Privacy Policy

Overview

Pangolog is an offline-first, privacy-first expense tracker. Your financial data never leaves your device unless you explicitly enable Google Drive sync, in which case it is stored in your own Google Drive account - not on our servers.

Your data storage

We collect no personal data. All transaction records, categories, and settings are stored locally in your browser's IndexedDB storage on your device.

If you connect to Google Drive, we store a session token in an encrypted HTTP-only cookie (valid for 30 days) solely to facilitate token refresh. Your Google email address is stored locally on your device and displayed in Settings. No data is transmitted to or stored on Pangolog servers.

Google Drive sync

Google Drive sync is entirely optional. When enabled, your data is synced directly to a Pangolog/ folder in your own Google Drive account. We request only the minimum necessary OAuth scopes to read and write files created by this app.

You can disconnect Google Drive at any time from Settings. Disconnecting removes our access to your Drive and deletes the session cookie.

Third-party services

Pangolog uses Google Identity Services for OAuth authentication and the Google Drive API for optional sync. These interactions are governed by Google's Privacy Policy. We use no analytics, advertising, or other third-party services.

Data deletion

To delete your local data, use the Reset all data option in Settings, or clear your browser's site data for this app. To remove synced data, delete the Pangolog/ folder from your Google Drive directly.

Changes to this policy

Any changes to this policy will be reflected on this page with an updated date.