Privacy Policy for Budget Tracker
Effective Date: April 19, 2026
Last Updated: June 27, 2026
1. Introduction
Welcome to Budget Tracker (“we,” “our,” or “us”). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains our practices regarding the collection, use, disclosure, and protection of information when you use our mobile application (“App”).
Budget Tracker is designed with privacy as a fundamental principle. Our app operates primarily offline with minimal online connectivity for currency exchange rate updates. We collect minimal data necessary for app functionality and do not collect, store, or transmit personal data to our servers except as described in this policy.
2. Information We Do Not Collect
2.1 Personal Information
We do not collect any personally identifiable information, including but not limited to:
- Names, email addresses, phone numbers
- Location data (except as described in Section 3.1)
- Device identifiers for personal profiling or advertising tracking
- IP addresses (note: your IP is processed transiently by our ad-configuration/integrity-verification service for rate-limiting — see Section 3.7 — and is not stored to identify you)
- User accounts, passwords, or personal authentication data
2.2 Usage Analytics
We use Firebase Analytics (Google) to collect anonymous, non-personal usage data to improve the app experience — but only when you have granted separate, optional analytics consent. If you do not grant this consent (the default), Firebase Analytics is fully disabled and no analytics data is collected. This data does not include any financial information you enter into the app.
What Firebase Analytics collects:
- Screen views (which screens are opened and how often)
- App events (e.g., transaction added, goal created, wallet created, backup performed)
- Ad impression and ad load failure events (for monitoring ad performance)
- Session duration and app open counts
- Device category (phone/tablet), OS version, and app version
What Firebase Analytics does NOT collect:
- Your financial data (transactions, balances, goals, categories)
- Your name, email address, or any personally identifiable information
- Your precise location
- Any data you enter into the app
Firebase Analytics data is anonymous and aggregated. It is governed by Google’s Privacy Policy: https://policies.google.com/privacy. We cannot link analytics data to any individual user.
2.3 Financial Data
While you may enter financial information into the app for personal tracking:
- This data remains exclusively on your device
- We never access, collect, or transmit this information
- All processing occurs locally on your device
3. Third-Party Services and Data Collection
3.1 Google Mobile Ads (AdMob)
If you use the free version of our app, advertisements may be displayed by Google AdMob. Users who decline ad personalization consent see non-personalized ads; feature limits are the same regardless of consent choice (see Terms of Service Section 4).
Consent Management:
- On first launch, EU/EEA users are shown a consent dialog (Google UMP — User Messaging Platform) in accordance with GDPR and the IAB Transparency & Consent Framework (TCF).
- Personalized ads are only served if the user grants consent. Non-personalized ads may be served otherwise where permitted.
- Consent can be reviewed and changed through the app’s settings.
Data Potentially Collected by AdMob:
- Device information (model, OS version, screen size)
- Approximate location data (for location-based ad targeting, with user consent)
- App usage data for ad performance measurement
- Advertising identifiers (may be reset in device settings)
Important Notes:
- AdMob data collection is governed by Google’s Privacy Policy: https://policies.google.com/privacy
- You can opt out of personalized advertising through your device settings or the in-app consent dialog
- Premium subscription removes all advertisements
- We do not receive or access any data collected by AdMob
3.2 In-App Purchase Processing
For premium subscriptions:
- Payment processing is handled securely by:
- Google Play Billing (Android devices)
- App Store (iOS devices)
- We do not collect, store, or process payment information
- Subscription status is verified server-side through RevenueCat (see Section 3.5); the result is cached locally on your device
- Refund requests are handled directly through the respective app stores
- Premium subscriptions provide unlimited features
- Subscription management through respective app store account settings
3.3 Firebase Remote Config (Currency Updates)
The app uses Firebase Remote Config to update currency exchange rates once daily:
Data Potentially Collected by Firebase:
- Basic device information (device model, OS version, app version)
- Network connectivity status
- Firebase installation ID (anonymous identifier)
- Basic app usage metrics for Remote Config functionality
- Geographic region (for region-specific currency updates)
Important Notes:
- Firebase data collection is governed by Google’s Privacy Policy: https://policies.google.com/privacy
- Data is used solely for delivering currency exchange rate updates
- No personal or financial data is transmitted to Firebase
- Firebase Remote Config operates under Google’s infrastructure security standards
- We do not receive or access any data collected by Firebase
3.4 Firebase Analytics (App Usage Analytics)
The app uses Firebase Analytics (Google) to collect anonymous usage data to understand how the app is used and improve it.
