Finpersona
FeaturesTax savingsEventsFor BusinessNewFor advisorsBlog
PDPA Compliant · Malaysia

Privacy Policy

Last updated: 1 March 2026

Contents

  • 1. Introduction
  • 2. Information We Collect
  • 3. How We Use Your Information
  • 4. Data Sharing and Disclosure
  • 5. Data Security
  • 6. Data Retention
  • 7. Your Rights Under PDPA
  • 8. Cookies and Tracking
  • 9. Children's Privacy
  • 10. Third-Party Links
  • 11. Changes to This Policy
  • 12. Contact Us

1. Introduction

Finpersona ("we", "us", or "our") is operated by Aexlora Sdn Bhd, a company incorporated in Malaysia. We are committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Finpersona mobile application and website (collectively, the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following categories of personal data:

2.1 Account Information — When you register, we collect your name, email address, and password (stored as a secure hash). You may optionally provide your phone number and profile photo.

2.2 Financial Information — Income details you enter, expense data from receipts you scan, bank transaction data if you connect a bank account, EPF and insurance contribution information, and LHDN tax relief category data.

2.3 Usage Data — Device information, app usage logs, IP address and approximate location, and crash reports.

2.4 Receipt Images — When you scan receipts, we temporarily process images using OCR to extract merchant name, date, amount, and items. Images are not permanently stored after extraction unless you explicitly save them.

3. How We Use Your Information

We use your personal data for the following purposes:

Core Service Delivery — To provide expense tracking, tax relief calculation, split bill functionality, and budgeting features. To calculate your estimated LHDN tax liability and identify eligible tax relief.

Service Improvement — To analyze usage patterns, debug errors, and develop new features.

Communications — To send important service notifications and respond to support inquiries. With your consent, to send product updates.

Legal Compliance — To comply with applicable Malaysian laws and respond to lawful requests from government authorities.

We do NOT sell, rent, or trade your personal data to third parties for marketing purposes. We do NOT use your financial data for advertising profiling.

4. Data Sharing and Disclosure

We share your data only in the following limited circumstances:

Service Providers — Trusted third-party providers to operate our infrastructure (cloud hosting, OCR processing, analytics). These providers are contractually bound to protect your data.

Legal Requirements — We may disclose your data if required by Malaysian law, court order, or government authority, including LHDN if legally compelled.

Business Transfer — If Finpersona is acquired or merged, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

With Your Consent — We may share data with third parties when you explicitly authorize us to do so.

We never share your data with advertisers or data brokers.

5. Data Security

We implement industry-standard security measures to protect your personal data:

• Encryption in Transit — All data transmitted between the app and our servers uses TLS 1.3 encryption. • Encryption at Rest — Sensitive financial data is encrypted using AES-256. • Access Controls — Strict role-based access controls limit who within our team can access user data. • Security Audits — We conduct regular security assessments and vulnerability testing. • No Plain-Text Passwords — Passwords are hashed using bcrypt and never stored in readable form.

No method of electronic transmission or storage is 100% secure. We encourage you to use a strong password and enable two-factor authentication.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service.

If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by Malaysian law (financial records may be retained for up to 7 years for tax compliance purposes).

Receipt images are processed in memory and not retained beyond the OCR extraction session unless you explicitly save a receipt to your account.

7. Your Rights Under PDPA

Under the Personal Data Protection Act 2010 (Malaysia), you have the following rights:

Right of Access — You may request a copy of the personal data we hold about you.

Right of Correction — You may request that we correct inaccurate or incomplete personal data.

Right to Withdraw Consent — Where processing is based on consent, you may withdraw consent at any time.

Right to Limit Processing — You may request that we limit how we use your data in certain circumstances.

Right to Data Portability — You may request an export of your data in CSV/JSON format.

Right to Erasure — You may request deletion of your account and associated personal data, subject to legal retention obligations.

To exercise any of these rights, contact us at privacy@finpersona.com. We will respond within 21 days.

8. Cookies and Tracking

Our website uses cookies and similar technologies to maintain your login session, remember your preferences, analyze website traffic using anonymized analytics, and detect fraudulent activity.

You can control cookies through your browser settings. Disabling cookies may affect certain features. We do not use third-party advertising cookies.

9. Children's Privacy

Finpersona is not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, contact us at privacy@finpersona.com immediately.

10. Third-Party Links

Our Service may contain links to third-party websites (such as LHDN's e-Filing portal or bank websites). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email (at least 14 days before the change takes effect) and an in-app notification.

Your continued use of the Service after the effective date constitutes acceptance of the revised policy.

12. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: privacy@finpersona.com Company: Aexlora Sdn Bhd, Malaysia

For PDPA complaints we cannot resolve, you may lodge a complaint with the Personal Data Protection Department (JPDP) of Malaysia.

View Terms of Service →← Back to Finpersona
Finpersona

AI-native personal finance platform.

Product

Tax savingsMarketplaceEventsAll featuresFor BusinessFor advisors

Company

BlogCareers

Legal

PrivacyTermsSecurityContact
© 2026 Finpersona · Built by Aexlora Sdn Bhd (1668346-X)Not affiliated with any tax authority. Always verify with LHDN directly.