Privacy Policy

We do not store any of your financial data on our servers. All of your financial records — income, expenses, EMIs, credit cards, debts, investments, savings, goals and subscriptions — are encrypted inside your browser and saved as a single encrypted file (avanzolog_vault.bin) in your own personal Google Drive (under the Avanzo › bin folder).

The encryption key is derived from your registered email address, so the file can only be decrypted in your authenticated session. We never receive, see, or have the ability to read your decrypted financial data.

We keep the minimum required to operate the paywall and support you:

• Account email — to verify your membership and grant access.
• Payment metadata — handled by our payment processor (Razorpay). We store a payment/subscription reference and your plan type, never your card details.
• Messages you send us — if you submit a "Concern" or "Idea" form, we receive your name, email and message so we can respond.
• Basic technical data — a session token stored in your browser to keep you signed in.

We use Google Sign-In to authenticate you and the Google Drive API to store your encrypted vault. We request only the drive.filescope, which limits our access strictly to the single file the app creates (avanzolog_vault.bin). We cannot see, list, or access any other files in your Google Drive.

AvanzoLog's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Google account data is used only to provide the app's core sign-in and storage features and is never sold or used for advertising.

• Google — authentication and Drive storage.
• Razorpay — payment processing (one-time and subscriptions).
• Email (SMTP) — to send your welcome email and account communications.

Because your financial data lives in your Google Drive, you control it directly. You can delete the avanzolog_vault.bin file from your Drive at any time to remove all of your financial data (note: this is irreversible). To have your email removed from our members list, email us at support@avanzolog.com.

Your vault is encrypted using AES-256-GCM in your browser before it ever leaves your device. We use HTTPS for all connections. Still, no method of transmission or storage is 100% secure, and you are responsible for safeguarding access to your Google account.

AvanzoLog is not directed to individuals under 18, and we do not knowingly collect their data.

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

Questions? Email support@avanzolog.com.