SG Finance Tracker logoSG Finance Tracker

Privacy Policy

Last updated: February 22, 2026

1. What We Collect

When you use the SG Finance Tracker Telegram bot, we collect:

  • Telegram ID & username — to identify your account and send you messages.
  • Google OAuth refresh token — to access your Google Sheet on your behalf. This token is encrypted at rest using Fernet symmetric encryption.
  • Expense data — amounts, categories, descriptions, and payment methods you enter. This data is written directly to your Google Sheet.
  • Bot preferences — billing reminders, budget limits, recurring transactions, templates, and notification settings you configure.
  • Account tier & subscription status — your current plan (Free, Plus, or Pro) and subscription dates.
  • Referral relationships — if you invite a friend or join via a referral link, we store the referral connection (referrer ID and referred ID) to provide bonus AI queries.
  • Usage metrics — we log anonymized usage events (command types and timestamps) for analytics and debugging. No expense amounts, descriptions, or personal financial content is included in these logs. Events are automatically deleted after 90 days.

2. How We Store Your Data

  • Your data is stored in a PostgreSQL database hosted on Railway.app.
  • Google OAuth tokens are encrypted using Fernet (AES-128-CBC) before being stored. We never store tokens in plain text.
  • Your expense data is stored only in your own Google Sheet — we do not keep a separate copy.

3. Google Sheets Access

We request Google Drive access solely to create and manage a single finance tracking spreadsheet for you. We:

  • Never read, modify, or access any of your other Google files.
  • Only write expense data to the sheet we created.
  • Only read from that sheet to generate summaries and reports.

4. AI Features

The bot includes AI-powered features that process your financial data using third-party AI services:

  • Ask AI (/ask) — when you ask a financial question, the bot sends relevant data from your Google Sheet (such as recent expenses, monthly summaries, and budget information) to an AI provider to generate an answer. Only the data relevant to your question is sent.
  • Receipt Scanning — when you send a photo of a receipt, the image is sent to Google Gemini Vision to extract the amount, description, and category.
  • Weekly Digest — if you are on a paid plan, the bot may send your weekly spending data to an AI provider to generate automated spending insights.

Important: Your data is sent to AI providers only when you explicitly use these features (or opt in to automated insights). AI providers do not retain your data after processing. We use Google Gemini AI as our primary provider, with OpenAI as a fallback if Gemini is unavailable.

5. Data Sharing

We never sell your data. Your data is shared only with the following services, solely to provide bot functionality:

  • Google Sheets API — to read and write your expense data.
  • Google Gemini AI (on-demand) — to answer your financial questions and scan receipts. Data is sent only when you explicitly use these features and is not retained by Google after processing.
  • OpenAI API (fallback only) — used only if Google Gemini is unavailable. Same on-demand, non-retained basis.

6. Data Deletion

You can request deletion of all your data at any time by using the /disconnect command or contacting us. When you do, we will:

  • Delete your user record, encrypted tokens, and all associated data from our database.
  • Remove all associated reminders, budgets, templates, referral records, and settings.
  • Note: Your Google Sheet remains in your Google Drive — you can keep or delete it yourself.

7. Security

We take security seriously:

  • OAuth tokens are encrypted at rest (Fernet/AES).
  • All communication uses HTTPS/TLS.
  • Database access is restricted to the application server only.
  • No passwords are stored — authentication is handled via Telegram and Google OAuth.
  • User-generated text is escaped before display to prevent injection attacks.
  • Usage event logs are automatically pruned after 90 days.

8. Contact

For questions about this privacy policy or to request data deletion, reach out via the bot using the /help command or email us at sgtelegramfinancetracker@gmail.com.