Xpenza

Privacy Policy

Privacy Policy

Last updated: May 6, 2026

1. Introduction

Welcome to Xpenza ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial tracking application. Xpenza is a product of Moushree Enterprise LLP.

2. Information We Collect

2.1 Information from Google Sign-In

When you sign in with Google, we collect:

  • Your name and email address
  • Your Google profile picture
  • Access tokens to interact with Google Drive on your behalf

2.2 Financial Data You Provide

When you use Xpenza, you may input:

  • Expense records (descriptions, amounts, dates, categories)
  • Income records (descriptions, amounts, dates)
  • Reimbursement tracking information
  • Bill images and documents you upload

2.3 Automatically Collected Information

We may automatically collect certain information including browser type, device information, and usage patterns through analytics services.

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain the Xpenza service
  • Store your financial data in your personal Google Drive
  • Upload and organize bill images in your Google Drive
  • Generate Bill of Materials (BOM) spreadsheets
  • Enable collaboration features through shared project links
  • Scan bills using AI to extract information (via Google Gemini API)
  • Improve and optimize our application

4. Data Storage and Security

4.1 Where Your Data is Stored

Your financial data is stored in two locations:

  • Your browser's local storage — For quick access and offline functionality
  • Your Google Drive — For backup and synchronization across devices

Important: We do not store your financial data on our servers. All data remains in your control through your Google account.

4.2 Security Measures

We implement appropriate security measures including:

  • Secure HTTPS connections for all data transmission
  • OAuth 2.0 authentication through Google
  • No server-side storage of your financial data
  • Scoped Google API permissions (only access to files we create)

5. Third-Party Services

Xpenza integrates with the following third-party services:

  • Google OAuth — For authentication
  • Google Drive API — For data storage and file management
  • Google Sheets API — For generating BOM spreadsheets (using drive.file scope — only accesses files created by Xpenza)
  • Google Gemini API — For AI-powered bill scanning
  • Vercel — For application hosting and analytics

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

  • When you explicitly share a project with collaborators
  • To comply with legal obligations
  • To protect our rights and safety

7. Your Rights and Choices

You have the right to:

  • Access — View all your data stored in Google Drive
  • Delete — Remove your data by deleting the Xpenza folder in Google Drive
  • Revoke Access — Remove Xpenza's access via Google Account settings
  • Export — Download your data from Google Drive at any time

8. Cookies and Local Storage

Xpenza uses browser local storage to:

  • Store your financial data for quick access
  • Remember your selected project
  • Maintain your session state

9. Children's Privacy

Xpenza is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Google API Services User Data Policy Compliance

Xpenza's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular, Xpenza:

  • Only requests access to the Google API scopes that are necessary to provide its features
  • Does not use Google user data for serving advertisements
  • Does not allow humans to read user data unless we have your affirmative agreement, it is necessary for security purposes, or it is required by law
  • Does not transfer Google user data to third parties except as necessary to provide or improve app features, comply with applicable law, or as part of a merger or acquisition with adequate data protection

12. Contact Us

If you have any questions about this Privacy Policy or our practices, please contact us at:

Support.Xpenza@moushreeenterprise.com

← Back to Xpenza