CostWise — Privacy Policy
Last updated: 6 April 2026 | Softwaller Technologies Private Limited
1. Who We Are
CostWise is built and operated by Softwaller Technologies Private Limited ("Softwaller", "we", "us"), a company incorporated in India.
- CIN: U62099TN2024PTC172175
- PAN: ABNCS9750Q
- Registered office: 3-15/8, Singandi Lakshmana Mudhali Street, Tharamangalam, Salem, Tamil Nadu – 636 502, India
- Contact: apps@softwaller.com
This policy explains what data CostWise collects, why, and what control you have over it.
2. What This Policy Covers
This policy applies to the CostWise mobile app (package com.costwise.app) on Google Play, and to any related services we run such as cloud sync and customer support email.
It does not cover third-party apps or websites you may open from inside CostWise.
3. Information We Collect
We deliberately collect as little as possible. What we collect depends on whether you use the Free tier or the Premium tier.
Free tier — local-only
- Expenses, persons, categories, budgets, settings — stored in a SQLite database on your phone only. This data never leaves your device. We cannot see it.
Premium tier (only if you sign in)
- Cloud sync data — your expenses are mirrored to Google Firestore in the asia-south1 (Mumbai) region so you can use the app across devices.
- Authentication — Email + password OR Google sign-in via Firebase Authentication. We store your email address and a Firebase user ID. We never see or store your Google password.
- Push notifications — a Firebase Cloud Messaging (FCM) device token so we can send budget alerts and reminders.
- Receipt photos (opt-in) — if you choose to attach a receipt photo, the image is uploaded to Firebase Cloud Storage (us-central1). You can delete any photo at any time.
- Subscription status — handled by RevenueCat. RevenueCat receives only your entitlement state (premium = true/false) and product ID. It does not receive your name, email, or expense data.
Both tiers (anonymous, all users)
- Device identifier — a Firebase Installation ID used by App Check to block bots and abuse. This is not tied to your real identity.
- Crash reports — anonymised stack traces via Firebase Crashlytics, only in release builds. We use these to fix bugs.
- Basic analytics — screen views and button taps via Firebase Analytics. Anonymised. Used to understand which features are useful.
Payments
Payment data is processed by Google Play Billing. Softwaller never sees your card number, UPI ID, or bank details. Google sends us only a confirmation that a purchase was made.
4. How We Use Information
We use the data above only to:
- Provide the app and sync your expenses across your devices (Premium).
- Process subscription billing through Google Play.
- Reply to your support emails.
- Diagnose crashes and fix bugs.
- Prevent fraud and abuse via App Check.
- Improve the app based on which features people actually use.
We do not use your data for advertising, profiling, or any kind of credit scoring.
5. Data We DO NOT Collect
CostWise does not collect any of the following:
- Your contacts
- Your SMS messages or call logs
- Your location (GPS, Wi-Fi, or cell)
- Your microphone input (until and unless you opt in to the upcoming voice expense feature)
- Your camera feed (until and unless you opt in to the upcoming receipt scan feature, and only the photo you take)
- Your bank account numbers, UPI IDs, or card details
- Your browsing history outside CostWise
We do not run advertising SDKs that track you across other apps.
6. Where Data Is Stored
| Data | Where it lives |
|---|---|
| Free-tier expenses, persons, settings | Local SQLite database on your phone — nowhere else |
| Premium cloud sync (expenses) | Google Firestore — asia-south1 (Mumbai), India |
| Receipt photos (Premium opt-in) | Firebase Cloud Storage — us-central1 (United States) |
| Auth credentials | Firebase Authentication — Google global infrastructure |
| Crash logs | Firebase Crashlytics — Google global infrastructure |
When data leaves India (for example, receipt photos in us-central1), it is protected by Google’s standard contractual clauses and encrypted both in transit and at rest.
7. Sharing With Third Parties
We share the minimum data necessary with these processors:
- Google (Firebase, Play Billing, Analytics, Crashlytics) — hosts authentication, sync, crash reporting, analytics, and billing.
- RevenueCat — verifies your subscription entitlement only.
We do not:
- Sell your data to anyone, ever.
- Share your data with advertising networks or data brokers.
- Allow third parties to use your data for their own marketing.
If we are ever legally required to disclose data (court order, lawful government request under the IT Act 2000), we will do so only to the extent strictly required and, where lawful, notify you.
8. Your Rights Under the DPDP Act 2023
Under India’s Digital Personal Data Protection Act, 2023, you have the right to:
- Access the personal data we hold about you.
- Correct any inaccurate data.
- Erase your data and close your account.
- Port your data to another service in a machine-readable format.
- Withdraw consent at any time. Withdrawing consent does not affect lawful processing done before the withdrawal.
- File a grievance with our Grievance Officer (see Section 14).
To exercise any of these rights, email apps@softwaller.com from the address registered with your CostWise account. We will respond within 7 business days.
9. Children’s Privacy
CostWise is not directed at children under the age of 13. We do not knowingly collect personal data from anyone under 13. If you are a parent or guardian and believe your child has provided us data, please email apps@softwaller.com and we will delete it.
10. Data Retention
- Local data on your device — kept until you uninstall the app or delete it from inside the app.
- Cloud-synced data (Premium) — kept for 5 years after your last sign-in, then automatically deleted. You can ask us to delete it sooner at any time.
- Crash logs — kept for 90 days, then deleted.
- Subscription records — retained as required by Indian tax law (typically 7 years).
11. Security
We protect your data with:
- Firebase Authentication with custom claims for premium status.
- Firestore security rules that ensure only you can read or write your own data.
- Firebase App Check to block traffic from non-genuine apps.
- HTTPS / TLS encryption for all data in transit.
- Encryption at rest for all data stored in Firebase.
No system is perfectly secure. If we ever discover a breach affecting your data, we will notify you and the Data Protection Board of India as required under the DPDP Act 2023.
12. Your Choices
You are in control:
- Sign out any time from Settings.
- Delete your account and all cloud data by emailing apps@softwaller.com — see also our account deletion page.
- Uninstall the app to remove all local data from your device.
- Turn off analytics from Settings → Privacy.
13. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you inside the app and, for Premium users, by email, at least 30 days before the change takes effect. The "Last updated" date at the top of this page always reflects the latest version.
14. Grievance Officer
Under the IT Act 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2011, and the DPDP Act 2023, we have appointed a Grievance Officer:
- Name: Sid (Founder)
- Email: apps@softwaller.com
- Address: Softwaller Technologies Private Limited, 3-15/8, Singandi Lakshmana Mudhali Street, Tharamangalam, Salem, Tamil Nadu – 636 502, India
- Response time: within 7 business days of receipt
You may contact the Grievance Officer for any complaint about this policy or how we handle your data.
15. Contact
For any privacy question about CostWise, write to: Softwaller Technologies Private Limited (CIN: U62099TN2024PTC172175), 3-15/8, Singandi Lakshmana Mudhali Street, Tharamangalam, Salem – 636 502, Tamil Nadu, India | Email: apps@softwaller.com