Last updated: 2026-07-02
Bujeto ("the app", "we", "us") is a personal-finance app that helps you record and budget your money. This policy explains what data the app handles, why, where it is stored, who can process it, and the choices and rights you have.
We do not run advertising, we do not use analytics or tracking SDKs, and we do not sell or share your data with third parties for their own purposes.
1. Who is responsible for your data
The operator of Bujeto is the data controller. For any privacy question, correction, or request, contact us at the email in the Contact section below.
2. What data we collect
You provide everything in this section directly by using the app. The app does not collect data from other sources, and it does not collect advertising identifiers, location, contacts, or device sensors.
2.1 Account and profile data
- Email address (used to sign in and to identify your account)
- Phone number (optional)
- Date of birth (optional)
- Display name and/or full name (optional)
- Country / region (optional)
- Occupation (optional)
2.2 Financial data you enter
This is the core content of the app. It stays tied to your account and includes:
- Expenses — amounts, dates, categories, payment method (cash/debit or credit card), and any notes you add
- Incomes — amounts, dates, sources, and any notes you add
- Budgets and budget periods — the monthly budgets you set up
- Allocations — how you split a budget across categories
- Categories / cost heads — the spending categories you create
- LIFE targets — the monthly balance targets you set for the LIFE analytics view
In short: the amounts, dates, and notes for everything you track in the app.
2.3 Crash diagnostics
If the app crashes, we collect a crash report to help us fix the problem. Crash reports are scrubbed before they leave your device: financial values (amounts), notes, and personal identifiers (such as email, phone, and display name) are redacted so they are not included in the report. Crash diagnostics contain technical information such as the error type, a stack trace, the app version, and the device/OS model.
3. How we use your data
- To provide the app's core function — storing, displaying, and calculating your expenses, incomes, budgets, allocations, categories, and LIFE targets.
- To sign you in and keep your account secure — your email (and Google Sign-In, if you choose it) is used for authentication.
- To sync your data across your devices — so the records you enter on one device are available on another when you are signed in.
- To diagnose and fix crashes — using the scrubbed crash reports described above.
We do not use your data for advertising, profiling, or to build a marketing profile of you, and we do not use it to make automated decisions about you.
4. How and where your data is stored
- Cloud storage. Your account and financial data are stored in a Supabase-hosted PostgreSQL database. Access is restricted by row-level security, so each account can only read and write its own rows. Data is encrypted in transit (HTTPS/TLS) between your device and the server.
- On your device. For speed and offline use, the app keeps a local cache of your data on your device. This local cache is stored using encrypted on-device storage (via
flutter_secure_storageand an encrypted Hive database), so the cached data is protected by encryption at rest on the device.
5. Third parties and data processors
We keep the list of third parties deliberately small. Each one acts as a processor that handles data only to provide a function of the app — never for its own advertising or marketing.
| Third party | Role | What it handles |
|---|---|---|
| Supabase | Data processor / hosting | Stores your account and financial data; provides authentication and the secure server-side account-deletion function. |
| Google Sign-In | Authentication provider | If you choose to sign in with Google, Google verifies your identity. We receive the basic sign-in information needed to create or access your account. |
| Sentry | Crash diagnostics | Receives the scrubbed crash reports described in Section 2.3 (financial values and personal identifiers removed) so we can fix bugs. |
We do not integrate any advertising networks, analytics/tracking SDKs, attribution tools, or data brokers.
6. What we do NOT do
- We do not show ads or use any advertising SDK.
- We do not use analytics or usage-tracking SDKs.
- We do not sell your personal or financial data.
- We do not share your data with third parties for their own purposes.
7. Data retention
We keep your data for as long as your account exists, so the app can show you your history. When you delete your account (see Section 8), your account and all associated financial data are deleted from the database. Scrubbed crash diagnostics held by our crash-diagnostics processor are retained only for a limited period under that provider's standard retention and then automatically deleted. Backups, if any, age out on their normal rotation.
8. Your rights and choices
You are in control of your data.
- Access and export. You can export your data from within the app (Settings → Data & Privacy → Export).
- Correction. You can edit your profile and your records directly in the app at any time.
- Deletion — in the app. You can permanently delete your account and all of its data from Settings → Profile → Danger Zone.
- Deletion — on the web (no app needed). If you no longer have the app installed, you can request deletion at our web deletion page. For your protection, web deletion requires you to prove you own the email address: you receive a secure sign-in (magic) link by email, and only after you click it and are authenticated can the deletion be carried out. We never delete an account based on a typed email address alone.
Deletion is irreversible — once your account is deleted, the data cannot be recovered.
Depending on where you live, you may have additional legal rights (such as the right to object to or restrict certain processing, or to lodge a complaint with a data-protection authority). To exercise any of these, contact us using the details in Section 11.
9. Children's privacy
Bujeto is not directed at children. It is not intended for use by anyone under 13 (or under 16 where a higher age applies under local law). We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.
10. Changes to this policy
We may update this policy from time to time — for example, if the app's features change. When we do, we will update the "Last updated" date at the top of this document and post the new version at the policy URL. Significant changes will be made reasonably prominent.