Skip to content

Privacy Policy

Last updated: June 28, 2026

At Glitchverse Technologies Pvt Ltd, operating under the brand name "Finest", we are committed to protecting your ("User") privacy. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information through our website, mobile applications, and other digital platforms (collectively referred to as the "Platform") in accordance with applicable laws and regulations, including India's Digital Personal Data Protection Act, 2023 (the "DPDP Act").

1. Acceptance of the Privacy Policy

By accessing or using our Platform, signing up for, or utilizing our products, services, content, features, technologies, or functions offered on our Platform and all related sites, applications, and services (collectively, "Services"), you agree to the terms of this Privacy Policy.

2. Information We Collect

We collect information you provide to us, information generated through your use of the Platform, and information you choose to connect through optional integrations.

  • Account information: Information you provide when you sign up or contact us, such as your name, email address, and any other details you choose to share.
  • Connected account data (optional):If you choose to connect an account (for example, Gmail for statement sync), we request read-only access (Gmail's "readonly" scope) and collect only the data needed to provide the feature you requested, such as financial statements and related metadata. We do not request permission to send, modify, or delete your emails, and we do not ask for your email password. See "Google User Data and Limited Use" below.
  • Support communications: Information you send to our support team (for example, emails, chats, or attachments) so we can respond and troubleshoot.
  • Device and log data: Technical information such as IP address, browser type, pages accessed, and timestamps, which help us operate and secure the Platform.
  • Cookies and similar technologies:We use essential cookies (for example, session cookies) for authentication, security, and basic preferences. See "Data Collection Devices" below.

We do not intend to collect information unrelated to providing the Services, and we aim to minimize the information we access through integrations.

3. Use of Your Information

We use your information to provide, operate, and improve the Services, including to:

  1. Provide the Services you request and customer support.
  2. Authenticate users, prevent abuse, and secure accounts and systems.
  3. Operate integrations you enable (for example, syncing statements you authorize).
  4. Communicate with you about the Services (service notices, updates, and changes).
  5. Send marketing or promotional communications where permitted; you can opt out of marketing emails at any time.
  6. Improve and personalize the Services, including by debugging, testing, and analyzing usage patterns in aggregate.
  7. Comply with legal obligations and enforce our Terms.

4. Disclosure of User Information

We do not sell or rent your personal information to third parties. However, we may disclose your information to:

  1. Service providers that help us operate the Platform (for example, hosting, automated document processing and enterprise AI services such as Microsoft Azure, customer support, email delivery, and security services), under contractual obligations to protect your information.
  2. Third parties you direct us to share with (for example, when you enable an integration or request data export).
  3. Authorities or other parties where required to comply with law, respond to lawful requests, or protect rights, safety, and security.
  4. A successor entity in connection with a merger, acquisition, or asset sale (we will take steps to ensure continued protection of your information).

5. Google User Data and Limited Use

If you connect your Gmail account, Finest requests read-only access (Gmail's "readonly" scope) for the sole purpose of locating and importing financial statements and related documents on your behalf. We do not request permission to send, modify, or delete your emails.

Finest's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. In particular:

  • We use Google user data only to provide and improve the statement-sync feature you requested.
  • We do not use Google user data for advertising, and we do not sell or rent it.
  • We do not transfer Google user data to others except as necessary to provide this feature, to comply with applicable law, or in connection with a merger or acquisition with equivalent protections in place.
  • We do not use Google user data to train generalized or non-personalized artificial intelligence or machine-learning models.
  • Humans do not read your Google user data except where you give specific consent, where it is necessary for security or to comply with law, or where the data has been aggregated and de-identified for internal operations.

You can revoke Finest's access to your Google account at any time from your account settings or from your Google Account permissions page.

6. Data Storage and International Transfers

We store your personal and financial information on cloud infrastructure provided by Microsoft Azure, primarily in data centres located in India (the Central India region). Your information is encrypted in transit and at rest.

Some processing — for example, the automated extraction of information from your statements using enterprise AI services — may be carried out by our service providers in other regions. Where information is transferred or processed outside India, we take steps designed to ensure it continues to receive protection consistent with this Privacy Policy and applicable law, and we do not transfer personal data to any country or territory restricted by the Government of India under applicable law.

7. Data Collection Devices

We use cookies and similar technologies to help the Platform function and remain secure. You can control cookies through your browser settings, but disabling certain cookies may limit features (for example, staying signed in).

8. Data Retention

We retain personal information only for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. If you request deletion of your account or data, we will delete or de-identify information where feasible, subject to legal and operational retention requirements.

9. Your Choices and Rights

Depending on your location and the Services you use, you may have the right to access, correct, update, or delete your information, to withdraw consent, and to export your information. Under the DPDP Act, you also have the right to nominate another individual to exercise these rights on your behalf in the event of your death or incapacity, as well as the right to grievance redressal. You can also:

  • Opt out of marketing emails using the unsubscribe link in those messages.
  • Revoke access to connected accounts (for example, Gmail) through your account settings or provider settings.
  • Request help or data actions by contacting us at [email protected].

10. Data Breach Notification

In the event of a personal data breach, we will take prompt steps to assess and contain it, and we will notify the Data Protection Board of India and affected users as required under the DPDP Act and other applicable law.

11. Third-Party Links

Our Platform may contain links to other platforms that may collect personally identifiable information. We are not responsible for the privacy practices or the content of those linked platforms.

12. Grievance Officer

For any grievances or questions regarding the processing of information or this Privacy Policy, please contact our Grievance Officer:

If your concern is not resolved to your satisfaction, you may escalate it to the Data Protection Board of India in accordance with the DPDP Act.

13. Amendments to this Policy

We reserve the right to amend, modify, or upgrade this Privacy Policy at our sole discretion, at any time. Any such changes will be effective immediately upon posting a revised version on the Platform. It is your responsibility to review the Privacy Policy periodically to stay informed about any updates. Your continued use of the Platform or Services following the posting of the revised version constitutes your acceptance of the updated terms. If you do not agree with any modifications, you must discontinue using the Platform and Services.

14. Security and Data Protection

We prioritize the security of your information and use administrative, technical, and organizational safeguards designed to protect it from unauthorized access, disclosure, alteration, or destruction.

Data transmitted between your device and our Platform is protected using encryption in transit (for example, TLS). We also use encryption at rest where supported by our storage providers and design the Platform to limit access to authorized personnel and systems.

If you enable email-based statement sync, we use automated processes to extract relevant information from financial documents you import or authorize us to sync, such as supported bank, card, mutual fund, and demat statements. You can revoke access to connected accounts at any time.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to continuously improve our safeguards.

15. Children's Privacy

The Platform is not intended for children, and we do not knowingly collect personal information from individuals under 18. If you believe a child has provided us personal information, please contact us so we can take appropriate steps.