The short version: Cashflow HQ stores your transaction data securely on our servers to keep it synced across your devices. We do not sell your data, share it with advertisers, or use it for any purpose other than providing the app to you.
1. Who we are
Cashflow HQ is a personal finance application and a product of Leadingdots Solutions Pvt Ltd ("we", "us", "our"), a company registered in India. Leadingdots Solutions Pvt Ltd is the data controller responsible for your information. You can reach us at hello@cashflowhq.io. We serve users globally.
2. Information we collect
When you create an account and use the app, we collect the following:
- Account information — your name and email address, collected when you register.
- Transaction data — income, expenses, budget amounts, categories, and notes you enter in the app. This data is stored on our secure servers to enable syncing across your devices and account recovery.
- Usage analytics — anonymous, aggregated data about how features are used (e.g. which screens are visited most). This never includes your financial figures.
- Crash reports — if the app crashes, we may receive a technical report to help us fix the issue. These do not contain your financial data.
- Device information — device type and OS version, collected to ensure compatibility and performance.
3. How your data is stored
Your transaction data and account information are stored on secure servers hosted on Amazon Web Services (AWS). AWS is certified under ISO 27001:2022, SOC 1/2/3, and PCI DSS. Our parent company, Leadingdots Solutions Pvt Ltd, holds an ISO 27001:2022 certification, reflecting a company-wide commitment to information security management best practices. All data is encrypted in transit using TLS and encrypted at rest.
Your data is associated with your account and can be accessed from any device you log into. If you delete your account, your data is permanently deleted from our servers within 30 days.
4. Why we collect your data
We use your data solely to:
- Provide and operate the Cashflow HQ app and your account
- Sync your transactions across your devices
- Allow account recovery if you change or lose your device
- Improve app performance and fix bugs
- Respond to your support requests
5. What we do NOT do
- We do not sell, rent, or trade your data to any third party
- We do not use your data for advertising or marketing purposes
- We do not connect to or access your bank accounts
- We do not share your individual financial data with anyone
- We do not collect your precise location
6. Data sharing
We do not share your personal or financial data with third parties except in the following limited circumstances:
- Service providers — we use AWS to host our infrastructure. They process data on our behalf under strict data processing agreements and do not use your data for their own purposes.
- Legal requirements — if required by law, court order, or government authority, we may be required to disclose certain information.
- Business transfers — if Cashflow HQ is acquired or merges with another company, your data may be transferred. We will notify you beforehand.
7. International data transfers
As a global service with infrastructure on AWS, your data may be stored and processed in regions including the United States and others where AWS operates. We ensure appropriate safeguards are in place for any international transfer, including standard contractual clauses where required by applicable law (such as GDPR).
8. Third-party services
The app may use the following third-party services, each with their own privacy policy:
- Amazon Web Services (AWS) — secure cloud infrastructure and database hosting
- Apple App Store / Google Play — app distribution
- Analytics provider — anonymous usage statistics only
9. Data retention
We retain your data for as long as your account is active. If you delete your account, we will permanently delete your personal and transaction data within 30 days, except where retention is required by law.
10. Children's privacy
Cashflow HQ is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect information from children. If you believe a child has created an account, please contact us and we will delete it promptly.
11. Your rights
Depending on where you live, you may have rights including:
- Access — request a copy of the data we hold about you
- Correction — request we correct inaccurate data
- Deletion — request deletion of your account and all associated data
- Portability — request your data in a portable format
- Objection — object to certain types of processing
- Restriction — request we restrict processing of your data
These rights apply to users in the EU (GDPR), California (CCPA), and other jurisdictions with applicable privacy laws. To exercise any right, contact us at hello@cashflowhq.io. We will respond within 30 days.
12. Security
We take security seriously. Leadingdots Solutions Pvt Ltd, the parent company of Cashflow HQ, holds an ISO 27001:2022 certification — the international standard for information security management. Your data is protected by TLS encryption in transit, encryption at rest on AWS, and access controls that limit who within our team can access user data. We regularly review and audit our security practices. However, no system is completely secure — if you suspect unauthorized access to your account, contact us immediately.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top. For significant changes that affect how we use your data, we will notify you via email or an in-app notification at least 14 days before the change takes effect.
14. Contact us
For any questions, data requests, or privacy concerns — including requests to access, correct, or delete your data — please contact us at:
Email: hello@cashflowhq.io
We handle all enquiries including general support, privacy requests, and data subject requests through this address.
You may also reach us by post at either of our offices:
-
Registered Office (India):
Leadingdots Solutions Pvt Ltd
H 154, Beta 2
Greater Noida, Uttar Pradesh, India -
US Office:
Leading Dots USA, Inc
1216 Broadway 30 W
New York, NY 10001, United States
We aim to respond to all enquiries within 2 business days, and within 30 days for formal data subject requests as required by applicable law.