Our Privacy Commitment
At PayPing MY, privacy isn't just a feature—it's the foundation of our entire architecture. We've built our app from the ground up to ensure your financial data stays where it belongs: on your device, under your control.
🔒 Privacy-First Architecture
Your financial transaction data is NEVER stored in the cloud. All transaction amounts, balances, and financial details are stored locally on your device only. Our cloud infrastructure handles notification delivery but never permanently stores your financial information.
1. Information We Collect
1.1 Data Stored Locally on Your Device
The following data is stored ONLY on your device using encrypted local storage (AsyncStorage):
- Transaction Details: Amounts, transaction types (incoming/outgoing), timestamps
- Banking App Information: App names (Touch N Go, MAE, CIMB, etc.)
- Transaction History: Complete record of your notifications
- Balance Information: Calculated balances per app
- Sender/Recipient Data: Names or identifiers from notifications (when available)
Important: This data NEVER leaves your device. It is not backed up to the cloud, not synchronized with our servers, and not accessible to PayPing MY or any third parties.
1.2 Data Stored in Our Cloud Database (Supabase)
We only store the minimum information necessary for app functionality:
- Account Information: Email address, full name, user ID
- Authentication Data: Encrypted passwords (if using email sign-up) or OAuth tokens (if using Google Sign-In)
- Entity/Family Group: Entity name, owner ID, subscription tier
- Device Registration: Firebase Cloud Messaging (FCM) tokens, device IDs, device names
- User Preferences: App toggles (which banking apps to monitor), TTS settings (language, volume), quiet hours configuration
- Subscription Data: Notification quota limits, usage counts (NOT the actual notification content)
- Device Pairing: Temporary 6-character pairing codes (15-minute expiry)
What we DON'T store in the cloud: Transaction amounts, balances, transaction types, or any financial details from your notifications.
1.3 Data That Passes Through (But Is Not Stored)
When sharing notifications across devices, the following data passes through our AWS infrastructure but is NOT permanently stored:
- Parsed notification content (amounts, app names, transaction types)
- Notification metadata (timestamps, device identifiers)
This data is transmitted through AWS API Gateway and SQS queue for delivery to Firebase Cloud Messaging, then immediately deleted. It exists in our infrastructure for seconds only, not permanently.
2. How We Use Your Information
2.1 Local Device Processing
- Parse banking notifications to extract transaction details
- Store transaction history locally for your records
- Generate text-to-speech announcements
- Calculate balances and analytics
- Export data to CSV (data never leaves your device during export)
2.2 Cloud Services
- Authentication: Verify your identity and manage your account
- Multi-Device Sync: Deliver notifications to your paired devices via Firebase Cloud Messaging
- Subscription Management: Track notification quota usage and enforce plan limits
- Device Management: Enable pairing, unpairing, and managing devices in your entity
- Preferences Sync: Synchronize app settings across your devices
2.3 What We DON'T Do
- ❌ We do NOT analyze your transaction patterns
- ❌ We do NOT sell your data to third parties
- ❌ We do NOT use your financial data for advertising
- ❌ We do NOT share your data with banking apps or financial institutions
- ❌ We do NOT provide your data to government agencies (except as legally required by Malaysian law)
3. Data Sharing and Third-Party Services
3.1 Third-Party Service Providers
We use the following trusted third-party services, each with their own privacy policies:
| Service |
Purpose |
Data Shared |
| Supabase (PostgreSQL) |
User authentication, preferences, device tokens |
Email, name, user ID, FCM tokens, preferences |
| Firebase Cloud Messaging (FCM) |
Push notifications to paired devices |
Device tokens, notification content (ephemeral) |
| AWS (API Gateway, SQS, Lambda) |
Notification routing and delivery |
Notification content (ephemeral, not stored) |
| Google Sign-In (Optional) |
OAuth authentication |
Email, name, profile picture (if you choose Google Sign-In) |
3.2 No Advertising or Analytics
PayPing MY does NOT use:
- Google Analytics, Facebook Pixel, or similar tracking
- Advertising networks or data brokers
- Behavioral profiling or targeting
3.3 User-Initiated Exports
If you choose to use optional export features (Pro plan):
- CSV Export: Data stays on your device, you control where it goes
- Google Sheets Integration: You provide the sheet URL, data is sent directly from your device
- Webhooks: You configure the endpoint, data is sent directly from your device
These features are opt-in and under your full control.
