Cookie Policy

Cookies are small text files placed on your device when you visit a website. They help the site remember your preferences and improve your experience. Some cookies are essential for the site to function; others are optional and used for analytics or personalisation.

ExpenseFlow AI uses cookies and similar browser storage (such as localStorage) for the following purposes:

• Authentication — We store a JSON Web Token (JWT) in localStorage and mirror it to a session cookie so our middleware can protect authenticated routes. Without this, you cannot stay logged in.
• Preferences — Your chosen language (site_lang) and colour theme (site_theme) are saved in localStorage so they persist between visits.
• Session state — Temporary values needed to complete multi-step flows (e.g. transaction confirmation) are held in memory and are not persisted after your session ends.

• Strictly necessary cookies — The authentication session cookie that keeps you signed in. Deleting it will log you out.
• Functional localStorage keys — site_lang and site_theme store your UI preferences. These are not transmitted to our servers and contain no personal data.

We do not currently use advertising cookies, third-party tracking cookies, or analytics cookies that identify individual users.

The Service integrates with the following third parties that may set their own cookies or use similar technologies:

• Telegram — If you use the Telegram bot integration, Telegram's own privacy policy and cookie practices apply to your use of the Telegram platform.
• LLM Providers — Transaction text sent to Google Gemini, OpenAI, or a self-hosted Ollama instance is processed server-side and does not involve browser cookies.

You can control cookies and localStorage through your browser settings:

• Most browsers allow you to view, block, or delete cookies via their privacy or settings menu.
• You can clear localStorage for this site via your browser's developer tools (Application → Local Storage).
• Blocking strictly necessary cookies will prevent you from logging in and using the Service.
• Clearing preference keys (site_lang, site_theme) will reset the site to its default language and dark theme on your next visit.

We may update this Cookie Policy from time to time to reflect changes in the Service or applicable regulations. The "Last updated" date at the top of this page indicates when it was last revised. Continued use of the Service after an update constitutes acceptance of the revised policy.

If you have questions about our use of cookies, contact us at [email protected].