1Introduction
Welcome to Spend Shield ("we", "us", "our"). We operate a multi-tenant Subscription & Expense Tracker SaaS platform, consisting of our Web Dashboard, Mobile Application, and Backend APIs. This Privacy Policy describes how we collect, use, process, and protect your information when you register and interact with our workspace-based tracking services.
2Information We Collect
To provide a secure and reliable platform, we collect the following types of information:
- Account Information: Your email address and cryptographically encrypted password when you register.
- Workspace Data: Workspace titles, team memberships, and collaborator roles (Owner or Member) linked to your organization.
- Subscription & Expense Records: Tracking entries including item names, amounts, due dates, billing cycles, active/paused statuses, and expense categories.
- Technical Metadata: JWT (JSON Web Tokens) generated during sessions, authorization headers, IP addresses, browser agents, and notification channels.
3How We Use Your Information
We utilize the collected data to maintain our service and execute core platform mechanisms:
- Facilitating secure JWT-based workspace logins and restricting unauthorized user types (guest users are strictly barred).
- Providing accurate aggregated dashboards containing total monthly expenses, category-based metrics, and filters.
- Sending automated due-date reminders via email and push notification channels 3 days prior to a subscription's renewal date.
- Processing workspace quotas and limits linked to standard, premium, or team subscription tiers.
4Data Storage, Security, & Encryption
The safety of your critical financial information is our highest priority. We deploy industry-standard precautions:
Spend Shield processes user authentication using strong modern encryption. All passwords are encrypted before database storage. Session authorization is managed via JSON Web Tokens (JWT) using role-based access control, preventing tenants from accessing another workspace's information.
We store workspace elements, memberships, subscription, and expense logs securely using a PostgreSQL relational database. System tasks, notification queues, and real-time reminders are coordinated via Redis and Celery to ensure reliable operations.
5Third-Party Payment Integrations
All subscription payments (Pakistan: PKR pricing, US: USD pricing) are processed securely. Spend Shield integrates directly with JazzCash to handle billing transactions. We do not store or capture raw credit card details or wallet PINs on our servers. JazzCash securely handles payment data, processing monthly plans and long-term prepayments (1 to 3 Years) using secure external APIs.
6Data Retention & Deletion
We retain your workspace records as long as your account remains active. Admins reserve the right to view user accounts, monitor usage limits, or temporarily activate/deactivate accounts in accordance with system resource policies. Should you request to delete your account or workspace, all corresponding user records, subscriptions, expenses, and membership links will be permanently deleted from our active database systems.
7Updates to This Policy
We may modify this privacy policy to reflect platform updates, regulatory shifts, or billing system upgrades. We will notify you of substantial updates via system email or push alerts at least 7 days before changes become effective. Your continued use of the platform constitutes your acknowledgment of the updated policies.
8Contact Information
For inquiries regarding this Privacy Policy, user records, or workspace security protocols, contact us at:
- Email Support: privacy@expenseshield.com
- Mailing Address: Spend Shield Inc., Sector-G, Islamabad, Pakistan / Delaware, USA.