Iguana Tech← SimpleExpense

Privacy Policy for Simple Expense Tracker

Effective Date: May 15, 2026 Last Updated: May 26, 2026

Introduction

Simple Expense Tracker ("we," "our," or "us") operates the website https://simpleexpense.iguana-tech.com/ (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using our Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Information from Google Authentication

When you sign in with Google, we collect:

  • Your Google account email address
  • Your Google profile name
  • Your Google profile picture (if available)
  • A unique Google user identifier

We only request the minimum permissions necessary to provide authentication services.

2. Expense Data You Provide

When you use our Service, you may provide:

  • Invoice images and receipt photos
  • Expense descriptions
  • Expense amounts and dates
  • Vendor/merchant names
  • Expense categories
  • Notes and comments

3. Automatically Collected Information

We may automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Usage data (pages visited, time spent on pages)
  • Cookies and similar tracking technologies

How We Use Your Information

We use the collected information to:

  1. Provide and Maintain the Service

    • Authenticate your identity
    • Process and categorize your expenses
    • Generate expense reports and dashboards
    • Store your expense history

  2. Improve User Experience

    • Analyze usage patterns
    • Optimize OCR accuracy
    • Enhance app features

  3. Communication

    • Send service-related notifications
    • Respond to your inquiries
    • Provide customer support

  4. Security

    • Detect and prevent fraud
    • Protect against unauthorized access
    • Ensure platform security

Google OAuth Data Usage

Limited Use Disclosure

Simple Expense Tracker's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We only use your Google account data for authentication purposes
  • We do not access your Gmail, Google Drive, or other Google services
  • We do not share your Google user data with third parties except as necessary to provide the Service or as required by law
  • We do not use your Google data for advertising purposes
  • We do not allow humans to read your data unless:
    • We have your explicit consent
    • It's necessary for security purposes
    • It's required to comply with applicable law

Data Storage and Security

Invoice Storage Plans

Standard Plan:

  • Digital invoice copies (PDFs and images) are stored for 6 months from the upload date
  • After 6 months, invoice files are automatically deleted
  • Expense metadata (amounts, dates, descriptions, categories) remains accessible indefinitely
  • Users will receive email notifications 30 days before invoice deletion

Premium Plan (Additional Fees Apply):

  • Extended invoice storage up to 5 years
  • Priority support
  • Advanced reporting features
  • For pricing and plan details, contact: info@iguana-tech.com

Download Your Invoices: You can download your invoice files at any time before the retention period expires to maintain your own archive, you have to send the request to info@iguana-tech.com.

How We Store Your Data

  • Your expense data is stored securely in encrypted databases
  • Invoice images are stored in secure cloud storage with encryption at rest
  • We use industry-standard security measures to protect your information

Security Measures

We implement:

  • SSL/TLS encryption for data transmission
  • Encrypted database storage
  • Regular security audits
  • Access controls and authentication
  • Secure server infrastructure

However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Data Sharing and Disclosure

We Do Not Sell Your Data

We do not sell, trade, or rent your personal information to third parties.

When We May Share Your Data

We may share your information only in these circumstances:

  1. Service Providers

    • Cloud hosting providers (for data storage)
    • OCR and AI service providers (for invoice processing)
    • Analytics providers (for app improvement)

    These providers are contractually obligated to protect your data and use it only for specified purposes.

  2. Legal Requirements

    • To comply with legal obligations
    • To respond to lawful requests from public authorities
    • To protect our rights and safety
    • To investigate potential violations

  3. Business Transfers

    • In the event of a merger, acquisition, or sale of assets, your data may be transferred (you will be notified)

  4. With Your Consent

    • When you explicitly authorize us to share specific information

Your Data Rights

You have the right to:

1. Access Your Data

Request a copy of all personal data we hold about you.

2. Rectification

Request correction of inaccurate or incomplete data.

3. Deletion

Request deletion of your account and associated data.

4. Data Portability

Request your data in a machine-readable format.

5. Withdraw Consent

Revoke permission for data processing at any time.

6. Object to Processing

Object to how we process your data.

To exercise these rights, contact us at: info@iguana-tech.com

Data Retention

  • Active accounts: We retain your data while your account is active
  • Deleted accounts: We delete your data within 30 days of account deletion
  • Legal requirements: Some data may be retained longer if required by law
  • Backups: Data in backup systems may persist for up to 90 days

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze site usage
  • Improve performance

You can control cookies through your browser settings. Disabling cookies may affect Service functionality.

Types of Cookies We Use

  • Essential Cookies: Required for authentication and basic functionality
  • Analytics Cookies: Help us understand how you use the Service
  • Preference Cookies: Remember your settings and preferences

Third-Party Services

Our Service may use third-party services:

  1. Google OAuth - For user authentication (identity scopes only: name and email)
  2. Google Gemini API - For invoice text extraction and field recognition
  3. Google Sheets - For expense records (allow-list, per-customer CAD/USD expense tabs, audit log) accessed via a Google service account
  4. Microsoft SharePoint - For storage of uploaded invoice files, accessed via Microsoft Graph (app-only)
  5. Vercel - For application hosting and usage analytics

Each third-party service has its own privacy policy. We encourage you to review them.

Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18.

If you believe we have collected information from a child under 18, please contact us immediately, and we will delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

Your continued use of the Service after changes constitutes acceptance of the updated policy.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell data)
  • Right to deletion
  • Right to non-discrimination for exercising your rights

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access, rectification, erasure, and data portability
  • Right to restrict or object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing your data includes:

  • Consent: You have given clear consent
  • Contract: Processing is necessary to fulfill our contract with you
  • Legal obligation: Processing is required by law
  • Legitimate interests: Processing is in our legitimate business interests

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: info@iguana-tech.com Website: https://iguana-tech.com

For Google OAuth concerns specifically: info@iguana-tech.com

Dispute Resolution

If you have a complaint about our data practices, please contact us first. We will investigate and attempt to resolve complaints in accordance with this Privacy Policy.

If you are in the EEA, you have the right to lodge a complaint with your local data protection authority.

Scope and Application

This Privacy Policy applies to:

  • The Simple Expense Tracker web application (https://simpleexpense.iguana-tech.com/)
  • All related services and features
  • All users who access or use our Service

This Privacy Policy does not apply to:

  • Third-party websites linked from our Service
  • Services not owned or controlled by us

By using Simple Expense Tracker, you acknowledge that you have read and understood this Privacy Policy.

Last Updated: May 26, 2026