Data Potentially Collected by Firebase Analytics:
- Screen views and navigation patterns (which screens are visited)
- App events (transaction added, goal created, wallet created, backup performed)
- Ad impression and ad load failure events
- Session duration, app open frequency
- Device category, OS version, app version (non-identifying, aggregated)
Important Notes:
- Firebase Analytics does not collect any financial data you enter into the app
- No personally identifiable information is collected through Firebase Analytics
- Data is anonymous and aggregated; we cannot identify individual users
- Firebase Analytics only operates when you have granted separate, optional analytics consent; if consent has not been granted (the default), Firebase Analytics is fully disabled and no analytics data is collected
- Firebase Analytics data collection is governed by Google’s Privacy Policy: https://policies.google.com/privacy
- We do not receive or access personally identifiable data through Firebase Analytics
- You can withdraw analytics consent at any time from the Analytics section in the app’s Settings screen; this immediately stops all future analytics data collection
3.5 RevenueCat (Purchase Verification)
The app uses RevenueCat to process and verify in-app purchases and manage subscription validity:
Data Potentially Processed by RevenueCat:
- Purchase tokens and product IDs (for verification only)
- Basic device information for security validation
- Subscription status and entitlement data
Important Notes:
- RevenueCat is used exclusively for purchase processing and verification
- We do not receive or access any financial data through RevenueCat
- Subscription status and entitlement flags (e.g., whether premium is active) are accessible through RevenueCat’s developer dashboard solely to verify premium access; this is not financial data
- No payment, billing, or transaction details are accessible to us through RevenueCat
- RevenueCat operates under enterprise-grade security standards
- All purchase verification is handled server-side for security
- Payment processing is managed through Google Play (Android) and App Store (iOS)
- RevenueCat’s data practices are governed by RevenueCat’s Privacy Policy: https://www.revenuecat.com/privacy
3.6 Local Notifications
- Permission is requested to send budget reminders and goal notifications
- All notifications are scheduled and delivered locally on your device
- No notification data is transmitted to external servers
- You can disable notifications at any time in your device settings
3.7 Cloudflare Workers (Ad Configuration & Integrity Verification)
To keep advertising secure and prevent fraud, the free version retrieves its advertising configuration from a backend service hosted on Cloudflare Workers rather than embedding it in the app. This applies only to free users on Android who see ads; premium subscribers and iOS users do not trigger this service.
What is sent to the Cloudflare service:
- A Google Play Integrity token — a Google-signed, opaque token attesting that the request comes from a genuine, untampered app on a genuine device. It contains device and app integrity verdicts only; it does not contain your name, email, advertising identifier, location, account, or any financial/app data. The token is decoded by Google (Play Integrity API), not by Cloudflare.
- Your IP address — automatically included in any internet request and used solely to rate-limit the service against abuse. Your IP is not stored to identify you; only a short-lived request counter is kept.
What it does: If the device passes Google’s integrity check, the service returns the advertising unit identifiers required to display ads. If the device cannot be verified (e.g., tampered/emulated), no identifiers are returned and no ads are shown (fail-closed).
Important Notes:
- No personal, financial, or usage data is collected or stored by this service.
- The real advertising identifiers are no longer embedded in the app package, which improves security.
- Legal basis (EU/EEA): legitimate interest in fraud prevention and the security of the ad-supported service (independent of advertising-personalization consent).
