Skip to content
ContriKaro

Privacy Policy

Last updated: 2026-04-29  |  Version 1.0

1. Who We Are

ContriKaro is a personal-finance and expense-splitting mobile application operated by Priyanshu Malik in Gurugram, Haryana, India. We help individuals and small groups track shared spending, split bills, and settle debts without the awkwardness. This Privacy Policy explains what personal data we collect when you use ContriKaro, why we collect it, how we use and protect it, and the rights you have over it.

For privacy questions or to exercise any of the rights described below, contact us at contriwisely@gmail.com.

2. What Data We Collect

We collect only the data we need to operate the service. The categories below are exhaustive for the current version of the app.

Account data

Your phone number is collected when you sign up so we can verify your identity by OTP. If you sign in with Google, we also receive your name, email address, and profile picture from Google. You can update your display name at any time from in-app Settings.

Expense and group data

Amounts, descriptions, categories, dates, splits, attachments, group names, and group memberships that you enter into the app. This is the content you actively create. We treat it as your data; we do not mine it for advertising and we do not sell it.

Device and diagnostic data

Operating system, app version, language, time zone, device model, a randomly generated install ID, and crash reports. We use this to diagnose problems, prioritize bug fixes, and keep the app working across devices.

Usage data

We may aggregate in-app actions such as which features you use and how often, session duration, and navigation paths into product analytics to improve the app. This is not tied to advertising identifiers, and the analytics provider we use will be named in the processor list below once enabled.

Optional, with your explicit consent

  • Notification-based expense detection (Android only). If you opt in on Android, ContriKaro uses the Android notification listener service to detect transactional notifications from your banking and payment apps (for example, UPI deposit and withdrawal alerts) and suggest expense entries. Notification content is processed on your device to extract amount, merchant, and timestamp; promotional notifications are ignored. We do not transmit notification content to our servers. You can turn this off at any time in Settings.
  • Voice input. If you opt in, ContriKaro uses your device's speech-recognition system to let you add expenses by voice. Audio is processed by your device or its system speech service; we do not store recordings on our servers.
  • Notifications. If you opt in, we send you settle-up reminders and group activity notifications.

3. Why We Collect It

  • To create and authenticate your account.
  • To provide the core features of the app: tracking expenses, splitting bills, calculating balances, and notifying you of group activity.
  • To diagnose crashes and fix bugs, and to measure which features are useful so we can improve the product.
  • To prevent abuse, fraud, and harassment, and to enforce our Terms of Service and Fair Use Policy.
  • To comply with applicable law and respond to lawful requests from authorities.

4. Who We Share It With

We do not sell your data. We share specific categories with the service providers below, only as needed for them to perform services for us, and under contracts that restrict their use of the data.

  • Twilio & 2Factor — phone number, to deliver one-time-password SMS for sign-up and login.
  • Firebase (operated by Google) — account authentication and, with your permission, push notifications via Firebase Cloud Messaging (FCM).
  • Google (Sign-In) — if you sign in with Google, your authentication is handled by Google's identity service.
  • Google Forms — if you join our pre-launch waitlist on contrikaro.com, your email address is captured through Google Forms.
  • Sentry — crash reports and diagnostic metadata, to help us debug issues. We do not send Sentry your expense content.
  • Amazon Web Services (AWS) — we host the app backend on AWS infrastructure in the Mumbai region.
  • Lawful authorities — if compelled by a valid legal process under Indian law, we may disclose data to government authorities. We aim to push back on overbroad requests.

We will update this list before adding any new processor that handles personal data.

5. Where Your Data Is Stored

Your account data, expenses, and groups are stored in our managed database hosted on AWS in the Mumbai (ap-south-1) region. Some of our processors (such as Sentry) operate from other regions; in those cases the data they receive is limited to what is necessary for their service.

6. How Long We Keep It

Account and content data is retained for as long as your account is active. When you request deletion (see Data Deletion), we immediately anonymize your account on confirmation: your name, email, phone number, profile picture, and other personally identifying fields are overwritten with placeholder values, your authentication tokens are revoked, and you are removed from all groups. This action is permanent and cannot be reversed.

Encrypted backup snapshots of our database are retained on a rolling schedule for disaster recovery only; they are not used for any other purpose and access to them is restricted to authorized administrators.

We may retain a minimal subset of records for longer where required by law or to handle disputes (for example, basic billing or tax-related logs once paid features ship). Where this applies, the retained records are anonymized or kept in restricted-access cold storage.

7. Your Rights

You have the following rights over your personal data:

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Update inaccurate information directly in-app or by contacting us.
  • Deletion. Request that your account and personal data be deleted. See Data Deletion.
  • Withdraw consent. Turn off optional features (SMS, voice, notifications) at any time in Settings.
  • Portability. Once our data export feature ships, you will be able to download your expenses and groups in a common, machine-readable format. Until then, you can request a manual summary of your data via the email below.
  • Complain. If you believe we've mishandled your data, you may raise a complaint with India's Data Protection Board once it is operational, or with the data protection authority in your jurisdiction.
  • Nominate. Under Section 14 of India's DPDP Act 2023, you may nominate another individual to exercise these rights on your behalf in the event of your death or incapacity. Contact us at the email below to register a nomination.

To exercise any of these rights, contact contriwisely@gmail.com. We aim to respond within 30 days.

8. How We Protect It

Data is encrypted in transit using TLS, and at rest using industry-standard encryption on our managed database. Access to production systems is restricted to authorized personnel and is logged. We do not sell, rent, or share personal data with advertisers, data brokers, or analytics resellers.

No system is perfectly secure. If we ever experience a breach affecting your data, we will notify you and the relevant authority as required by law.

9. Children

ContriKaro is intended for users aged 18 and older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact contriwisely@gmail.com and we will delete the account and associated data.

10. Changes to This Policy

We may update this policy as the service evolves or as the law changes. The version number and last-updated date at the top of this page reflect the current version. For material changes, we will notify you in-app on next open and ask you to acknowledge the updated policy before continuing.

11. Contact and Language

ContriKaro is operated by Priyanshu Malik in Gurugram, Haryana, India. For privacy questions, data requests, or complaints, write to us at contriwisely@gmail.com.

This Privacy Policy is published in English. In line with Section 6(3) of India's DPDP Act 2023, you may request a copy of this policy in Hindi or any other language specified in the Eighth Schedule to the Constitution of India by writing to the email above; we will provide a translation within a reasonable period.

Be the First to Know

Join the waitlist and get early access when we launch.

Be among the first 300 to join and unlock a premium feature — free, forever.