Privacy promise

Your statements are processed securely and automatically deleted after your session ends.

This page is the plain-English version of how LabhPay handles your data. If anything below ever changes, we’ll say so clearly — not bury it in a 40-page policy.

What we keep (briefly)

· Your phone number and a randomly generated user ID
· Your settings: language, notifications, Private Mode preference
· Anonymous, aggregate analytics with no amounts or merchants

What we never keep

· Your uploaded PDFs
· Extracted transactions, merchants, or amounts
· Card numbers, full or otherwise
· OCR text, model prompts, or generated insights
· Chat history with the LabhPay Assistant

The lifecycle

How your data lives. And ends.

Encrypted in transit

TLS everywhere. Your PDF leaves your device encrypted and arrives encrypted.

Encrypted at rest, briefly

Statements live in volatile memory and an encrypted cache with a 30-minute timer. A per-session AES-GCM key wraps everything.

Deleted on exit

Logout, session expiry, inactivity, or analysis-complete (in Private Mode) — pick any one and your data is gone.

Security

The boring details that matter most.

AES-GCM at rest, TLS in transit
Card numbers masked at extraction — never logged, never sent to a model
Strict rate limits on OTP, uploads and the Assistant
PII-scrubbing logger — even our own errors don't leak your data
Hashed refresh tokens, rotating server secrets
Row-level security on every account record

Our promises

We will never —

· Train any model on your financial data.
· Sell, share or resell your transactions to anyone.
· Use your statements to target you with ads.
· Build a profile about you for any third party.
· Move money on your behalf. LabhPay is read-only intelligence.