Privacy Policy

App: Mikdar · Last updated: 19 June 2026

The short version. Mikdar is a fully offline personal finance app. We do not collect, transmit, store, sell, share, or analyse any of your personal or financial information. Everything you enter stays on your device. There are no servers we own, no accounts on our side, no analytics, and no advertising.

This Privacy Policy explains, in plain language, exactly what happens to your information when you use the Mikdar mobile application ("Mikdar", "the app", "we"). Mikdar is built by an independent developer for users in Bangladesh and the global Muslim community.

1. What we collect

We collect nothing. Mikdar has no telemetry, no analytics SDK, no crash reporter, no advertising SDK, and no backend server. Your transactions, debts, invoices, reminders, budgets, savings goals, calculator history, profile, PIN, and settings are stored only on your device, inside an encrypted SQLite database protected by your PIN.

Specifically, we do not collect or have access to:

2. The two optional features that touch the internet

Mikdar works offline. Two features can be enabled by you to talk to Google's servers. Both are off by default and never run without your explicit action.

2.1 Google Drive backup (optional)

If — and only if — you turn on the Google Drive backup feature from Settings, Mikdar will:

  1. Ask you to sign in with your Google account through Google's standard sign-in screen.
  2. Create a backup file of your local data on your device.
  3. Encrypt that file with AES-256-CBC using a key derived from your PIN, on your device, before any upload.
  4. Upload the encrypted file to a folder called Mikdar/ inside your own Google Drive.

What this means for your privacy:

While Google holds the encrypted file in your Drive, Google's own privacy practices apply — see Google's Privacy Policy.

2.2 Live currency exchange rates (optional)

The Currency Converter tool fetches up-to-date exchange rates from a public exchange-rate API when you have an internet connection. This request sends no personal information — only the standard fields any HTTPS request includes (your IP address, which the rate provider can see by virtue of you connecting to them). We do not log, collect, or store the request anywhere.

3. Smart Scan (optional cloud OCR)

The receipt scanner reads receipts on your device by default. If your receipt is hard to read, the app offers an optional "Smart Scan" button that can send the receipt photo to Google's Gemini API using your own Gemini API key that you provide in Settings.

4. Permissions

Mikdar requests Android permissions only when needed for a specific feature you trigger:

PermissionWhy Mikdar needs it
Notifications (POST_NOTIFICATIONS) To show reminders and budget alerts you scheduled yourself.
Camera (CAMERA) To capture a receipt with the Receipt Scanner. Only when you tap it.
Read media images (READ_MEDIA_IMAGES) To let you pick a saved receipt photo from your gallery.
Receive boot completed (RECEIVE_BOOT_COMPLETED) To re-arm your scheduled reminders after your phone reboots.
Wake lock (WAKE_LOCK) To keep the CPU awake briefly when a scheduled reminder fires.

Permission usage never sends your data anywhere. For example, the camera permission is used only to capture an image into the on-device OCR pipeline — nothing leaves the device unless you opt in to Smart Scan as described above.

5. Data retention and deletion

Because Mikdar stores everything on your device, you have full control:

There is no server-side account to delete because we never had one to begin with.

6. Security

No system is perfectly secure. If you forget your PIN and have not saved your recovery key, your data cannot be recovered — by you, by us, or by Google. This is intentional: it means no one but you can ever read your records.

7. Children

Mikdar is intended for users 18 and over who manage personal, family, or business finances. It is not directed at children. We do not knowingly collect data from children (or from anyone else).

8. International users

Mikdar is available worldwide and functions identically in every country. Since we collect no personal data, there is nothing transferred across borders by us. If you enable Google Drive backup, the encrypted backup file lives in the Google region tied to your Google account — see Google's Privacy Policy.

9. Your rights

Even though we do not collect data, you can always:

10. Changes to this policy

If Mikdar ever adds a feature that changes how data is handled — for example a future cloud sync option — this policy will be updated and the “Last updated” date will change. Material changes will also be surfaced inside the app. Continued use of the app after the change constitutes acceptance.

11. Contact

For privacy questions, support, or general feedback, email:
info@ezomfy.com

We respond to verified requests within 30 days, though privacy requests are usually trivial because there is no data on our side to access, correct, or delete.