1. Introduction
Kashin ("we", "us", "our") operates the website kashin.id and the Kashin application. This Privacy Policy explains how we collect, use, store, and share information when you use our service.
2. Information We Collect
2.1 Google Account Information
When you sign up or log in using Google, we request the following scopes and collect the corresponding data:
- openid, userinfo.profile, userinfo.email — Your name, email address, and profile picture. Used to create and identify your Kashin account.
- gmail.readonly — Read-only access to your Gmail inbox. Used exclusively to scan emails from banks and financial institutions to extract transaction data. Kashin never modifies, deletes, or sends emails on your behalf.
2.2 Financial Transaction Data
We use artificial intelligence to extract financial transaction details (amount, date, merchant, description) from bank notification emails. This extracted data is stored in your account and displayed within the app.
2.3 Manually Entered Data
Any transactions, categories, budgets, bank accounts, or recurring transactions you manually create in the app.
3. How We Use Your Data
- Authenticate you via Google Single Sign-On
- Display your name and profile picture within the app
- Read bank notification emails to automatically extract and categorize financial transactions
- Provide personal finance tracking, budgeting, and reporting features
- Improve the accuracy of our AI-based transaction extraction
4. How We Store and Protect Your Data
Your data is stored in secure databases with encryption at rest and in transit. We implement industry-standard security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal information.
Gmail access tokens are stored securely and used only for the purposes described in this policy. We do not store raw email content — only the extracted transaction data is retained.
5. Data Sharing
We do not sell, rent, or share your personal data with third parties for marketing purposes. Your data may be shared only:
- With service providers who assist in operating the app (hosting, AI processing)
- When required by applicable law or legal process
- To protect the rights, property, or safety of Kashin and its users
6. Google API Limited Use Disclosure
Kashin's use of information received from Google APIs complies with Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We only transfer Google user data to third parties if it is necessary to provide or improve the Kashin features that the data was collected for.
- We do not use Google user data for serving advertising, including retargeting, personalized or interest-based advertising.
- We do not sell Google user data to third parties.
- We do not use Google user data for purposes other than the features described in this policy without obtaining additional user consent.
7. Data Retention
We retain your data for as long as your account is active or as needed to provide our service. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
8. Your Rights
- Revoke Gmail access — You can disconnect Gmail at any time from the app settings. This revokes the gmail.readonly permission and stops email scanning.
- Delete your account — You can request account deletion, which removes all your data.
- Access your data — You can export or view all data stored in your account at any time.
You may also revoke Google OAuth access directly through your Google Account security settings at any time.
9. Cookies
We use essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics cookies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page with a new "Last updated" date.
11. Contact
If you have questions about this Privacy Policy or your data, contact us at support@kashin.id.