Privacy Policy

Last updated: March 6, 2026

Overview

InboxLedger (“we”, “our”, “us”) is an expense tracking application that helps you track bank transactions via email forwarding and bank statement uploads. This Privacy Policy explains what information we collect, how we use it, and what rights you have over your data.

By using InboxLedger you agree to the practices described in this policy.

How Email Forwarding Works

InboxLedger requests access to your Gmail account using the https://www.googleapis.com/auth/gmail.readonly OAuth scope. Here is exactly what that means:

  • We can read the content of emails in your inbox.
  • We cannot send, delete, modify, or move any email, ever.
  • We cannot access any other Google services (Drive, Calendar, Contacts, etc.).
  • We only scan emails sent from sender addresses that you explicitly configure in Settings (e.g. your bank's alert address).
  • We never scan or read personal, work, or any other emails outside of those configured senders.

InboxLedger’s use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

What Data We Collect and Store

We store only the minimum data required to operate the expense tracking service.

From forwarded bank emails, we extract and store:

  • Transaction amount (e.g. ₹450)
  • Merchant / payee name (e.g. Swiggy)
  • Transaction date and time
  • Transaction type (Debit or Credit)
  • Payment method when present in the email (e.g. UPI, NEFT)
  • A short AI-generated description of the transaction
  • The sender email address (From) and recipient address (To), stored for reference in the transaction detail view
  • A unique Gmail message ID, used to prevent duplicate transactions

We never store:

  • ×The email subject line
  • ×The email body text
  • ×Any email attachment
  • ×Your Gmail password or recovery information
  • ×Any data from emails outside your configured bank senders

The email subject and body are read in memory solely to extract transaction details, then immediately discarded, they are never written to our database or any log file.

Account data we store:

  • Your Google account name, email address, and profile picture (from Google Sign-In)
  • Your unique forwarding token (the identifier in your InboxLedger email address)
  • App settings you configure: bank sender addresses, scan lookback period
  • Categories, merchants, and notes you create within the app

How We Use Your Data

We use your data solely to provide the InboxLedger service:

  • To display your transaction history in your personal dashboard
  • To generate spending analytics (category breakdowns, time trends, top merchants)
  • To auto-categorise transactions using AI (OpenAI)
  • To process forwarded bank emails and extract transaction data

We do not sell your data. We do not share your data with third parties for advertising, marketing, or any purpose other than operating the service.

Third-Party Services

InboxLedger uses the following third-party services to operate:

Google APIs

Gmail readonly access for email scanning; Google OAuth for authentication.

Privacy Policy →

OpenAI

AI classification of transaction emails. We send only the extracted transaction text (not your full email) to OpenAI for categorisation. OpenAI does not use API inputs for training by default.

Privacy Policy →

MongoDB Atlas

Database storage for your transaction data and account information.

Privacy Policy →

Data Retention

Your data is retained for as long as you have an active InboxLedger account. You can delete all your data at any time from Settings → Danger Zone → Clear all data. This permanently removes all transactions, categories, merchants, and your account record from our database.

You can also revoke InboxLedger’s Gmail access at any time from your Google Account permissions page. Revoking access will stop all future email scanning immediately.

Security

We take reasonable technical and organisational measures to protect your data:

  • OAuth tokens are stored encrypted in our database
  • All data is transmitted over HTTPS
  • Access to production systems is restricted to authorised personnel
  • We do not log email content at any point in our pipeline

Your Rights

You have the right to:

  • Access all data we hold about you (your dashboard shows everything)
  • Export your transaction data (Settings → Export)
  • Delete all your data permanently (Settings → Danger Zone)
  • Stop email forwarding at any time by deleting your Gmail filter
  • Contact us with questions or concerns about your data

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the app or by email. The “Last updated” date at the top of this page reflects the most recent revision.

Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us at privacy@getinboxledger.com.