Privacy Policy
Last updated: 7/4/2026
1. Introduction
This Privacy Policy explains how BudgetIQ ("we", "us") collects, uses, discloses and protects personal information when you use our budgeting service.
2. Data We Collect
- Account data: name, email address, hashed password, authentication provider identifiers.
- Financial data you upload: transactions, account balances, categories, budgets, notes, and any files (CSV, Excel, PDF, images) you import.
- Billing metadata: subscription status and payment provider references. We do not store card numbers.
- Technical data: IP address, device and browser information, session logs, and error diagnostics.
3. How We Use Your Data
- Provide, maintain and improve the Service.
- Authenticate you and secure your account.
- Process AI-based categorisation, forecasting and insights on your data.
- Send transactional emails (trial notices, receipts, security alerts).
- Comply with legal obligations and enforce our Terms.
4. Legal Bases (GDPR)
Where GDPR applies, we rely on: (a) performance of a contract with you; (b) our legitimate interests in operating and securing the Service; (c) your consent, including the declaration you make at sign-up; and (d) compliance with legal obligations.
5. AI Processing
Uploaded transactions and statements may be sent to AI model providers for the sole purpose of extraction, categorisation and insight generation. Providers act as processors under contract, do not train their models on your data, and process data on a transient basis.
6. Sharing and Disclosure
We do not sell your personal data. We share it only with (a) sub-processors necessary to run the Service (hosting, authentication, payment processing, AI inference, email delivery), (b) authorities where compelled by law, and (c) successors in the event of a merger or acquisition, subject to equivalent protection.
7. Storage and Security
Data is stored on managed cloud infrastructure with encryption in transit (TLS) and at rest. Row-level security ensures that only you can read your own records. Access by our staff is limited to those with a legitimate operational need.
8. Retention
We retain your data for as long as your account is active. On cancellation or deletion, personal and financial data is deleted within thirty (30) days, except where retention is required by law (e.g. tax and accounting records).
9. Your Rights
Depending on your jurisdiction you may have the right to access, correct, port, restrict, or delete your personal data, to object to processing, and to withdraw consent. Requests can be made to privacy@budgetiq.app. You may also lodge a complaint with your local data protection authority.
10. International Transfers
Your data may be processed in countries other than your own. Where required, we implement Standard Contractual Clauses or equivalent safeguards.
11. Cookies
We use strictly necessary cookies for authentication and session management. We do not use advertising cookies or third-party tracking pixels.
12. Children
The Service is not directed at persons under 18. We do not knowingly collect personal information from children.
13. Changes
We may update this Policy from time to time. Material changes will be communicated in advance via email or in-app notice.
14. Contact
Data controller: BudgetIQ. Contact: privacy@budgetiq.app.