Privacy Policy

Last updated: March 2024

At XpensePay, we take your privacy seriously. This policy describes how we collect, use, and protect your information when you use our expense management platform. We've designed this policy to be transparent and help you understand your data rights.

1. Information We Collect

To provide our expense management services effectively, we collect various types of information:

1.1 Account Information

When you create and use your XpensePay account, we collect:

  • Name and contact details for account identification and communication
  • Email address and phone number for authentication and notifications
  • Organization details and role to manage access permissions
  • Login credentials to secure your account

1.2 Transaction Data

To process and track expenses, we collect:

  • Payment details and history for expense tracking
  • Expense reports and receipts for documentation
  • UPI transaction records for payment processing
  • Approval workflows and comments for expense management

1.3 Device Information

To ensure security and optimal performance, we collect:

  • Device type and model for compatibility
  • Operating system for app optimization
  • IP address and location for security and fraud prevention
  • Mobile device identifiers for secure authentication

1.4 Usage Data

To improve our services, we collect:

  • App features accessed to understand user preferences
  • Time spent on different sections for UX improvement
  • Error logs and crash reports for troubleshooting
  • User preferences and settings for personalization

2. How We Use Your Information

We use your information responsibly and purposefully to deliver and improve our services:

2.1 Core Services

Essential operations to provide our expense management platform:

  • Process and record expenses in real-time for accurate tracking
  • Facilitate UPI payments with secure transaction processing
  • Generate detailed expense reports for business analytics
  • Manage approval workflows to ensure policy compliance

2.2 Service Improvement

Continuous enhancement of your experience:

  • Analyze usage patterns to optimize app performance
  • Debug technical issues for smoother operation
  • Enhance user experience based on feedback and behavior
  • Develop new features aligned with user needs

2.3 Communication

Keeping you informed and supported:

  • Send transaction notifications for real-time expense tracking
  • Provide timely customer support for your queries
  • Share important updates about service changes
  • Respond to inquiries with relevant information

3. Data Security

Your financial data security is our top priority. We implement multiple layers of protection:

  • End-to-end encryption for all transactions to prevent unauthorized access
  • Secure SSL/TLS protocols for data transmission protection
  • Regular security audits by independent experts
  • Strict access controls and multi-factor authentication
  • Robust data backup and disaster recovery systems

We continuously monitor and update our security measures to protect against emerging threats.

4. Data Sharing

We share your data only when necessary and with appropriate safeguards:

4.1 With Service Providers

Trusted partners who help us deliver our services:

  • Payment processors for secure UPI transaction handling
  • Cloud storage providers with enterprise-grade security
  • Analytics services for performance optimization
  • Customer support tools to serve you better

4.2 Within Your Organization

Access limited to relevant team members:

  • Authorized team members based on role permissions
  • Finance department for expense management
  • Approval authorities in your workflow
  • System administrators for technical support

4.3 Legal Requirements

Compliance with legal obligations:

  • Court orders and valid legal processes
  • Regulatory compliance requirements
  • Legitimate law enforcement requests
  • Protection of legal rights and safety

5. Your Rights

We empower you with control over your data:

5.1 Access and Control

Manage your information directly:

  • View your personal data through your account dashboard
  • Update account information anytime
  • Download your complete data history
  • Delete your account and associated data

5.2 Data Portability

Freedom to move your data:

  • Export expense reports in standard formats
  • Transfer data seamlessly to other services
  • Receive data in machine-readable formats

5.3 Communication Preferences

Control how we communicate with you:

  • Customize notification preferences in-app
  • Opt-out of marketing communications anytime
  • Select preferred communication channels

6. Data Retention

We maintain a balanced approach to data retention, keeping your information only as long as necessary for business purposes and legal compliance:

  • Active accounts: We retain your data throughout your active use of XpensePay to ensure seamless service delivery
  • Closed accounts: Data is kept for 5 years after account closure to comply with financial regulations and handle any disputes
  • Transaction records: Maintained for 7 years as required by Indian tax laws and accounting standards
  • Analytics data: Stored for 2 years in aggregated form to improve our services while protecting individual privacy

After these retention periods expire, your data is securely deleted using industry-standard methods.

7. International Data Transfers

While XpensePay primarily operates in India, we may transfer data internationally to provide our services. We ensure data protection through:

  • Standard contractual clauses approved by privacy regulators
  • Comprehensive data processing agreements with service providers
  • Strategic use of regional data centers to minimize data transfer
  • Strict compliance with Indian and international data protection laws

All international transfers are conducted with appropriate safeguards to protect your privacy rights.

8. Children's Privacy

XpensePay is designed for business use by adults. We take extra precautions regarding age restrictions:

  • Our services are strictly for users 18 and older
  • We do not knowingly collect data from minors
  • Parents should contact us if they believe their child's data has been collected
  • Any inadvertently collected minor's data will be promptly deleted

9. Updates to Privacy Policy

We evolve our privacy practices to serve you better:

  • Regular policy reviews to ensure accuracy and completeness
  • Updates posted with clear revision dates
  • Notification of significant changes via email
  • Continued use indicates acceptance of updates

We encourage you to review this policy periodically to stay informed about how we protect your data.

10. Contact Information

We're committed to addressing your privacy concerns promptly. Reach out to our dedicated privacy team through:

  • Through our website's Contact Form
  • Via the XpensePay mobile app's support section

For urgent privacy matters or data requests, please mark your communication as "Privacy Priority."