CashFlow
Log In Sign Up Free

Privacy Policy

Last updated: April 3, 2026

1. Introduction

CashFlow is a product of Pocket Pass Digital ("we", "our", "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and share information when you use CashFlow and its related services.

2. Information We Collect

Account Information: When you sign up, we collect your username, email address, and password (stored securely using industry-standard hashing).

Financial Data: Account balances, transactions, recurring rules, goals, and other financial information you enter. This data is stored encrypted and is only accessible to members of your household.

Payment Information: Subscription payments are processed by PayPal. We do not store your credit card numbers or PayPal credentials. We only retain your PayPal subscription ID for managing your billing.

Usage Data: We collect anonymized usage analytics, including pages visited, features used, and session duration, to improve the product experience.

Device & Browser: IP address, browser type, operating system, and device information for security monitoring and fraud prevention.

3. How We Use Your Information

  • To provide, maintain, and improve CashFlow services
  • To process your subscription and payments via PayPal
  • To send transactional notifications (billing, security alerts, account updates)
  • To monitor and prevent unauthorized access or fraud
  • To comply with legal obligations

4. Data Sharing

We do not sell, rent, or trade your personal data. We share information only with:

  • PayPal: For payment processing and subscription management
  • Sentry: For error monitoring (anonymized technical data only)
  • Hosting provider (Heroku/Salesforce): Infrastructure for running the service
  • Law enforcement: Only when required by law or valid court order

5. Data Security

We employ industry-standard security measures including HTTPS encryption in transit, HKDF-based encryption for sensitive data at rest, Content Security Policy (CSP) headers, rate limiting, session hardening, and audit logging. Access to production systems is restricted and monitored.

6. Data Retention

Your financial data is retained for as long as your account is active. If you delete your account, we will remove your personal and financial data within 30 days. Anonymized, aggregated data may be retained for analytics purposes. Payment records are retained as required by applicable tax and financial regulations.

7. Your Rights

  • Access: You can view and export all your financial data from within the app
  • Correction: You can update your personal and financial information at any time
  • Deletion: You may request complete deletion of your account and data
  • Portability: You can export your data in standard formats (CSV)

8. Cookies

CashFlow uses essential cookies for authentication, session management, and CSRF protection. We do not use advertising or tracking cookies. Theme preferences are stored in your browser's local storage.

9. Children's Privacy

CashFlow is not intended for children under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related inquiries, contact us at:
Pocket Pass Digital
One Global Place, BGC Taguig
Philippines 1630
wecare@pocketpass.app