Legal

Privacy Policy

Effective: To be set at public launch
Version: Draft 0.1
Contact: support@trybudgie.app
This is a pre-launch draft. Budgie is in development and is not yet collecting user data. This policy describes how Budgie will operate at launch. The final policy will be reviewed by qualified counsel and may change before it takes effect. If you have questions, email support@trybudgie.app.

The short version

Budgie can't read your financial data. Your transactions are encrypted on your device with keys only you hold. Our servers store sealed boxes we can't open.

We don't sell your data. We don't show you ads. We don't share your data with advertisers, data brokers, or affiliate partners.

Bank connections are read-only. Budgie can see your transactions but cannot move your money.

You can delete everything, any time. Deletion really means deletion.

1. Who we are

Budgie is a personal budgeting application for iOS and web, operated by an independent developer in the United States. In this policy, "Budgie," "we," "us," or "our" refers to the operator. You can contact us at support@trybudgie.app.

2. What data we collect

2.1 Data you give us directly

2.2 Data we receive from Plaid on your behalf

When you connect a bank account through Plaid, Plaid shares with Budgie:

Budgie does not receive your bank login credentials. Those are handled by Plaid. You can review Plaid's own privacy practices at plaid.com/legal.

2.3 Data we collect automatically

3. How we protect your data

Budgie is built on a zero-knowledge architecture. The short version: our servers store your data in a form we cannot read.

A comprehensive security review is conducted before public launch and annually thereafter.

4. How we use your data

We use your data only to operate Budgie on your behalf. Specifically:

We do not sell your data. We do not share it with advertisers, data brokers, or for any marketing purpose. We do not use your data to train general-purpose AI models.

5. AI-assisted categorization

Budgie uses a cascading categorization engine: your rules first, then patterns learned from your corrections, then AI assistance for transactions we can't confidently categorize otherwise. When AI assistance is used:

6. Who we share data with

We share data only with service providers who help us operate Budgie. Each is contractually bound to handle your data consistent with this policy.

ProviderPurposeWhat they see
PlaidBank account connectionsYour bank login, account details, transactions
CloudflareHosting and networkingEncrypted blobs, IP-hashed request logs
AnthropicAI categorization (optional)Stripped merchant strings and amounts only, with Zero Data Retention
AppleiOS distribution and push notificationsDevice tokens, App Store transaction IDs

We may also share data when legally required (subpoena, court order) or to protect the safety of Budgie or its users. Because of our zero-knowledge design, the data we could produce in response to a subpoena is limited to what our servers hold in plaintext: your email, your encrypted blobs (which we cannot decrypt), and our operational logs.

7. How long we keep your data

DataRetention
Your transactions and budgets (on-device)As long as your account is active; you control this
Encrypted blobs (on our servers)As long as your account is active; deleted within 30 days of account deletion
Plaid access tokensDeleted within 1 hour of you revoking a bank connection
Operational logs30 days
Security audit logs1 year
Consent recordsLife of account plus 3 years, for audit defensibility
Backups30-day rolling window; deleted user data is purged from backups within 30 days of account deletion

8. Your rights

You have the following rights over your Budgie data:

If you are a California resident, you have additional rights under the CCPA, including the right not to be discriminated against for exercising these rights. If you are in the EEA or UK, you have rights under GDPR. To exercise any of these rights, email support@trybudgie.app.

9. Children

Budgie is not directed at children under 13, and we do not knowingly collect data from them. If you believe a child has created a Budgie account, email us and we will delete the account.

10. International transfers

Budgie operates in the United States. If you are accessing Budgie from outside the United States, your data will be transferred to and processed in the United States. We use standard contractual clauses and technical safeguards to protect this data.

11. Changes to this policy

We will notify you by email of any material change to this policy at least 30 days before it takes effect. The version and effective date at the top of this page always reflect the current policy.

12. Contact

Questions about this policy, or about your data: support@trybudgie.app.