Privacy Policy & Terms of Service

Last Updated: February 12, 2026

1. Introduction

Welcome to JotPay – Daily Ledger. We are committed to protecting your privacy and ensuring the security of your financial data. This Privacy Policy explains how your information is collected, used, and stored when you use the JotPay mobile application.

2. Data Collection and Storage

2.1. Local-First Architecture

JotPay operates on a "Local-First" basis. Your financial transaction logs, descriptions, and amounts are stored locally on your device's internal storage in a secure Room Persistence SQL database. We do not have access to this local database.

2.2. Cloud Synchronization (Optional)

If you choose to use the "Link Device" feature, your data will be synchronized using Google Firebase Realtime Database as a blind relay.

Encryption: We use industry-standard AES-128 encryption (CBC Mode). Every transaction is encrypted with a unique, randomized Initialization Vector (IV), ensuring that your data remains private and unreadable to anyone else, including the developers.
Keys: The decryption keys are generated and stored solely on your devices. We cannot decrypt or view your financial data.
Retention: Data on the cloud serves strictly as a synchronization relay between your linked devices.

3. Permissions

We request the minimum permissions necessary for functionality:

CAMERA: Required strictly for scanning QR codes via the ZXing SDK to link devices. No images are saved or transmitted.
INTERNET: Required only to synchronize encrypted data between your linked devices.

4. Data Ownership and Export

You retain full ownership of your data. The application provides built-in tools to export your transaction history to CSV (Excel) or Text formats at any time. You may delete your data by clearing the application storage, deleting transactions individually, or uninstalling the application.

5. Third-Party Services & Data Safety

We use Google Firebase to provide synchronization infrastructure. By using the sync feature, you acknowledge that third-party services may collect data used to identify your device for security and performance purposes:

Device Identifiers: We collect a unique Installation ID (UUID) to manage device linking and synchronization sessions.
App Performance: Firebase may collect diagnostic data (crash logs, performance metrics) to ensure service stability.

For more information on how Google handles this data, please refer to the Google Privacy Policy.

6. Changes to This Policy

We may update our Privacy Policy from time to time. You are advised to review this page periodically for any changes.

7. Contact Us

If you have any questions about this Privacy Policy, please contact the developer, Ajay, at:

Email: thecarlosdev@gmail.com