Budggy Ai Privacy Policy

Last updated: March 28, 2026
Table of Contents

Effective Date: 28.03.2026

This Privacy Policy explains how Budggy Ai (“Company”, “we”, “us”, or “our”) collects, uses, shares, stores, and protects personal data when you use Budggy Ai application, our website, and related services (collectively, the “Service”).

1. Data Controller

The controller responsible for your personal data is:

Budggy Ai App
Website: budggyai.com
Email: support@budggyai.com

2. Scope

This Privacy Policy applies to users of the Service, including users accessing the Service through the web application and users installing the Service through app stores such as Google Play.

3. Personal Data We Collect

We collect only the data reasonably necessary to operate the Service and provide the features you use.

3.1 Account and Identity Data
We may collect:

  • email address;
  • user ID and authentication identifiers;
  • sign-in provider data where you use Google, Facebook, Apple, or other SSO providers;
  • account creation and login timestamps; and
  • profile information such as display name or avatar if provided by your sign-in provider.

3.2 Financial and Usage Data You Provide
We may collect:

  • expenses and income entries;
  • merchant/store names;
  • item descriptions;
  • transaction dates;
  • totals and currency;
  • budgets and category budgets;
  • custom categories;
  • recurring transactions and payment-cycle information;
  • return and warranty tracking details;
  • receipt metadata; and
  • data exports you trigger.

3.3 Receipt Images and Attachments
If you scan or upload receipts or related files, we may process and store:

  • receipt images;
  • extracted merchant, item, date, and amount information;
  • related receipt text or OCR output; and
  • receipt-linked product, return, and warranty data.

3.4 Voice Input and Related Data
If you use voice entry features, we may process:

  • audio captured through your device or browser interface;
  • speech-to-text output or transcript content;
  • extracted transaction fields; and
  • related technical metadata needed to operate the feature.

Depending on your browser or operating system, voice processing may involve browser-vendor infrastructure or third-party services used to perform speech recognition.

3.5 Shared Group Data
If you create or join a shared group, we may process:

  • group name;
  • invite code and membership data;
  • your nickname in the group;
  • shared group records;
  • group-linked budgets and recurring items;
  • group notifications; and
  • consent logs related to group sharing.

3.6 Subscription and Billing Data
If you purchase a subscription, we may process:

  • subscription status;
  • plan tier;
  • billing state;
  • renewal period dates;
  • store purchase tokens or verification identifiers; and
  • store-managed subscription metadata needed to validate access.

We do not store your full payment card number.

3.7 Legal, Security, and Compliance Data
We may process:

  • legal acceptance logs;
  • consent records;
  • deletion requests;
  • fraud-prevention and abuse-prevention logs;
  • error logs and event logs; and
  • account-security records.

3.8 Technical and Device Data
We may process:

  • browser type and version;
  • device type and operating system;
  • app preferences such as language, theme, and currency;
  • local storage/session state;
  • active shared-group selection;
  • app interaction metadata; and
  • limited network and request metadata for security and service delivery.

4. How We Use Personal Data

    We use personal data to:

    • create and manage accounts;
    • authenticate users;
    • operate budgeting, receipt, voice, recurring, group, and premium features;
    • categorize and structure financial records;
    • generate AI-assisted outputs and reminders;
    • provide exports and reports;
    • support returns and warranty tracking;
    • provide customer support;
    • maintain security and prevent abuse;
    • comply with legal obligations;
    • improve reliability and performance; and
    • enforce our Terms.

    5. Legal Bases for Processing

      Where GDPR or UK GDPR applies, we rely on the following legal bases:

      • Contract: to provide the Service you request, including account features, budgeting tools, receipt storage, exports, subscriptions, and shared groups.
      • Legitimate Interests: to secure the Service, prevent abuse, improve reliability, investigate incidents, maintain logs, and protect our legal rights.
      • Consent: where required for non-essential cookies or local storage, certain optional marketing or analytics technologies, or other processing that legally requires consent.
      • Legal Obligation: where processing is necessary to comply with applicable law, platform requirements, or lawful requests.

      6. AI and Automated Processing

        The Service uses automated and AI-assisted processing to:

        • extract information from receipts;
        • interpret voice entries;
        • structure transaction data;
        • suggest categories;
        • estimate return or warranty information; and
        • generate financial insights.

        These features assist the user but do not make legally significant or similarly significant decisions about you without human involvement.

        AI-generated outputs may be inaccurate and should be always reviewed by you.

        7. Shared Groups and Visibility

        If you use shared-group features, certain data may be visible to other group members, including shared expenses, group-linked recurring items, certain historical records synced into the group according to the feature design, and group activity notifications.

        You are responsible for choosing whether to join a shared group and with whom to share financial information.

        8. When We Share Data

        We do not sell personal data.

        We may share data only:

        • with service providers acting on our behalf;
        • with app-store or payment platform providers to manage subscriptions;
        • with authentication providers you choose to use;
        • with shared-group members where the feature requires visibility;
        • where required by law or valid legal process; or
        • as part of a corporate transaction, subject to applicable safeguards.

        9. Service Providers and Subprocessors

          We use third-party providers to help operate the Service. These may include hosting, authentication, AI processing, branding lookup, content delivery, subscription validation, and related infrastructure providers.

          A current list is available in our Subprocessors & Infrastructure Disclosure.

          10. International Transfers

          Your data may be processed in countries other than your country of residence.

          Where required by law, we use appropriate safeguards for international transfers, such as contractual protections and equivalent legal mechanisms.

          11. Retention

          We retain personal data only for as long as reasonably necessary for the purposes described in this Policy, including to:

          • provide the Service;
          • maintain your account;
          • preserve your budgeting history until deletion;
          • comply with law;
          • resolve disputes;
          • prevent fraud and abuse; and
          • preserve shared group history in anonymized form where appropriate.

          When you delete your account, we will delete or anonymize relevant data in accordance with our Data Deletion Policy. Some limited data may remain in backups or retained logs for a limited period.

          12. Security

          We use reasonable technical and organizational measures designed to protect personal data, including:

          • access controls;
          • encrypted transmission;
          • environment and secret management;
          • database restrictions;
          • authentication controls; and
          • logging and monitoring.

          No system can guarantee absolute security.

          13. Your Rights

          Where applicable, you may have the right to:

          • access your personal data;
          • correct inaccurate data;
          • request deletion;
          • restrict certain processing;
          • object to certain processing;
          • receive a portable copy of your data; and
          • withdraw consent where processing is based on consent.

          You may exercise your rights by contacting us at Support@budggyai.com

          Where legally required, we will respond without undue delay and generally within one month.

          14. Complaints

          If you believe your rights have been violated, you may contact us first at Support@budggyai.com

          You may also lodge a complaint with your local supervisory authority, including the authority in the country where you live, work, or where the alleged infringement occurred.

          15. Children

          The Service is not intended for children under the minimum age permitted by applicable law. We do not knowingly collect personal data from children in violation of applicable law.

          16. Changes to This Policy

          We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and, where required, notify you or request renewed acceptance.

          17. Contact

          Budggy Ai App
          Website: budggyai.com
          Email: support@budggyai.com

          For questions about these Privacy Policy, contact us at legal@budggyai.com

          Other Legal Pages

          Terms of Service
          Cookie Policy