CashMan
Privacy and data handling information
Privacy Policy - CashMan
This Privacy Policy explains how CashMan collects, uses, stores, and protects user data for users in India. It is prepared in line with applicable Indian legal requirements including the Digital Personal Data Protection Act, 2023.
Data Categories
- Personal information: name, email address, and account identifier when provided by the user or admin.
- Financial information: ledger records, transaction entries, outstanding balances, and related bookkeeping fields entered in the app.
- Authentication data: login credentials handled by Firebase Authentication and token/session state used for signed-in access.
- Device and technical information: basic browser and device details, IP-related logs, and app diagnostics for security and troubleshooting.
How Firebase Is Used
- Firebase Authentication is used to verify user identity during sign-in.
- ID tokens are validated server-side for protected routes and secure session continuity.
- Firebase services may process technical metadata needed for authentication and abuse prevention.
Firebase is a third-party service by Google and is governed by Google Privacy and Security terms in addition to this policy.
Login and Access Control
- User login is performed through secure credentials.
- Access control is role/group based where applicable.
- Failed or invalid authentication attempts may clear active session state and require re-login.
Cookie and Session Policy
- We use cookies or equivalent session storage for authentication tokens and secure user session management.
- These are essential cookies and are required for core app functionality (login, navigation, and access control).
- Users can clear browser cookies, but this may sign them out and impact functionality.
Fingerprint and Device Biometric Use
- The CashMan website in a normal web browser does not directly read or store your fingerprint data.
- If you open CashMan in a regular mobile browser, biometric access is not triggered by the website itself.
- Biometric prompts may be shown only inside the official Android application or Android WebView wrapper where device-level biometric features are enabled.
- In that Android app flow, fingerprint or device biometric verification is handled by the device operating system. CashMan does not receive the raw fingerprint image.
- If biometric quick login is enabled in the Android app, related sign-in convenience data may be stored locally on the device using protected Android security mechanisms.
Important: users should understand that biometric login is an Android app feature. Using CashMan from a browser, including on mobile, does not mean the website is collecting fingerprint data directly.
Declaration Guidance
Be accurate and transparent. Do not hide collection or processing of personal, financial, authentication, or device data.
Google Play Console cross-checks declarations.
| Play Data Type | Collected | Shared | Primary Purpose |
|---|---|---|---|
| Personal info (Name, Email) | Yes | No (except service providers needed to run the app) | Account creation, identity, support |
| Financial info | Yes | No (except authorized processing/storage providers) | Bookkeeping, ledger and reporting features |
| Authentication data | Yes | Processed by Firebase Authentication | Secure login and access control |
| Device or other IDs / diagnostics | Yes (limited technical metadata) | No, unless required for infrastructure and security | Security, abuse prevention, debugging |
Encryption in transit is applied. Users can request account-related support and data handling clarifications through the contact email.
Your Rights
- Request access to personal data we process for your account.
- Request correction of inaccurate data.
- Request deletion, subject to legal and contractual retention obligations.
- Withdraw consent where applicable to consent-based processing.
Privacy Contact
For privacy-related requests, contact: mail@arunsr.in.net