- This processing is governed by Cloudflare’s Privacy Policy (https://www.cloudflare.com/privacypolicy/) and Google’s Privacy Policy (https://policies.google.com/privacy). We do not receive or store any personal data through this service.
3.8 Firebase Crashlytics (Crash Reporting)
To diagnose and fix crashes and stability issues, the app can send crash reports via Firebase Crashlytics (Google) — but only when you have granted the optional analytics consent (the same consent described in Section 3.4). If consent is not granted (the default), Crashlytics collection is disabled and no crash data is sent.
What Crashlytics collects (only with consent):
- Crash stack traces and non-fatal error logs
- Device state at the time of the crash (device model, OS version, app version, memory/storage state)
- An anonymous Crashlytics installation identifier
What Crashlytics does NOT collect:
- Your financial data, name, email address, or any data you enter into the app
- Your precise location
Important Notes:
- Crashlytics collection is off by default and is enabled only if you grant analytics consent; you can withdraw it at any time from the Analytics section in Settings, which immediately disables crash collection.
- No personally identifiable or financial information is included in crash reports.
- Crashlytics data is governed by Google’s Privacy Policy (https://policies.google.com/privacy).
4. How Information is Used
4.1 Local Processing Only
All data processing occurs exclusively on your device:
- Budget calculations and financial analysis
- Currency conversions using stored exchange rates
- Report generation and data visualization
- Goal tracking and progress calculations
4.2 Third-Party Usage
- AdMob uses collected data solely for advertising purposes; we do not receive this data
- Payment processors (Google Play / App Store) use payment information only for transaction processing; we do not receive payment details
- RevenueCat: we do not receive or access any financial data; only non-financial subscription status flags (premium active/inactive) are visible to us through RevenueCat’s developer dashboard for verification purposes
- No financial data entered by the user is shared with any third party
5. Data Security and Protection
5.1 Local Storage Security
- Data is stored in a local SQLite database (SQLCipher). Database-level encryption is optional and must be enabled by the user in Settings → Database Security.
- When encryption is enabled, AES-256 is applied via SQLCipher; when disabled, the database file is stored without encryption.
- Input validation prevents malicious data entry
- Database integrity is maintained through constraints and checks
5.2 No External Transmission
The app transmits data over networks only in the following limited, specific cases:
- Ad loading (free users): data transmitted to Google AdMob servers
- Currency exchange rate updates (once daily): minimal device metadata transmitted to Firebase Remote Config
- App usage analytics (only when analytics consent is granted): anonymous usage events (screen views, app events, ad impressions) transmitted to Firebase Analytics servers
- Subscription verification: purchase tokens and entitlement data transmitted to RevenueCat servers
- Ad configuration & integrity verification (free Android users only): a Google Play Integrity token and your IP address are transmitted to our Cloudflare Workers service to verify the device and deliver advertising unit identifiers (see Section 3.7)
No financial or personal data entered by the user is ever transmitted. All other processing occurs entirely on-device.
5.3 Data Encryption
- Database encryption is optional. When enabled by the user, SQLCipher applies AES-256 encryption with PBKDF2 key derivation. When not enabled, the database is stored without encryption.
- The encryption password is stored in the device’s secure storage (iOS Keychain / Android Keystore) and never transmitted.
- Sensitive app settings (GDPR consent status, premium status) are stored in hardware-backed secure storage (FlutterSecureStorage), separate from the main database.
- Backup files can be additionally encrypted with user-provided passwords.
- No encryption keys are transmitted to external servers.
