Privacy Policy
BudgetGuard
Effective date: May 24, 2026 · Last updated: July 9, 2026
Summary
BudgetGuard collects nothing about your finances. There is no account, no server, and no telemetry. Everything you enter into the App — including any receipt photos you choose to attach — stays on your device, inside BudgetGuard's private app storage. Anything that leaves the device only does so because you explicitly initiated an export, share or print.
The single exception is the optional BudgetGuard Pro in-app purchase: payments are processed by Google Play or the Apple App Store, and purchase validation is handled through RevenueCat using a random anonymous identifier — never your name, email address or any budgeting data. See Section 5.
1. Who we are
BudgetGuard ("the App") is a personal budgeting and expense-tracking utility developed and published by:
TenebraTechnologies s.r.o.
Majerníkova 3039/28, 841 05 Bratislava, Slovenská republika
IČO: 57363544
Zapísaná v Obchodnom registri Mestského súdu Bratislava III, oddiel Sro, vložka č. 194527/B
The App runs entirely on your Android or iOS device. We do not operate any backend service that processes your budgeting data.
2. What data the App handles
When you use BudgetGuard, the following information is created and stored locally on your device only:
- The budgets you create (name, icon, color, currency, start/end dates, target amount)
- The activities you create inside a budget (name, dates, target, color, icon)
- The expenses you log (name, amount, date, note)
- The tags you create and the expense-to-tag assignments
- Receipt photos you choose to attach to an expense (stored as image files inside the App's private storage area)
- Your preferred theme, language and the currently active budget
- Your optional display name shown inside the App
- An optional PIN (stored as a SHA-256 hash combined with a random per-install salt; the plaintext PIN is never written to disk)
- An optional flag indicating whether biometric unlock is enabled and the auto-lock timeout you selected
- A flag recording that you have accepted the Terms & Conditions and completed onboarding
- Your BudgetGuard Pro unlock status (whether the one-time purchase — or the automatic unlock for customers of the original paid app — is active)
The structured data lives in a SQLite database inside the App's private storage area. Receipt photos live as files in the App's private files directory. Small preferences (PIN hash, theme, locale, onboarding flags) live in per-app key-value storage. None of these locations are readable by other apps on a non-rooted/non-jailbroken device.
We do not receive, transmit, sync, or otherwise transfer this data to any server, third party, or analytics service.
3. What data we do NOT collect
To be explicit, BudgetGuard does not:
- Collect your email address, phone number, postal address or any other personal identifier
- Connect to your bank or any payment service — the App cannot read transactions automatically
- Use third-party account-aggregator services (Plaid, Yodlee, TrueLayer, MX or any equivalent)
- Use third-party analytics SDKs (Google Analytics, Firebase Analytics, Amplitude, Mixpanel, Segment, etc.)
- Use third-party crash-reporting SDKs (Crashlytics, Sentry, Bugsnag, etc.)
- Use third-party advertising SDKs, networks, or place advertisements anywhere in the App
- Use cookies (the App is not a web app)
- Read or track device identifiers (Advertising ID, IDFA, GAID, IMEI, MAC address, build serial)
- Read your contacts, calendar, location, microphone, call log, SMS or installed-apps list
- Access the network for any purpose related to your budgeting data — network requests occur only to validate the optional in-app purchase (Section 5)
4. Permissions the App requests
BudgetGuard declares only the permissions strictly required for its features:
- Camera (iOS
NSCameraUsageDescription/ AndroidCAMERA) — only when you tap "Take photo" to capture a receipt for an expense. Captured images are written to the App's private storage and never uploaded. - Photo library / media images (iOS
NSPhotoLibraryUsageDescription/ Android scoped media access) — only when you tap "Choose from library" to attach an existing photo as a receipt. - USE_BIOMETRIC / Face ID / Touch ID — to unlock the App with biometrics if you enable the optional app lock.
- Scoped file access — only when you initiate an Export, Import or PDF report, so the OS file picker / share sheet can write or read the single file you choose.
The App additionally uses the network and Google Play's billing capability (com.android.vending.BILLING) solely to process and validate the optional BudgetGuard Pro in-app purchase (Section 5). Your budgeting data is never transmitted. No background services run.