4. Data Security
4.1 Technical Security Measures
- Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/TLS encryption
- Local Storage Encryption: Transaction data stored on your device is encrypted using AsyncStorage
- Secure Authentication: Passwords are hashed using industry-standard bcrypt algorithms
- API Security: Device-specific API keys for secure communication
- Row-Level Security (RLS): Database policies ensure users can only access their own entity's data
4.2 Infrastructure Security
- AWS infrastructure with DDoS protection and WAF
- Supabase PostgreSQL with automated backups and replication
- Firebase Cloud Messaging with token-based authentication
- Regular security updates and dependency monitoring
4.3 Access Controls
- Entity-based permissions (only entity owners can manage devices)
- Device-level forwarding controls (toggle notifications per device)
- Automatic session expiration
- Secure device pairing with time-limited codes
5. Data Retention and Deletion
5.1 Local Device Data
- Free Plan: 7 days of transaction history (automatically deleted after 7 days)
- Standard Plan: 30 days of transaction history
- Pro Plan: Unlimited transaction history
You can manually clear your local transaction history at any time from Settings.
5.2 Cloud Data
- Account Data: Retained while your account is active
- Device Tokens: Retained until device is unpaired or token expires
- Pairing Codes: Automatically deleted after 15 minutes
- Usage Metrics: Monthly quota resets automatically
5.3 Account Deletion
You can request account deletion at any time:
- Go to Settings > Account > Delete Account
- All cloud data (profile, preferences, device tokens) will be permanently deleted within 30 days
- Local transaction data on your device is immediately deleted when you uninstall the app
- Notification delivery logs in AWS are automatically deleted after 7 days
6. Your Rights (PDPA Compliance)
Under Malaysia's Personal Data Protection Act 2010 (PDPA), you have the following rights:
6.1 Right to Access
- Request a copy of your personal data stored in our cloud database
- View your transaction history locally on your device at any time
6.2 Right to Correction
- Update your name, email, and preferences in Settings
- Correct inaccuracies in your profile information
6.3 Right to Erasure
- Delete your account and all associated cloud data
- Clear local transaction history from your device
6.4 Right to Data Portability
- Export your transaction history to CSV format
- Request a machine-readable copy of your cloud data
6.5 Right to Withdraw Consent
- Disable notification access at any time in Android settings
- Toggle individual banking apps on/off
- Unpair devices from your entity
To exercise any of these rights, contact us at privacy@payping.my
7. Children's Privacy
PayPing MY is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately so we can delete it.
8. International Data Transfers
Your data is stored and processed in:
- AWS Singapore (ap-southeast-1): API Gateway, SQS, Lambda functions
- Supabase (Singapore region): User database and authentication
- Firebase (Google Cloud): Push notification delivery
We do not transfer data outside of Southeast Asia. All service providers comply with international data protection standards.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect:
- Changes in our data practices
- New features or services
- Legal or regulatory requirements
- User feedback and requests
We will notify you of material changes by:
- In-app notification
- Email to your registered address
- Updating the "Last Updated" date below
Continued use of PayPing MY after changes constitutes acceptance of the updated policy.
11. Compliance and Certifications
PayPing MY is committed to compliance with:
- Malaysia Personal Data Protection Act 2010 (PDPA)
- Bank Negara Malaysia Guidelines on data protection for financial services
- ISO 27001 Information Security Standards (infrastructure providers)
Last Updated: January 15, 2025
Effective Date: January 15, 2025
Version: 1.0