5.4 Data Volume and Performance Considerations
- Premium users have unlimited storage capacity for all data types
- Large datasets (millions of records) may impact app performance on older devices
- The app uses pagination to display data efficiently (10-200 items per page)
- Performance depends on device capabilities and available memory
- We recommend regular data cleanup and backup for optimal performance
- The app is optimized for personal finance tracking, not enterprise-level data processing
6. Data Retention and Deletion
6.1 Data Retention
- All data remains on your device indefinitely until you choose to delete it
- We do not retain any user data on our servers
- Data persistence is controlled entirely by you
6.2 Data Deletion
Your financial data is stored locally on your device and can be deleted in several ways:
Complete Data Deletion:
- Uninstall the app: This removes all app data including wallets, transactions, and settings
- Clear app data through device settings: Go to Settings > Apps > Budget Tracker > Storage > Clear Data
Partial Data Deletion:
- Delete individual wallets: Access each wallet from the main screen and use the delete option
- Delete transactions: Go to each transaction screen and remove individual entries
- Delete goals: Access the goals section and remove individual financial goals
For Third-Party Service Data (Firebase Analytics, AdMob):
- Anonymous analytics and advertising data collected by Google services cannot be individually identified or deleted by us, as it is not linked to your identity
- To limit or reset data collected by Google: go to your device Settings → Privacy → Ads → Reset Advertising ID (Android) or opt out of personalized ads
- For Google’s data deletion tools, visit: https://myaccount.google.com/data-and-privacy
- For RevenueCat subscription data deletion, contact: support@revenuecat.com
- You may also contact us at chnbzkrtgithub@gmail.com and we will assist you to the extent technically possible
Important Notes:
- Deleted local data cannot be recovered
- We recommend exporting important data before deletion
- Local data deletion occurs immediately on your device
6.3 Backup and Data Export
- Local Backup Only: The app provides export functionality to create backup files stored locally on your device — in the shared
Download/BudgetTrackerfolder where available, otherwise in the app’s local storage - No Cloud Backup: No data is backed up to external servers or cloud services
- User Responsibility: You are solely responsible for backing up your financial data
- Save Formats: Data can be saved as encrypted files with user-provided passwords
- Import Functionality: Backup files can be imported to restore data, which replaces all existing data
- Data Security: Exported files remain on your device and are not transmitted to external services
7. International Data Transfers
The app may transmit minimal data to third-party services located outside your country:
- Firebase Remote Config: Data may be transferred to Google’s servers for currency update functionality
- Firebase Analytics: Anonymous usage data may be transferred to Google’s servers for app analytics (only when analytics consent has been granted)
- Google AdMob: Advertising data may be transferred to Google’s servers when using the free version
- App Store Services: Payment data may be transferred to Apple/Google servers for in-app purchases
- Cloudflare Workers: A Google Play Integrity token and your IP address may be transferred to Cloudflare’s global servers to verify the device and deliver advertising unit identifiers (free Android users only)
These transfers are governed by the respective third parties’ privacy policies and are necessary for app functionality. We do not control these transfers or have access to the transferred data.
8. Children’s Privacy
Budget Tracker is not intended for children under 13 years old.
The app does not collect, store, or transmit any personal information from any user, including children.
Since no personal data is collected or sent to our servers, there is no personal information to delete or process.
Parents or guardians should supervise children’s use of the app.
The app is designed for personal use only and does not target or appeal to children.
9. Your Rights and Choices
9.1 Data Access and Control
- You have complete control over all data entered into the app
- You can view, modify, or delete your data at any time
- No third party can access your financial information
9.2 Advertising Choices
- In-app consent dialog: EU/EEA users can manage ad personalization consent through the Google UMP dialog shown at first launch. This consent can be revisited in the app’s settings.
- Device settings: Opt out of personalized ads through your device’s ad settings (Android: Settings → Privacy → Ads; iOS: Settings → Privacy → Tracking)
- Upgrade to premium: Removes all advertisements entirely
- Control notification permissions in device settings
9.3 Analytics Choices
- In-app analytics consent: Analytics data collection requires separate, optional consent requested at first launch. This is independent of advertising consent and does not affect any app features.
- Default: Analytics consent is not granted by default; Firebase Analytics is fully disabled unless you explicitly grant consent.
