Privacy Policy

Interpretation and Definitions

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

• Account means a unique account created for You to access our Service.
• Application refers to Solicit Monthly, the mobile application provided by the Company.
• Company (referred to as "the Company", "We", "Us" or "Our") refers to Karthikraj Kumaresan, operating as a sole proprietor from Tamil Nadu, India.
• Country refers to Tamil Nadu, India.
• Device means any device that can access the Service such as a mobile phone or tablet.
• Personal Data is any information that relates to an identified or identifiable individual.
• Service refers to the Application.
• Service Provider means any third-party company or individual employed by the Company to facilitate the Service or assist the Company in analysing how the Service is used.
• Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
• You means the individual accessing or using the Service.

Collecting and Using Your Personal Data

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. This includes:

• Email address (required for authentication via Supabase Auth)

Financial Data

The core functionality of the Service involves recording financial information that You voluntarily enter:

• Borrower details (names, phone numbers, addresses — this is borrower data You enter, not Your personal data)
• Loan records (principal amounts, interest rates, start dates, repayment events)
• Expense records (amounts, categories, dates)

Usage Data

Usage Data is collected automatically when using the Service. This may include Your Device's Internet Protocol address, device type, operating system version, unique device identifiers, and diagnostic data for crash reporting.

Device-Local Data

Biometric authentication data (fingerprint or face recognition templates) is stored exclusively on Your device's secure enclave and is never transmitted to Our servers.

Use of Your Personal Data

The Company uses Personal Data for the following purposes:

• To provide and maintain the Service, including account management and core lending functionality.
• To manage Your Account and provide access to features available to registered users.
• To contact You with one-time authentication codes and security alerts.
• To improve the Service through usage analysis, crash reporting, and performance monitoring.

Sharing Your Personal Data

We do not sell, trade, or rent Your personal information. The Service is a single-user tool — there are no collaboration or sharing features that expose Your data to other users.

We may share Your data only in the following limited circumstances:

• With Service Providers: Supabase (authentication, database, and cloud infrastructure). Supabase processes data solely for the purpose of delivering their service. Your application data is isolated by row-level security policies.
• For legal compliance: When required by law, court order, or government request, or to protect the rights, property, or safety of the Company, its users, or the public.

Retention of Your Personal Data

The Company retains Your Personal Data for as long as Your account remains active and as necessary to provide the Service to You.

Accounts that have had no login activity for a continuous period of 24 months may be classified as inactive. We reserve the right to delete inactive accounts and all associated data after this period, though we may attempt to notify You at Your registered email address before doing so.

We will also retain Your data to the extent necessary to comply with legal obligations, resolve disputes, and enforce our agreements. Usage Data is generally retained for a shorter period except when used to strengthen security or improve functionality.

Delete Your Personal Data

You have the right to request deletion of the Personal Data that We have collected about You. You may exercise this right by:

• Submitting a request through our data deletion request form
• Emailing us at [email protected]

Upon receiving a verified deletion request, We will delete Your account and all associated Personal Data and financial records from Our active systems within 30 days. Residual copies in encrypted backups will be purged within 90 days as part of routine backup rotation.

Please note that We may need to retain certain information where We have a legal obligation to do so, such as for tax, legal reporting, or auditing purposes. Any such retained data will be limited to the minimum necessary and will not be used for any other purpose.

Transfer of Your Personal Data

Your information, including Personal Data, is processed on servers operated by Our Service Provider (Supabase) which may be located outside Your jurisdiction. By using the Service, You consent to such transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy.

Security of Your Personal Data

• All data is encrypted in transit using HTTPS/TLS
• Data is stored on Supabase infrastructure with encryption at rest (managed PostgreSQL)
• Row-Level Security (RLS) ensures each user can only access their own data
• Authentication is managed by Supabase Auth with industry-standard security
• Session tokens are stored in the device's native keychain
• Biometric credentials never leave Your device

While We strive to use commercially acceptable means to protect Your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

Disclosure for Legal Reasons

The Company may disclose Your Personal Data if required to:

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users of the Service or the public
• Protect against legal liability

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

Changes to This Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

• Email: [email protected]
• Support: [email protected]
• Address: 5/128 Edaiyapatty, Vellodu (R), Vedasandur, Dindigul, Tamil Nadu 624620, India