← Back to Home

Privacy Policy

Last updated: 2/1/2026

1. Introduction

Welcome to Food Expense Tracker. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our service.

2. Information We Collect

2.1 Gmail Data

When you connect your Gmail account, we access:

  • Email messages from Swiggy and Zomato to extract order information
  • Order details including date, amount, restaurant name, and items ordered

We only read emails from food delivery services (Swiggy and Zomato) and do not access any other emails in your inbox.

2.2 Local Storage

We store the following data in your browser's local storage:

  • Gmail access tokens (for authentication)
  • Extracted food order data
  • User preferences

3. How We Use Your Information

We use your information to:

  • Extract and display your food delivery order history
  • Calculate your total spending on food delivery services
  • Provide analytics and insights about your spending patterns
  • Improve our service and user experience

4. Data Storage and Security

Your data is stored locally in your browser and is never sent to our servers or any third-party services except Google's Gmail API for authentication and email access.

We use OAuth 2.0 for secure authentication with Google. Your Gmail password is never shared with us.

4.1 Data Protection Mechanisms

We implement the following security measures to protect your sensitive data:

  • Encryption in Transit: All data transmitted between your browser and Google's servers uses HTTPS/TLS encryption to prevent interception or tampering.
  • Secure Token Storage: OAuth 2.0 access tokens and refresh tokens are stored in browser localStorage with same-origin policy protection, ensuring only our application can access them.
  • Client-Side Processing: All email parsing and data extraction occurs entirely in your browser. Email content is never transmitted to external servers.
  • Minimal Data Retention: We only extract and store essential order information (date, amount, restaurant, items). Full email content is not retained.
  • Scoped API Access: Gmail API access is limited to read-only permissions for emails matching specific filters (from:swiggy.in, from:zomato.com). We cannot send emails or access other account data.
  • Token Expiration: Access tokens automatically expire and are refreshed using secure OAuth 2.0 flows. Users can revoke access at any time through Google Account settings.
  • No Server-Side Storage: We do not maintain any databases or server-side storage of your personal information, Gmail data, or authentication credentials.
  • Automatic Data Clearing: All locally stored data is automatically cleared when you log out or revoke access permissions.
  • Security Audits: Our codebase follows industry best practices for secure web application development and is regularly reviewed for security vulnerabilities.

5. Data Sharing

We do not sell, trade, or share your personal information with third parties. The only external service we use is:

  • Google Gmail API: To access your food delivery order emails
  • Vercel Analytics: Anonymous usage statistics (no personal data)

6. Your Rights

You have the right to:

  • Access your data stored in the application
  • Delete your data by logging out and clearing browser storage
  • Revoke Gmail access at any time through your Google Account settings
  • Request information about how your data is used

7. Cookies and Tracking

We use browser local storage for essential functionality. We use Vercel Analytics for anonymous usage statistics to improve our service.

8. Third-Party Services

Our application uses:

  • Google Gmail API: Subject to Google's Privacy Policy
  • Vercel: For hosting and analytics

9. Children's Privacy

Our service is not intended for users under the age of 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us through our support channels.