- Withdraw consent: You can withdraw analytics consent at any time from the Analytics section in the app’s Settings screen. Withdrawing consent immediately disables Firebase Analytics and stops all future data collection.
9.4 App Permissions
You can manage app permissions through your device settings:
- Notification permissions
- Storage permissions (for backups)
- Network permissions (for ads)
10. Third-Party Services and Links
10.1 Third-Party Services
Our app may integrate with or link to third-party services:
- AdMob for advertising
- Cloudflare Workers for advertising configuration and integrity (device) verification
- Firebase Crashlytics for opt-in crash reporting
- App stores for in-app purchases
- Currency exchange rate providers (data stored locally)
10.2 Third-Party Links
- The app may contain links to third-party websites
- We are not responsible for the privacy practices of these third parties
- We encourage you to review their privacy policies
11. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. We may update this Privacy Policy periodically due to:
- Changes in our app functionality
- Updates to legal requirements and regulations
- Improvements to our privacy practices
- New features or services
- Changes in third-party services we use
Notification of Changes:
- Updates will be posted within the app
- The “Last Updated” date will be revised
- Significant changes may be communicated via in-app notifications
- We recommend reviewing this policy periodically
Your Rights:
- You can stop using the app if you do not agree with the updated policy
- Continued use of the app after changes constitutes acceptance of the updated policy
- We reserve the right to modify these terms without prior individual notice
Your continued use of the app after changes constitutes acceptance of the updated policy.
12. Contact Information
If you have questions about this Privacy Policy or our privacy practices:
Budget Tracker Support
- Email: chnbzkrthelp@gmail.com
- Support: chnbzkrthelp@gmail.com
- App Store: Search for “Budget Tracker”
We will respond to your inquiries within 30 days.
13. Compliance and Legal Framework
This app complies with applicable privacy laws and regulations:
13.1 GDPR (General Data Protection Regulation)
- As a data controller, we ensure minimal data processing
- Privacy by design principles are implemented: all financial data remains on-device and is never transmitted to our servers
- Legal basis for third-party data processing: For EU/EEA users: (1) AdMob data is processed on the basis of user consent obtained through the Google UMP (User Messaging Platform) dialog in accordance with the IAB Transparency & Consent Framework (TCF); (2) Firebase Analytics data is processed on the basis of separate, optional analytics consent requested through the app’s own consent screen — this is distinct from and independent of the UMP/advertising consent; (3) RevenueCat processes only purchase tokens necessary to fulfill the subscription contract (legal basis: performance of contract); (4) the ad-configuration/integrity-verification service (Cloudflare, Section 3.7) processes a Google Play Integrity token and IP address on the basis of legitimate interest in fraud prevention and the security of the ad-supported service (independent of advertising-personalization consent).
