Privacy Policy

1) Who we are

2) Scope

This policy explains how Budget Buddy processes information when you use the mobile app(s) on iOS and Android.

Budget Buddy is a personal finance app. User-entered financial data (transactions, budgets, balances) stays on your device unless you choose to back it up to your own Google Drive. We collect only anonymous diagnostics and analytics to improve stability and features.

3) Data we process

Data stored on your device (not sent to us)

• Financial records you enter (transactions, categories, budgets, balances) — stored locally in an on-device SQLite database.
• Optional backup to your own Google Drive (your Google account). Budget Buddy does not receive the contents of your backup.

Data we collect to operate and improve the app

• Crash diagnostics logs (anonymous) — via Firebase Crashlytics.
• Usage analytics (anonymous events such as screens opened, feature usage) — via Firebase Analytics.
• Remote configuration fetches — via Firebase Remote Config (no personal content).
• Advertising identifiers (IDFA/GAID) — only if/when ads are enabled and after any required consent/ATT prompt.

No accounts No contact list No photos/media No precise location

4) Sources of data

• Direct from you: financial entries you type in the app (remain on device).
• Device/system: crash diagnostics, app instance IDs, advertising IDs (subject to platform/consent).
• External APIs: currency exchange rates (rates only; no personal data sent).
• App backend: non-personal configuration values (feature flags via Remote Config).

5) Purposes legal bases

• Provide core features (budgeting, transactions) — performed locally on device; no legal basis needed for server processing.
• Crash reporting debugging — legitimate interests to maintain and improve the app (GDPR Art. 6(1)(f)).
• Analytics product improvement — legitimate interests and, where required (e.g., in EEA), consent.
• Remote configuration — legitimate interests to safely roll out features.
• Advertising (future) — consent where required (ATT on iOS; GDPR CMP in EEA). Personalized ads may be enabled by default after consent.
• Compliance, fraud, security — legitimate interests and legal obligations.

6) Storage, location transfers

• Your financial data is stored only on your device in SQLite. Optional backups are stored in your Google Drive under your Google account.
• Diagnostics/analytics are processed by Google Firebase (data centers may be in the EU and/or other regions). Transfers outside the EEA are protected by Standard Contractual Clauses provided by Google.
• All network communications use TLS encryption in transit.

7) Sharing disclosure

We do not sell your personal information. We share limited data with service providers (“processors”) strictly to operate the app:

• Google Firebase (Analytics, Crashlytics, Remote Config) — diagnostics/usage data.
• Google AdMob (when ads are enabled) — advertising identifiers and context for ad delivery; may qualify as “sharing” for cross-context behavioral advertising in some jurisdictions when personalized ads are shown.

We may disclose information if required by law or to protect our rights and users’ safety.

8) Retention

• Financial data — stays on your device until you delete it or uninstall the app; backups remain in your Google Drive until you remove them.
• Crash logs analytics — retained according to Firebase defaults and our operational needs (commonly up to 14 months).

9) Your privacy rights

• Access/Export — export your data to a file, to local storage, or to apps via the system share sheet; you can also back up to Google Drive.
• Delete — delete entries in-app, clear the local database, delete backups in your Google Drive, or uninstall the app.
• Consent controls — when ads are enabled, you will see platform consent prompts (ATT on iOS; GDPR consent in the EEA). Currently, an in-app analytics opt-out is not provided.
• EEA/UK/CCPA — you may have additional rights (objection, restriction, portability). Contact us at korsour@gmail.com.

10) Security

• Encryption in transit via TLS.
• On-device data is not encrypted at rest by the app; rely on your device’s OS security (screen lock, device encryption) and cloud account protections for Drive backups.
• We minimize data collection (no user accounts; anonymous diagnostics where possible).
• Vendors such as Google/Firebase maintain industry certifications (e.g., ISO/SOC). See their documentation for details.

11) Advertising tracking

• Budget Buddy may show ads via Google AdMob. On iOS, we request ATT permission for tracking; in the EEA we will present a consent dialog. Personalized ads may be enabled by default after consent.
• You can reset/limit the advertising identifier in your device settings (IDFA/GAID). If you do not grant consent where required, only non-personalized ads (or no ads) will be shown.

12) Children

The app is designed for general audiences and is not directed to children under 13. We do not knowingly collect personal data from children. If you are a parent or guardian and believe a child provided information, contact us to request deletion.

13) Cookies website

No cookies are used in the mobile apps. The website korlab.team may use basic analytics cookies; refer to that site’s notice if applicable.

14) Changes to this policy

We will update this policy in-app when features or practices change. Material changes will be highlighted in release notes or an in-app notice.

15) App Store Google Play disclosures

Apple App Store (Data Linked to You / Not Linked)

Google Play Data Safety

No collection of financial content you enter (it stays on device / your Drive backup).

16) Contact

For privacy requests (access, export, deletion, questions), email korsour@gmail.com.