Privacy Policy

1. Who We Are

MyBudget is an independent mobile application developed by Logical Solutions & Innovations for personal financial management. Our primary audience is South African users — students, young professionals, and households who want a clearer picture of where their money goes. We are not a financial institution, not a registered Financial Services Provider (FSP) under FAIS, not a registered Credit Provider under the NCA, and we do not provide financial advice.

2. Information We Collect

2.1 Information you provide

• Account information: email address and password (Firebase Authentication), or Sign in with Apple (which may provide your email and/or display name as you choose). We store your email address, display name, and Firebase user ID.
• Transaction data: merchant names, amounts, dates, categories, and notes you enter manually or via receipt scanning.
• Budget and financial data: income amounts, budget limits, debit orders, bill splits, debts, fuel logs, meals, and events you record in the App.
• Receipt images: photos you take or upload for AI extraction. See section 2.3 for how these are handled.
• Split and debt data: names of people you split bills with and amounts owed. These names come from what you type — we do not access your device contacts automatically.
• Banking and payment details: if you optionally enter banking or payment details to generate payment request messages, these are stored in your device's secure storage (Keychain on iOS / Keystore on Android) only and are never sent to our servers.
• Store locations from scans: when you scan a receipt with location permission granted, GPS coordinates and geocoded store addresses may be attached to that receipt.

2.2 Information collected automatically

• Crash reports and diagnostics: via Firebase Crashlytics. These reports include device model, OS version, app version, and a stack trace of the error. They do not include your financial data.
• Anonymised usage analytics: via Firebase Analytics. We track which features are used, session duration, and general navigation flows. This data is aggregated and cannot be linked back to you personally. Analytics can be disabled in Settings > Data & Privacy.
• Push notifications: via Firebase Cloud Messaging when you opt in to notifications (e.g. price-change alerts for stores you follow).
• Anti-abuse protection: via Firebase App Check to help prevent unauthorised access to our backend.
• Feature configuration: via Firebase Remote Config to deliver app settings and feature flags.
• Device location: only when you have granted the "When in use" location permission. Location is captured only at the moment you scan a receipt — it is attached to that receipt scan to identify the store on the in-app map (map tiles via OpenStreetMap). The app does not track your location at any other time.

2.3 Receipt images and AI processing

• When you scan a receipt, the photo is uploaded to Firebase Storage and sent securely to Google Gemini via our Firebase Cloud Functions. We use the paid Gemini API tier, which contractually prohibits Google from training models on your data. The image is processed in real time to extract line items and amounts and is not retained by Google beyond transient processing. No other AI providers are used.
• If you opt in to data collection in Settings > Data & Privacy, your receipt images are anonymised server-side before being stored in our training dataset: faces, addresses, loyalty numbers, phone numbers, names, and other personal identifiers are blurred or removed; EXIF metadata is stripped; precise location is reduced to ~1 km accuracy; and your user ID is replaced with a salted one-way hash. You can opt out at any time and previously-anonymized data cannot be re-linked to you.

2.4 Contacts access

The App requests optional access to your device contacts to make it easier to fill in names when splitting a bill with someone. We do not upload or store your contacts on our servers. Contact names are used only within the app for autofill on the split bills screen.

2.5 Aggregated price data

When you scan receipts, anonymized store/item/price observations (with your user ID replaced by a one-way hash) may be shared to power price-trend and specials features visible to other signed-in users. No personal identity is attached to these observations.

3. How We Use Your Information

• To provide, maintain, and improve the App and its features.
• To sync your data across devices when you are signed in with an account.
• To process receipt images using AI to extract transaction data.
• To detect price changes and send push notifications when you have opted in to follow a store.
• To improve AI receipt extraction accuracy through aggregated, anonymised training data (only if you have opted in).
• To detect crashes and fix bugs via diagnostic reports.
• To respond to support queries you send us directly.

4. Data Sharing, Sale, and Third-Party Processors

4.1 Sale or licensing of anonymised data

We do not sell your personal information. However, if you have opted in to data collection in Settings > Data & Privacy, we may license or sell aggregated, fully-anonymised receipt data to third parties (such as AI research labs, market-research firms, and retailers) to improve receipt-understanding systems and price-tracking products.

This anonymised dataset contains no personal identifiers, faces, addresses, account numbers, signatures, or location information finer than ~1 km. Each record has had its EXIF metadata stripped and its submitter user ID replaced with a salted one-way hash before storage. You can opt out at any time in Settings > Data & Privacy.

4.2 Operational processors

We share operational data only with the service providers listed below, strictly to operate the App. Each provider acts as a data processor on our behalf and is contractually bound to protect your data.

Where relevant, data is transferred to and processed on Google Cloud infrastructure that may be located outside South Africa. By using the App you consent to this cross-border transfer in accordance with POPIA section 72.

