Privacy Policy

Last updated: December 29, 2025

1. Introduction

Welcome to uBudget ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

When you create an account, we collect the following information:

  • Full name
  • Email address
  • Password (encrypted and stored securely)
  • Profile avatar (optional)
  • Birth year (optional, for age verification)
  • Country and timezone
  • Currency preference
  • Occupation (optional)
  • Academic information (if applicable, including grade level and school name)

2.2 Financial Data

To provide our expense tracking and budget management services, we collect:

  • Financial transactions (income and expenses)
  • Transaction amounts, descriptions, dates, and categories
  • Budget information and limits
  • Receipt images and attachments (stored securely)
  • Account information (bank accounts, credit cards, etc.)
  • Savings goals and progress
  • Recurring transaction patterns

2.3 Device and Usage Information

We automatically collect certain information when you use our Service:

  • Device type, operating system, and version
  • App version and usage statistics
  • IP address and network information
  • Location data (if you grant permission)
  • Crash reports and error logs

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our expense tracking and budget management services
  • Account Management: To create and manage your account, authenticate users, and process transactions
  • Data Synchronization: To sync your data across multiple devices and provide cloud backup
  • Financial Insights: To generate analytics, reports, and insights about your spending patterns
  • Notifications: To send you budget alerts, reminders, and important service updates
  • Security: To detect, prevent, and address technical issues, fraud, and security threats
  • Customer Support: To respond to your inquiries and provide customer support
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Storage and Security

4.1 Data Storage

Your data is stored using a combination of local and cloud storage:

  • Local Storage: Data is stored locally on your device using encrypted SQLite databases for offline functionality
  • Cloud Storage: Data is synchronized to our cloud infrastructure (Supabase) for backup and multi-device access
  • File Storage: Receipt images and attachments are stored securely in cloud storage with access controls

4.2 Security Measures

We implement industry-standard security measures to protect your information:

  • Encryption: Sensitive financial data is encrypted using end-to-end encryption (E2EE) when enabled
  • Row Level Security (RLS): Database-level security policies ensure users can only access their own data
  • Secure Authentication: Passwords are hashed using secure algorithms and never stored in plain text
  • Secure Storage: Local data is stored using Flutter Secure Storage with platform-specific encryption
  • HTTPS/TLS: All data transmission is encrypted using industry-standard protocols
  • Access Controls: Strict access controls and authentication requirements for all data access

5. Third-Party Services

We use the following third-party services to provide our Service:

5.1 Supabase

We use Supabase for backend services including:

  • User authentication and account management
  • Database storage (PostgreSQL)
  • File storage for receipts and attachments
  • Real-time data synchronization

Supabase's privacy policy: https://supabase.com/privacy

5.2 Google Sign-In

We offer Google Sign-In as an authentication option. When you use Google Sign-In:

  • We receive your email address and basic profile information from Google
  • Google's authentication services handle the sign-in process
  • We do not store your Google password

Google's privacy policy: https://policies.google.com/privacy

6. Children's Privacy (COPPA Compliance)

Our Service is designed for users of all ages, including children under 13. We are committed to protecting children's privacy and comply with the Children's Online Privacy Protection Act (COPPA).

6.1 Parental Consent

For users under 13 years of age:

  • We require verifiable parental consent before collecting, using, or disclosing personal information from children under 13
  • Parents or guardians must create and manage the account on behalf of children under 13
  • We collect only the minimum information necessary to provide the Service
  • We do not knowingly collect personal information from children under 13 without parental consent

6.2 Parental Rights

Parents and guardians have the right to:

  • Review their child's personal information
  • Request deletion of their child's personal information
  • Refuse further collection or use of their child's information
  • Revoke consent at any time

To exercise these rights, please contact us at the email address provided in the Contact Information section below.

6.3 Limited Data Collection for Children

For children under 13, we limit data collection to:

  • Information necessary for account creation and authentication
  • Financial transaction data (with parental oversight)
  • Basic profile information (name, currency preference)
  • We do not collect location data from children under 13 without explicit parental consent
  • We do not share children's information with third parties for marketing purposes

7. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers (Supabase, Firebase) who assist us in operating our Service, subject to strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or government regulation
  • Protection of Rights: To protect our rights, property, or safety, or that of our users or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to users
  • With Your Consent: When you explicitly authorize us to share your information

8. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal information and data
  • Correction: Update or correct inaccurate information through your account settings
  • Deletion: Request deletion of your account and all associated data. Request account deletion here
  • Data Export: Export your financial data in a portable format
  • Opt-Out: Disable certain features such as cloud sync or notifications
  • Account Management: Manage your account settings, privacy preferences, and data sharing options

Request Account Deletion: You can request deletion of your account and all associated data using our account deletion request form. We will process your request within 30 days.

To exercise other rights, please contact us using the information provided in the Contact Information section below, or use the account management features within the app.

9. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy. Specifically:

  • Account data is retained while your account is active
  • Financial transaction data is retained to provide historical analysis and reporting
  • When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes
  • Some data may be retained in backups for a limited period before permanent deletion

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page
  • Updating the "Last updated" date at the top of this policy
  • Sending you an email notification (for significant changes)
  • Displaying a notice within the app

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: ubudget.app@gmail.com

Website: Contact Us

For requests related to children's privacy (COPPA), please include "COPPA Request" in your subject line.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell your information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us using the information provided in the Contact Information section above.

← Back to Home