← Back to BridgeBanks360

Privacy Policy

Last Updated: March 4, 2026

BridgeBanks360 ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personal finance management application.

1. Information We Collect

1.1 Personal Information

We collect information that you provide directly to us:

• Account Information: Email address and name
• Profile Information: Optional profile details and preferences
• Financial Data: Bank statements, transaction details, and financial summaries that you upload

1.2 Gmail Integration (Optional)

If you choose to connect your Gmail account for automated transaction extraction:

• OAuth Access: We use Google OAuth 2.0 to securely access your Gmail account
• Email Data: We read emails from financial institutions to extract transaction information and add those transactions directly to your records in our database
• No Statement Upload Required: When using Gmail verification, bank statements are not required - we extract transaction details from emails only
• Scopes: We only request read-only access to Gmail messages (gmail.readonly scope)
• Storage: OAuth tokens are encrypted and stored securely; extracted transaction data is added to your database records
• Control: You can disconnect Gmail access at any time from your profile settings

1.3 Automatically Collected Information

• Usage Data: Pages visited, features used, and time spent on the application
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and preference storage

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide and maintain our expense tracking and financial management services
• Transaction Processing: To analyze bank statements and categorize transactions
• Gmail Scanning: To automatically extract transaction details from email statements
• Analytics: To generate spending insights, budgets, and financial reports
• Account Management: To manage your account and provide customer support
• Security: To detect and prevent fraud, unauthorized access, and security incidents
• Improvements: To improve our services and develop new features

3. Data Storage and Security

We understand that your financial data is among the most sensitive information you can share with any service. We have built BridgeBanks360 from the ground up with a security-first mindset. Below is a transparent, comprehensive account of every security measure we have implemented — written so that both technical and non-technical users can fully understand and trust how we protect your data.

3.1 Bank Statement & File Upload Security

When you upload a bank statement (PDF, Excel, or CSV), here is exactly what happens:

• Encrypted Transit: Your file travels from your browser to our servers over HTTPS with TLS 1.3 — the same encryption used by major banks. No one on the network between you and us can read the file.
• In-Memory Processing Only: Your statement is parsed entirely in server memory. The raw file bytes are never written to the server's filesystem as a plain file. Processing happens in RAM and is discarded immediately after transaction extraction is complete.
• No Long-Term File Retention: We do not retain a copy of your original PDF or spreadsheet after processing. Only the extracted transaction records (date, amount, merchant, category) are stored — not the original document.
• Secure Cloud Storage for Exports: When you explicitly request a PDF export of your narrative report, that generated PDF is uploaded to Google Cloud Storage in a private, non-public bucket with AES-256 server-side encryption. Access is via short-lived signed URLs (valid 1 hour only) tied to your authenticated session.

3.2 Encryption at Rest — AES-256 Everywhere

• Database: Google Cloud SQL automatically encrypts all data at rest using AES-256. Even if storage disks were physically removed, they would contain only unreadable ciphertext.
• File Storage: All files in our Google Cloud Storage buckets use AES-256 server-side encryption by default.
• OAuth Tokens: Your Google OAuth tokens (optional Gmail integration) are stored encrypted — never written to logs or any medium in plaintext.
• Backups: All automated daily database backups are also encrypted at rest with AES-256.
• Secrets Vault: Application secrets, API keys, and database passwords are stored in Google Secret Manager with hardware-level encryption. These are never hard-coded in source code.

3.3 Encryption in Transit — TLS 1.3

• TLS 1.3 Only: All HTTP traffic uses TLS 1.3 with perfect forward secrecy. TLS 1.2 and below are not accepted.
• HTTPS Everywhere + HSTS: HTTP requests are automatically redirected to HTTPS. Our domain uses HTTP Strict Transport Security (HSTS) to prevent downgrade attacks.
• Private Database Connection: Traffic between our application and Cloud SQL travels exclusively over a private VPC IP — it never touches the public internet.
• Time-Limited Signed URLs: URLs granting access to files expire after 1 hour and are cryptographically signed — they cannot be guessed or forged.

3.4 Password Security

• Never Stored in Plaintext: Your actual password is never stored anywhere — not in the database, not in logs.
• bcrypt Hashing with Salt: Passwords are hashed using bcrypt — a deliberately slow algorithm designed to make brute-force attacks extremely expensive. Each hash includes a unique cryptographic salt, preventing rainbow table attacks.
• Password Change Invalidates All Sessions: Changing your password immediately invalidates all existing session tokens on every device.

3.5 Mandatory Two-Factor Authentication (2FA)

• Mandatory for All Users: Two-factor authentication is required, not optional. Even if someone obtains your password, they cannot log in without your physical authenticator device.
• TOTP Standard (RFC 6238): We use Time-based One-Time Passwords compatible with Google Authenticator, Authy, and Microsoft Authenticator. Codes refresh every 30 seconds.

3.6 Session Security

• HMAC-Signed Cookies: Session cookies are signed with HMAC-SHA256 — any tampering is immediately detected and rejected.
• HttpOnly + Secure Flags: Cookies are flagged so JavaScript cannot read them (blocking XSS theft) and they are only transmitted over HTTPS.
• Session Expiry: Sessions automatically expire after inactivity (8 hours) and require fresh login.

3.7 Database Security

• No Public IP: Our Cloud SQL instance has no public internet endpoint. It is reachable only via private VPC IP — impossible to connect to from the public internet regardless of credentials.
• Parameterised Queries: Every database query uses parameterised statements. Raw user input is never interpolated into SQL, completely preventing SQL injection attacks.
• User-Level Data Isolation: Every query includes a user_id filter taken from the verified session — never from the request body. It is architecturally impossible for one user to query another user's data.
• Least Privilege Database User: The application's database account has only the permissions it needs — it cannot drop tables or modify schemas.

3.8 Network & Infrastructure Security

• Google Cloud VPC Isolation: All infrastructure runs in a dedicated Virtual Private Cloud, isolated from other cloud tenants.
• Serverless (Cloud Run): Our application runs as ephemeral containers with no persistent filesystem. Each request starts in a fresh environment, limiting the impact of any hypothetical exploit.
• DDoS Protection: Google Cloud Armor provides infrastructure-level DDoS mitigation before traffic reaches our application.
• Domain Access Restriction: Only requests from bridgebanks360.com are served. Direct access via Cloud Run URLs is blocked for all user-facing pages.
• India Data Residency: All servers, database, and storage are in Mumbai, India (asia-south1). Your data never leaves India.

3.9 Application-Level Security

• CSRF Protection: All state-changing requests are verified to originate from our domain.
• XSS Prevention: All HTML rendering auto-escapes user-provided content. User input is sanitised before storage.
• Rate Limiting: Login attempts, OTP validation, and sensitive API endpoints are rate-limited with lockout periods to prevent brute-force attacks.
• Security Headers: Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy headers are set on all responses.
• Scanner Bot Blocking: Automated vulnerability scanners (WordPress probes, PHP exploits, etc.) are detected and blocked at the application layer.
• Secrets in Vault Only: All credentials are in Google Secret Manager — never in source code or environment files committed to version control.

3.10 Security Monitoring & Incident Response

• Real-Time Alerts: Google Cloud Monitoring alerts fire immediately for unusual access patterns, error spikes, or suspicious activity.
• Audit Logging: All administrative actions are logged with timestamps, user IDs, and IP addresses. Infrastructure-level audit logs (Secret Manager access, database configuration changes) are retained separately.
• Data Breach Notification: In the unlikely event of a data breach, we will notify affected users within 72 hours with details of what was affected and the steps we are taking.

3.11 Why You Can Trust BridgeBanks360 With Your Data

• Zero Data Sales: We have never sold user data. Our business model does not involve monetising your information.
• Minimal Data Principle: We store only the transaction data needed for analytics — not raw statement files, not your bank credentials (we never ask for them).
• Your Control: You can delete your account and all data at any time. Data export is available so you can take your data with you.
• Google Cloud Infrastructure: Our platform runs on Google Cloud — ISO 27001, SOC 2, and PCI DSS certified infrastructure used by the world's most security-conscious organisations.
• Defence in Depth: We do not rely on any single security measure. Encryption at rest + in transit + MFA + private database + parameterised queries + session security + rate limiting + monitoring all work together. Compromising one layer does not compromise user data.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share specific information
• Service Providers: With trusted third-party service providers who assist in operating our platform (e.g., Google Cloud Platform, email services)
• Legal Requirements: When required by law, court order, or government request
• Security: To protect the rights, property, or safety of BridgeBanks360, our users, or others
• Business Transfers: In connection with any merger, sale, or transfer of company assets

5. Gmail API Services User Data Policy

BridgeBanks360's use of information received from Gmail APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.

5.1 Gmail Data Usage

• We only access emails from financial institutions to extract transaction data
• Gmail data is used solely for providing transaction tracking services
• We do not use Gmail data for advertising or marketing purposes
• Gmail data is not shared with third parties except as required for service operation
• You can revoke Gmail access at any time through your profile settings

5.2 Data Retention for Gmail

• Extracted transaction data is retained as part of your financial records
• OAuth access tokens are stored until you disconnect Gmail integration
• Email scanning logs are retained for 7 days for troubleshooting

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Export: Download your financial data in a portable format
• Gmail Disconnection: Revoke Gmail access at any time
• Opt-out: Unsubscribe from marketing communications

7. Data Retention

• Active Accounts: Data is retained as long as your account is active
• Account Deletion: Upon account deletion, personal data is removed within 30 days
• Legal Compliance: Some data may be retained longer if required by law
• Backups: Backup copies may persist for up to 90 days

8. Cookies and Tracking

We use cookies and similar tracking technologies for:

• Authentication: Session cookies to keep you logged in
• Preferences: Storing your settings and preferences
• Analytics: Understanding how you use our service

You can control cookies through your browser settings, but this may affect functionality.

9. Third-Party Services

Our application integrates with the following third-party services:

• Google Cloud Platform: Infrastructure and hosting
• Google Gmail API: For optional email scanning feature
• Google OAuth 2.0: For secure authentication

These services have their own privacy policies, which we encourage you to review.

10. Children's Privacy

BridgeBanks360 is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification (for significant changes)

Your continued use of BridgeBanks360 after changes are posted constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

Effective Date: March 4, 2026
Version: 2.0