal information is sold or shared with third parties by us. Ad-related data processing by Google AdMob is governed by Google's privacy policies.
• Google Play Developer Policies: The app complies with Google Play's data safety requirements

18. Open Source Libraries

The app uses the following libraries. None of these libraries transmit your personal or financial data externally:

• Android Jetpack (Room, Compose, WorkManager, DataStore, Navigation)
• AndroidX Biometric — Biometric authentication for app lock (delegates to Android OS)
• Google AdMob (Google Mobile Ads SDK) — Banner and interstitial ad display (may collect device and ad interaction data as described in this policy)
• Google Play Billing Library — In-app purchase processing for premium ad removal (payment data handled entirely by Google Play)
• Google ML Kit Text Recognition — On-device OCR for receipt scanning (processes locally; may download model files)
• Hilt — Dependency injection
• Kotlin Coroutines — Asynchronous processing
• Gson — JSON serialization for backup files
• OpenCSV — CSV file generation
• iTextPDF — PDF report generation
• MPAndroidChart — Financial charts and graphs

19. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the app's features or applicable regulations. Any changes will be reflected with a new "Effective Date" at the top of this page. We encourage you to review this policy periodically. If we make significant changes, we will notify users through the app or the app's store listing.

20. Contact Us