Privacy Policy

Introduction

Welcome to BudgetLabs ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our budgeting application and related services.

Important Notice: BudgetLabs is not designed to store highly sensitive personal information such as financial account numbers, credit card details, or login credentials for banks or other institutions. Please do not enter such information into the application.

Information We Collect

Account Information

When you create an account, we may collect:

• Email address
• Name (optional)
• Account credentials (securely hashed)
• Email communication preferences — whether you have opted out of marketing email, and when that choice was made. Used solely to suppress marketing messages; does not affect transactional email (password reset, signup confirmation, family invites).

Financial Data

To provide budgeting and tracking features, we collect user-entered data such as:

• Budget categories and amounts
• Transaction descriptions, dates, and amounts
• Income and expense information
• Savings goals and targets
• Asset and debt account balances, including optional loan terms, recurring contribution amounts, and employer-match amounts you choose to record
• Optional gross annual salary you choose to enter in Profile, used only to auto-convert between contribution percent and dollar amount in the savings modal — encrypted at rest, never shared with third parties
• Reimbursable expense notes — free-text memos you add when marking part of a transaction as expected to be paid back by a third party (e.g. a friend, employer, or insurance). Encrypted at rest with AES-256; never shared with third parties.
• Amount adjustment reasons — optional free-text notes you supply when you manually override the amount on an imported transaction (e.g. “added $10 cash tip”). Encrypted at rest with AES-256; never shared with third parties. The original bank-reported amount is also retained internally so duplicate detection keeps working after an override.
• Dedup feedback — your confirmations of fuzzy-duplicate matches in the import preview, along with the incoming row's date, description, and amount at the time of confirmation. Encrypted at rest with AES-256; used solely to improve our duplicate-detection logic and never shared with third parties.
• In-app satisfaction feedback — an optional 1–5 star rating and an optional free-text comment you submit through the in-app feedback prompt. The comment may contain whatever you choose to write. Encrypted at rest with AES-256; used solely to improve BudgetLabs and never shared with third parties or published as a public review.
• Receipts and source artifacts you choose to attach to a transaction — receipt photos, dropped emails (raw .eml, HTML body, or plain text), or uploaded statement PDFs / images. Stored in your private receipts bucket on Supabase Storage, scoped to your account by row-level security, served only via short-lived signed URLs you request, never shared with third parties. You can remove a receipt at any time by clearing it from the transaction.

Note: We do not collect, store, or process actual bank account numbers, credit card numbers, or login credentials for financial institutions.

Usage and Device Data

We may collect limited usage data (e.g., device type, browser, IP address) and use cookies or similar technologies for analytics and performance. You can manage cookie preferences through your browser settings.

How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our budgeting services
• Track budgets, process transactions you enter, and show your progress
• Send service-related notifications and account updates
• Occasionally email you product updates or a short note from the founder asking for feedback. These are marketing messages — every one includes a one-click unsubscribe link, and you can opt out at any time without affecting your account or any transactional email.
• Respond to your requests and provide customer support
• Collect and review optional in-app ratings and feedback you submit, to understand satisfaction and improve the product
• Detect, prevent, and investigate fraud or abuse
• Analyze usage to enhance features and performance

Data Storage and Security

We implement commercially reasonable technical, administrative, and physical safeguards to protect your information, including:

• Encryption in transit: All connections to BudgetLabs use HTTPS/TLS.
• Encryption at rest: Sensitive financial fields are encrypted with AES-256 at the application layer before being written to the database. Encryption keys are stored in a managed secrets vault, not in application code.
• Row-level security: Every record is access-scoped to its owning user at the database layer; users cannot read or modify other users’ data even by direct database query.
• Optional two-factor authentication (TOTP): You can enable 2FA in Settings → Security to require a 6-digit code on each sign-in.
• Trusted-device tokens: If you opt to trust a device for 30 days, we store a one-way hash of a per-device token (not the token itself), the device’s user-agent string, and the IP address used at the time of opt-in, so you can review and revoke trust later.

AI Features and Third-Party Processing

BudgetLabs includes optional AI-assisted features (collectively, "Hank" — the in-app chat assistant, AI-powered transaction import, AI-powered receipt scanning, AI-powered bill scanning (for upcoming-bill scheduling), and an MCP server for connecting external AI agents). When you use these features, certain inputs and the relevant context required to answer your question are sent to third-party AI providers for processing.

Specifically:

• The in-app chat assistant routes your messages, plus a limited slice of your budget data needed to answer them (for example: requested category names, transaction details, or spending summaries), to xAI (Grok) via the Vercel AI SDK.
• AI-powered import (pasted text, CSV / spreadsheet, uploaded bank-statement PDFs, and uploaded statement images), receipt scanning, and bill scanning (photos of upcoming-bill invoices, PDF bills, or emails / pasted text dropped into the “Add bill” modal, for extracting vendor / amount / due-date / supporting notes) send the file contents, email body, or image you submit to xAI for parsing into structured transaction or bill fields. Uploaded files are processed in memory and are not retained by BudgetLabs after parsing.
• If you connect an external AI agent (Claude, ChatGPT, etc.) to BudgetLabs via our MCP server, the queries you make through that agent and the responses we return travel through that third-party agent’s provider; their privacy policy governs their handling of those exchanges.

We do not use your data to train third-party AI models. We do not share AI inputs or outputs with advertisers.

Separately from these in-app features, we use Anthropic (Claude) to generate our public blog content. That pipeline contains no user data — nothing you enter in BudgetLabs is ever sent to Anthropic.

These AI features are optional. You can avoid sending data to xAI by not using the chat assistant, AI import, receipt scanning, or bill scanning. You can revoke external MCP integrations at any time from Settings → API & Integrations.

Data Sharing and Disclosure

We do not sell your personal information. We may share information in these limited circumstances:

• Service Providers (subprocessors): With trusted third parties who help us run the Service, including:
  • Microsoft Azure — application hosting (Azure Web App) and email delivery via Azure Communication Services, covering both transactional email (e.g. password reset, sign-up confirmation, family invites) and product / marketing email.
  • Supabase — managed Postgres database, authentication, and file storage.
  • xAI (via the Vercel AI SDK) — large-language-model processing for the in-app chat assistant, AI-powered import (pasted text, CSV / spreadsheet, PDF, and image uploads), receipt scanning, and bill scanning. See "AI Features and Third-Party Processing" above.
  • Anthropic (Claude) — generates our public blog content; no user data is ever sent to it.
  • Stripe — payment processing for web subscriptions. We do not store full payment-card numbers.
  • RevenueCat, in conjunction with the Apple App Store and Google Play — in-app purchase processing on mobile. Payment-card and billing details are handled by Apple or Google directly under their privacy policies.
  • Google Analytics (Google) — aggregate usage and performance analytics across both our marketing website and the signed-in app, used to understand feature usage and improve the product.
  • Google AdSense (Google) — display ads shown to free-tier users inside the app (Pro subscribers see no ads). We configure AdSense to serve non-personalized ads only: ads are based on general/contextual signals, not on cross-context behavioral profiling of you, and we do not provide Google your budget data for ad targeting. Google may still process your IP address and use cookies for frequency capping, aggregate reporting, and fraud prevention under Google's privacy policy.
  • YouTube (Google) — embedded product-demo video on the marketing site, served from the privacy-enhanced youtube-nocookie.com domain. No cookies are set until you play a video; once you play one, YouTube receives your IP address and may set cookies under Google's privacy policy.
• Legal Requirements: When required by law, subpoena, or government request
• Protection of Rights: To protect our rights, safety, or property, or that of our users
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Sharing Your Data with Family Members

If you turn on Family Sharing and invite another person to join your budget, that person — once they accept — can see and modify the transactions, categories, monthly plans, debts, savings goals, and other budget data in the budget you share with them. Members of a shared budget can also see each other's name and email address, along with all financial data within the shared budget. Family Sharing is opt-in per invite; nothing is shared until you send an invite and the recipient accepts it.

You can revoke a pending invite at any time before it's accepted, and you can remove a member after they've joined. A member can also leave on their own. When someone leaves or is removed, any transactions they entered into the shared budget remain part of the budget's history so your accounting record stays intact; their personal authentication link to those records is removed.

We do not share your data with the family member's employer, advertisers, or any third party as a consequence of Family Sharing. The other party is a fellow BudgetLabs user who you have authorized to see this budget.

Your Rights and Choices

Depending on where you live, you may have the right to:

• Right to know / access: request a copy of the personal information we hold about you and how we use it.
• Right to correct: update or correct your personal information.
• Right to delete: delete your account and associated personal information.
• Right to portability: receive an export of your data in a machine-readable format. You can download a complete copy of your data anytime from Settings → Profile ("Download my data") or via /api/export while signed in — no support request needed.
• Right to opt out of sale or sharing: we do not sell your personal information and do not share it for cross-context behavioral advertising. You may still exercise this right at any time.
• Right to non-discrimination: we will not discriminate against you for exercising any of these rights.
• Right to opt out of promotional communications: use the unsubscribe link in any marketing email or contact us directly.

California residents (CCPA / CPRA): you may also designate an authorized agent to make a request on your behalf, and you may appeal a denied request by contacting us at the address below.

EEA / UK / Swiss residents (GDPR / UK GDPR): our legal basis for processing your personal data is (a) the performance of our contract with you, (b) our legitimate interests in operating and improving the Service, and (c) your consent where required (for example, for optional analytics). You have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at contact@budgetlabs.io. We will respond within the timeframes required by applicable law (45 days under CCPA; 30 days under GDPR, extendable by an additional 60 days for complex requests).

Data Retention

We retain your account information (e.g., email, name) for as long as your account remains active. Financial data you enter is retained for the life of your account plus up to 90 days after deletion for backup and recovery purposes.

After account deletion, we will delete or irreversibly anonymize your personal data within a reasonable period, unless we are required to retain it for legal, compliance, or security reasons.

Children’s Privacy

BudgetLabs is not directed to or intended for use by children under the age of 13. We do not knowingly collect, use, or disclose personal information from children under 13 without verifiable parental consent, in accordance with the U.S. Children’s Online Privacy Protection Act (COPPA).

If you are a parent or guardian and believe your child under 13 has provided us with personal information without your consent, please contact us immediately at contact@budgetlabs.io. We will promptly delete such information from our records.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the revised policy here and update the "Last updated" date. For material changes, we will also notify you via email or in-app notice at least 30 days in advance where required by law. Your continued use of BudgetLabs after the effective date constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us: