Login options: Google Sign-In or Email + Password (verified via email).
Phone-number OTP login is disabled.
We never read your SIM contacts; any phone no. used during payments goes only to Razorpay for receipts.
FinWorkar (operated by Rajkumar Lahare) (“FinWorkar”, “we”, “us”) provides the FinWorkar mobile application (“App”). This policy explains what personal data we collect, why, how we store/share it, how long we keep it, and the rights you have—fully aligned with Google Play’s Data Safety requirements, GDPR, CCPA, and India’s DPDP Act 2023.
| Category | Specific data | How we obtain it |
|---|---|---|
| Account & Profile | Name, email, profile photo | Provided by you (Google Sign-In or email sign-up) |
| Authentication | Firebase UID, hashed password (email sign-up), FCM device token | Generated automatically |
| Location | Precise & coarse coordinates | Via Android Location permission |
| User Content | Post photos, descriptions, comments, call summaries | You create in-app |
| Audio | Microphone input for live VoIP calls (never recorded) | Captured only during a call |
| Files & Media | Images you pick via gallery or camera | User-initiated |
| Payments & Wallet | Order ID, phone no., amount, status, wallet balance, UPI intent result | Via Razorpay SDK + backend webhook (during top-ups / memberships) |
| Usage & Diagnostics | Crash logs, ANRs, network performance | Sent by Firebase & tooling |
| Advertising | Ad ID, impressions, clicks | Collected by Google AdMob SDK |
| Deleted Account Info | Email, Firebase UID, deletion timestamp | Saved on account deletion |
We do NOT collect contacts, SMS, clipboard, or biometric templates.
Legal bases (GDPR): Contract | Legitimate Interests | Consent.
| Provider | Purpose | Data shared |
|---|---|---|
| Google Firebase | Auth, hosting, Firestore, push, Analytics / Crash Reporting | Account data, device tokens, posts, crash logs |
| Google Sign-In | Federated login | ID token, name, email, photo |
| Google AdMob | Ads monetisation | Advertising ID, coarse location |
| Razorpay | Payments & refunds | Order ID, phone no., amount, email, status |
| Agora RTC | Real-time voice transport | Ephemeral audio packets |
| Google Maps API | Geocoding & suggestions | Lat/long you provide |
We request EU user consent for personalised ads at first launch. Change anytime in Settings → Ads Preferences.
No behavioural analytics—only anonymised crash/ANR metrics.
| Permission | Purpose |
|---|---|
| INTERNET, ACCESS_NETWORK_STATE | Backend connectivity |
| ACCESS_FINE_LOCATION | Nearby job discovery & tagging |
| RECORD_AUDIO | Voice calls |
| POST_NOTIFICATIONS | Alerts (calls, payments) |
| FOREGROUND_SERVICE_MICROPHONE, USE_FULL_SCREEN_INTENT | Incoming-call UI |
| CAMERA | Take photos while posting |
| READ_EXTERNAL_STORAGE (≤ API 28) | Select images from gallery |
| WRITE_EXTERNAL_STORAGE (maxSdkVersion = 28) | Legacy write support |
| WAKE_LOCK, VIBRATE | Keep screen awake, vibrate alerts |
From Android 10 onward we use scoped storage; only files you pick are accessed.
We never sell your personal information.
| Data | Retention period |
|---|---|
| Account & profile | Until deletion or 24-months inactivity |
| Posts & images | Deleted immediately on user request |
| Wallet & payment logs | 5 years (statutory) |
| Call metadata | 12 months |
| Crash logs | 90 days |
| Deleted Account Info | Kept only to block abuse; purged when no longer needed |
Access, correct, port, or delete your data any time via Settings → Privacy or email us. We respond within 30 days. EU/UK users may complain to their local DPA.
Delete your account in-app (Profile → Navigation Drawer → Delete Account) or via this page. Most data is erased instantly and irreversibly; we retain only payment records (5 yrs) and a minimal “deletedAccounts” entry (email & UID) to prevent benefit abuse.
VoIP calls are provided via Agora RTC. Audio is transmitted in real-time and never stored. We do not access your SIM call logs or contacts.
No system is 100 % secure—protect your credentials.
The App is not intended for children under 13. If we discover such data, we delete it promptly.
Data is stored on Google Cloud (Mumbai & US-Central). EU transfers rely on SCCs; DPDP Act 2023 compliance in India.
Material changes will be announced 30 days in advance via in-app notice or email.
Email: finworkar@gmail.com
Address: Singhansara, Sakti, District Sakti, Chhattisgarh 495689, India
Website: fin-workar.web.app
Support hours: Mon–Sat, 10 AM – 6 PM IST (24–48 h response).
| Data type | Collected | Shared with | Encrypted in transit | User can delete? |
|---|---|---|---|---|
| Name, email, photo | ✔︎ | Google LLC | ✔︎ | ✔︎ |
| Hashed password (email users) | ✔︎ | — | ✔︎ | Delete account |
| Precise location | ✔︎ | — | ✔︎ | ✔︎ |
| Audio (mic) | ✔︎ | — | ✔︎ (real-time) | N/A |
| Financial info | ✔︎ | Razorpay | ✔︎ | Statement / delete acct |
| Ad IDs & analytics | ✔︎ | Google AdMob | ✔︎ | Opt-out Ads |
| Crash logs | ✔︎ | Firebase | ✔︎ | — (anon.) |
| Deleted Account Info | ✔︎ | — | ✔︎ | — (retained to block abuse) |