5. In-app purchases (BudgetGuard Pro)
The App is free in its basic version; a one-time in-app purchase called BudgetGuard Pro unlocks the full feature set. Processing this purchase is the only situation in which the App communicates with external services:
- Payment is handled entirely by Google Play (or the Apple App Store). We never see your payment card, bank details or store account identity.
- Purchase validation uses RevenueCat, a purchase-infrastructure service acting as our processor. RevenueCat receives: a randomly generated anonymous app-user identifier created on your device, the purchase token issued by the store, basic technical metadata needed for validation (platform, OS version, App version, device locale), and — as an inherent part of any internet request — your IP address.
- RevenueCat does not receive your name, email address, store account identity, or any of the budgeting data described in Section 2.
- Your unlock status is cached on your device, so the App keeps working fully offline; the App contacts RevenueCat again only to re-validate or restore the purchase.
- If you purchased BudgetGuard while it was a paid-upfront app, the Pro unlock is granted locally on your device — no data about you is transmitted for this.
Purchase-validation records are retained by RevenueCat for as long as needed to keep your unlock restorable. You may request deletion of the anonymous customer record by emailing support@tenebratechnologies.com; note that deleting it may make the purchase unrestorable through the App's "Restore purchase" function (the purchase itself remains in your store account).
6. Export, backup, share and print
When you tap Settings → Export, BudgetGuard creates a ZIP archive containing your data as JSON together with any receipt photos you have attached, and hands it to the OS share sheet. Where that archive goes is entirely your decision — the share sheet routes it to whichever destination you pick (Drive, email, Files, AirDrop, etc.). The same applies to PDF reports you generate from inside the App and to individual expense photos you choose to share. Once a file leaves BudgetGuard, the privacy of the file is governed by the app or service you sent it to. We have no copy of the file and no way to retrieve it.
When you tap Settings → Import, the OS file picker briefly grants the App read access to the single ZIP/JSON file you selected. The App reads it, ingests its contents into the local database and never retains the file itself.
7. Children's privacy
BudgetGuard is a general-audience budgeting utility. It does not knowingly collect any data from anyone, including children. Because no data is collected at all, no special handling for children's data is required.
8. Your rights (GDPR, CCPA and equivalents)
Most data-protection laws (GDPR, CCPA, LGPD, etc.) grant you rights to access, correct, delete and port your personal data held by a controller. For your budgeting data, we are not a data controller, because we never receive or hold any of it. You exercise these rights directly on your device:
- Access — open the App; all your data is visible inside it.
- Portability — Settings → Export produces a portable ZIP archive containing your data and any receipt photos.
- Erasure — Settings → Reset wipes the App's database, photo files and preferences. Uninstalling the App also removes everything entirely.
- Correction — edit any value, name, tag, note or photo in the App at any time.
For the limited purchase-validation data described in Section 5, we act as data controller with RevenueCat as our processor. Email support@tenebratechnologies.com to exercise your rights over that data, or with any other questions.
9. Security
The local database, receipt photos and preferences are stored inside the platform's per-app private storage sandbox, which is not readable by other apps on a non-rooted/non-jailbroken device. Device-level disk encryption (FBE/FDE on Android, Data Protection on iOS) applies automatically to App data at rest.
Your optional PIN is hashed with SHA-256 combined with a random per-install salt before storage; the plaintext PIN is never written to disk. Biometric matching is performed by the operating system — BudgetGuard never sees your biometric data.
App data may be included in the platform's automatic device backup (Auto Backup for Apps on Android, iCloud Backup on iOS) only if you have that feature enabled. Those backups are operated by Google or Apple under their respective terms, not by us. You can disable them in your device's system settings.
10. Changes to this policy
If a future version of BudgetGuard changes data-handling behavior (for example, introduces an optional cloud sync feature) this policy will be updated and the revised "Last updated" date above will reflect the change. Continued use of the App after a material change constitutes acceptance of the updated policy.
11. Contact
Questions about this policy or about how BudgetGuard handles your data:
support@tenebratechnologies.com
TenebraTechnologies s.r.o., Majerníkova 3039/28, 841 05 Bratislava, Slovenská republika
We aim to respond to privacy inquiries within 14 days.