• Google LLC (Firebase, Google Cloud): authentication, cloud database (Firestore), file storage (Cloud Storage), server-side processing (Cloud Functions), analytics (Firebase Analytics), crash reporting (Crashlytics), push messaging (Firebase Cloud Messaging), anti-abuse (Firebase App Check), feature configuration (Firebase Remote Config), and the Google Gemini API (paid tier) for receipt extraction. Google's privacy policy: policies.google.com/privacy.
• Apple Inc. (Sign in with Apple): authentication when you choose to sign in with your Apple ID. apple.com/legal/privacy.
• OpenStreetMap Foundation (map tiles / Nominatim geocoding): merchant names from receipt scans are geocoded to map coordinates. Only store names are sent — no personal data.
• Buyers / licensees of the anonymised dataset (section 4.1): third parties who purchase or license the anonymised receipt dataset. Because the data is anonymised before transfer, no personal information about you is shared with these recipients.
• Law enforcement or regulators: we will disclose information when required by South African law (POPIA) or a valid court order.

Retention windows

• Transaction and budget data: retained until you delete your account or the specific record.
• Crash and analytics data: retained for up to 90 days by Google per Firebase default policies.
• Anonymized training examples and aggregated price observations: retained indefinitely after your personal information has been irreversibly stripped.

Data controller

The data controller is Logical Solutions & Innovations. POPIA Information Officer details are in section 6 below. Contact: support-budget.app@logicalsolutionsinnovations.com

5. Data Storage and Security

Your data is stored in two places:

• On your device: a local SQLite database (Drift) and secure storage (Keychain/Keystore for payment details) hold transactions, budgets, income, settings, and other records regardless of whether you have an account.
• Google Firebase (cloud): when you are signed in, your data — including transactions, budgets, income, debit orders, categories, receipts (photos and extracted line items), bill splits, fuel logs, meals, events, debts, and store/scan locations — is mirrored to your private Firebase Firestore and Firebase Storage. Firebase complies with SOC 2 and ISO 27001 standards.

Data in transit is encrypted via TLS. Firebase security rules and Firebase App Check ensure your cloud data is accessible only to your authenticated account. Guest mode users have no cloud storage — data exists only on device.

6. Your Rights Under POPIA (South Africa)

This app is governed by the Protection of Personal Information Act, 2013 (POPIA).

• Responsible Party: Logical Solutions Innovations.
• Information Officer: Guy Church, contactable at support-budget.app@logicalsolutionsinnovations.com.
• Processing principles: we process your personal information lawfully and only for the purposes described in this policy (processing limitation, purpose specification, and further-processing limitation).
• Lawful basis: your consent (given at sign-up and via the in-app consent screen) and our legitimate interest in providing and securing the service.
• Your rights: you may request access to the personal information we hold about you; request correction or deletion; object to processing; and withdraw consent at any time. You can delete all your data yourself via Profile > Delete account, or by emailing us.
• Security safeguards: data is encrypted in transit (TLS) and protected by per-user access rules, Firebase App Check, and authentication. See section 5.
• Cross-border transfer: your information is processed on Google Cloud infrastructure that may be located outside South Africa. Where this occurs, the recipient is subject to laws or agreements providing an adequate level of protection comparable to POPIA.
• Children: the app is not intended for persons under 18.
• Complaints: you may lodge a complaint with the Information Regulator (South Africa): Website inforegulator.org.za, email POPIAComplaints@inforegulator.org.za / enquiries@inforegulator.org.za, JD House, 27 Stiemens Street, Braamfontein, Johannesburg 2001.

7. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights:

• Right to Know: you may request details about the categories of personal information we collect and the purposes for which we use it.
• Right to Delete: you may request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale or Sharing: if you have opted in to data collection, anonymised receipt data may be sold or licensed to third parties (see section 4.1). You may opt out at any time in Settings > Data & Privacy. Sharing personal data with Google for receipt extraction may also constitute "sharing" under CCPA; you may opt out of receipt scanning entirely by not using that feature.
• Non-discrimination: we will not discriminate against you for exercising any CCPA rights.

To exercise any CCPA right, email support-budget.app@logicalsolutionsinnovations.com with the subject line "CCPA Request".

8. Account Deletion and Data Export

You can manage your data at any time from Settings > Profile:

• Delete account & data: immediately erases your Firebase account, all associated cloud data, and local data on your device. Residual backups roll off within 30 days. Already-anonymized training examples and aggregated price observations cannot be re-linked to your identity and may be retained.
• Export my data: downloads a copy of all your financial data in a portable format for your own records.

9. Children

The App is not intended for persons under 18. We do not knowingly collect personal data from children. If you believe a person under 18 has provided personal information to us, contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via an in-app notice and you may be asked to re-consent. The date at the top of this page reflects the last update. Continued use of the App after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy questions, to exercise your POPIA rights, or to request data deletion, contact us at: