Your Money Data,
Fort Knox Secure
We understand that trusting an app with your financial data is a big decision. Here's exactly how we protect every rupee of your information — with no compromises.
How We Protect You
Six pillars of security that keep your financial data safe, private, and entirely under your control.
End-to-End Encryption
All data transmitted between your device and our servers is encrypted using TLS 1.3 — the same encryption standard used by leading banks. Your financial information is never exposed in transit.
Encrypted at Rest
Your data is encrypted on our servers using AES-256 encryption. Will & legacy documents get an additional encryption layer. Even in the unlikely event of a breach, your information remains unreadable without the encryption keys.
MPIN & Authentication
Beyond secure password hashing, magic links, and Google OAuth, Easy Finance offers page-level and item-level MPIN locks. Your MPIN is hashed with bcryptjs and verified locally — it never leaves your device.
Enterprise-Grade Infrastructure
Your data is hosted on world-class cloud infrastructure with 99.99% uptime, automatic backups, and disaster recovery. Our servers are located in trusted data centres with SOC 2 compliance.
Granular Data Sharing
CA access uses section-level permissions — you choose exactly which data your Chartered Accountant can see. Family member data sharing requires individual approval. You can revoke any access instantly.
You Own Your Data
Export all your data anytime as CSV. Delete your account and all data — transactions, documents, wills, planner items, and activity logs — is permanently removed within 30 days. Full DPDPA 2023 compliance.
Bank-Grade Security Standards
Easy Finance follows the same security practices trusted by major financial institutions. Our infrastructure is hosted on platforms that hold ISO 27001, SOC 2 Type II, and GDPR certifications — ensuring your data meets the highest global security standards.
Our Commitments to You
Plain-language promises about how we handle your data.
No third-party trackers or analytics scripts that compromise privacy
No selling or sharing of financial data with advertisers
Automatic session expiry and secure token management
Row-level security ensures users can only access their own data
MPIN page-level locks with bcrypt hashing — verified on-device only
Will data requires OTP verification with 15-minute session TTL
CA data sharing is section-gated, member-approved, and instantly revocable
Receipt images processed by Gemini API are not stored or used for training
Append-only audit trail — activity logs cannot be edited or deleted
DPDPA 2023 compliant: access, correction, erasure, and data portability
Minimal data collection — we only store what's necessary
Open and transparent privacy policy with no hidden clauses
Security Questions? Answered.
Common questions about how we handle and protect your data.
Can Easy Finance employees see my financial data?+
No. Access to production data is strictly limited and requires multiple layers of authorisation. Your financial records are encrypted and not accessible to our team during normal operations.
What happens if I delete my account?+
When you delete your account, all your personal data, transactions, documents, wills, planner items, and family records are permanently removed from our servers within 30 days. This action is irreversible.
How does MPIN protection work?+
MPIN is a 4-digit code you set in Settings to lock sensitive pages (income, investments, tax summary, will, etc.) and individual items. It is hashed with bcryptjs and verified entirely on your device — the plain MPIN never leaves your phone. Will & Legacy is always locked by default.
How secure is my Will & Legacy data?+
Will documents receive AES-256 encryption at rest on top of the standard database encryption. Accessing will data requires a separate email OTP verification with a 15-minute session time-to-live. The Will section is always behind MPIN lock regardless of your other settings.
What can a CA (Chartered Accountant) see?+
Only the specific sections you select when inviting them (e.g., income, expenses, tax data). If a family admin shares a member's data with a CA, that member must individually approve the request. You can revoke CA access at any time — it takes effect immediately.
Do you use my data to train AI models?+
Absolutely not. Your financial data is never used for machine learning, AI training, or any form of automated profiling. When you scan a receipt, only that image is sent to Google's Gemini API for extraction — Google does not retain or train on your images per their API terms.
Is my data backed up?+
Yes. We maintain encrypted, automated backups to ensure your data is never lost due to hardware failures or unexpected incidents. Backups follow the same strict encryption standards as live data.
How do you handle family data and privacy?+
Family features use strict permission controls. Each member can only see their own data. The family admin sees the combined picture, but individual records remain private. CA data sharing for family members requires that member's explicit approval.
Is Easy Finance compliant with Indian data protection laws?+
Yes. We comply with the Digital Personal Data Protection Act (DPDPA) 2023 including: right to access (view all your data in-app), right to correction (edit directly), right to erasure (delete account), data portability (CSV export), and consent withdrawal (revoke CA access, leave families).
Ready to Trust Easy Finance?
Join thousands of Indian families who trust us with their financial data. Start for free — no credit card needed.