← Back to Budget Buddy

Privacy Policy

Last updated: 24 April 2026

Budget Buddy (“we”, “us”) is a personal-finance tool that helps you import, categorise, and review your own bank transactions. This policy explains what information we collect, how it's stored, and what you can do about it. We've tried to write it in plain English.

1. Who runs the service

Budget Buddy is operated by Andre Botha as an individual. Contact: botha.as@gmail.com.

2. What we collect

• Account info: your name, email address, and (if you use email/password sign-in) a hashed password. If you sign in with Google, we receive your name, email, and Google account ID via OAuth — we never see your Google password.
• Transaction data you upload: dates, amounts, descriptions, and categories from OFX or CSV files you export from your bank and upload yourself. We do not connect to your bank directly.
• Preferences and settings: budgets, categories, saved periods, and other choices you make inside the app.
• Operational logs: request timestamps, error traces, and build revisions, used to keep the service running. These do not contain your transaction descriptions.

3. How your data is stored

Budget Buddy runs on Google Cloud Platform in the australia-southeast1 region (Sydney). Data is stored in Cloud SQL (PostgreSQL) and BigQuery within a single GCP project dedicated to this app.

Transaction descriptions are encrypted at rest with AES-256-GCM using a key derived from a PIN that only you know. If someone gained direct access to the database, they would see ciphertext — not your descriptions. Amounts, dates, and categories are stored in clear form so the app can do maths on them (budgets, totals, category charts).

Forgot your PIN? There is no recovery path — by design. You can wipe your data and start fresh from Settings → Danger Zone.

4. How we use your data

• To display your transactions, budgets, and reports back to you.
• To categorise transactions using AI (Anthropic's Claude API). Only the fields needed for categorisation are sent, and they are not used to train external models.
• To answer questions you type into the in-app AI assistant.
• To send you emails you've opted into (e.g. weekly digests), if enabled.

We do not sell your data. We do not share it with advertisers.

5. Third-party services we rely on

• Google Cloud Platform — hosting, database, secrets.
• Google Sign-In (OAuth) — optional sign-in method.
• Anthropic — AI categorisation and the in-app assistant. Requests are covered by Anthropic's commercial terms and are not used to train their models.
• Gmail SMTP — transactional email (digests, notifications), if you enable them.

6. Your rights

You can, at any time:

• View all data the app holds about you inside the app.
• Delete all of your transactions and encryption keys via Settings → Danger Zone.
• Ask us to delete your account entirely by emailing botha.as@gmail.com.

7. Cookies and sessions

We set a single HTTP-only, Secure session cookie so you stay signed in. There are no advertising or tracking cookies.

8. Changes to this policy

If we make material changes, we'll update the “Last updated” date at the top and, where reasonable, notify you inside the app. Continued use after an update means you accept the new version.