- Data subject rights under GDPR:
- Right of access: All your data is stored locally on your device and is directly accessible to you at all times
- Right to rectification: You can edit or correct any data directly within the app
- Right to erasure: You can delete all data by clearing app data or uninstalling the app
- Right to data portability: You can export your data using the app’s built-in backup/export feature
- Right to withdraw consent: You can withdraw ad personalization consent at any time through the app’s ad consent settings; you can withdraw analytics consent at any time from the Analytics section in the app’s Settings screen
- Right to object to processing: You can decline ad personalization at any time
- Since we do not store personal data on our servers, no data deletion request to us is necessary or possible
13.2 CCPA (California Consumer Privacy Act)
- No sale of personal information
- No sharing of personal information
- Right to delete is fully supported
13.3 App Store Guidelines
- Apple App Store Review Guidelines compliance
- Transparent permission usage
- Clear privacy disclosures
13.4 Google Play Policies
- Google Play Developer Program Policies compliance
- Data safety requirements met
- Transparent data practices
14. App Permissions and Justification
14.1 Android Permissions
Network Permissions:
android.permission.INTERNET: Required for loading advertisements and Firebase Remote Config currency updatesandroid.permission.ACCESS_NETWORK_STATE: Required to check network connectivity for ads and currency updates
Notification Permissions:
android.permission.POST_NOTIFICATIONS: Required for budget reminders and goal notifications (Android 13+)android.permission.RECEIVE_BOOT_COMPLETED: Required to reschedule notifications after device restartandroid.permission.SCHEDULE_EXACT_ALARM: Required for precise notification scheduling on Android 12+ (requires user permission)android.permission.USE_EXACT_ALARM: Required for exact alarm scheduling for specific notification use casesandroid.permission.VIBRATE: Required for notification alertsandroid.permission.WAKE_LOCK: Required to ensure notifications are delivered
Billing Permissions:
com.android.vending.BILLING: Required for in-app purchase processing through Google Play
Camera Permission:
android.permission.CAMERA: Required for taking photos to attach to transactions
Storage Permissions:
android.permission.READ_EXTERNAL_STORAGE: Required for importing backup files (API 32 and below)android.permission.WRITE_EXTERNAL_STORAGE: Required for exporting backup files (API 32 and below)android.permission.READ_MEDIA_IMAGES: Required for accessing photos from gallery (Android 13+)
14.2 iOS Permissions
Required Permissions:
- Notifications (
NSUserNotificationsUsageDescription): Required for budget reminders and financial goal notifications - Camera (
NSCameraUsageDescription): Required for taking photos to attach to transactions - Photo Library Read (
NSPhotoLibraryUsageDescription): Required for accessing photos from the gallery to attach to transactions or export reports - Photo Library Write (
NSPhotoLibraryAddUsageDescription): Required for saving budget reports to the photo gallery - In-App Purchase: Required for premium subscription processing
- File Sharing (
LSSupportsOpeningDocumentsInPlace,UIFileSharingEnabled,UISupportsDocumentBrowser): Required for backup file access and document-based file management - Background Modes (
UIBackgroundModeswithfetch,remote-notification, andprocessing): Required for notification scheduling, delivery, and background task processing
15. Data Safety (Google Play Requirements)
In accordance with Google Play’s Data Safety section requirements:
- Data Collection: Minimal data collected by third parties (AdMob, Firebase Remote Config, and Firebase Analytics) for app functionality
- Data Sharing: No data shared with third parties by us
- Data Security: Database encryption is optional. When enabled by the user in Settings → Database Security, AES-256 encryption (via SQLCipher) is applied. When not enabled, the database is stored locally without encryption.
- Children Privacy: App not directed at children under 13
- Advertising: AdMob may collect data for advertising purposes
- Analytics: Firebase Analytics collects anonymous, non-personal usage data (screen views, app events, ad impression counts) only when the user has granted separate, optional analytics consent; no analytics data is collected if consent is not granted. No financial data is included.
- Ad configuration & integrity verification: For free Android users, a Google Play Integrity token and IP address are processed by our Cloudflare Workers service solely for fraud prevention and security (device verification before delivering ad identifiers). This is handled by a service provider on our behalf, is not used to identify you, and includes no personal or financial data (see Section 3.7).
- Crash reporting: Firebase Crashlytics collects crash diagnostics (stack traces, device state) only when the user has granted the optional analytics consent; disabled by default. No financial or personally identifiable data is included (see Section 3.8).
16. Governing Law and Dispute Resolution
This Privacy Policy is governed by the laws of Turkey. Disputes must first be reported to chnbzkrthelp@gmail.com. Unresolved disputes are subject to exclusive jurisdiction of Turkish courts, conducted in Turkish language.
Notwithstanding the above, for users located in the European Economic Area (EEA) or United Kingdom, the applicable EU/UK data protection laws — including the General Data Protection Regulation (GDPR) and the UK GDPR — apply in addition to Turkish law. To the extent of any conflict between Turkish law and GDPR/UK GDPR, the applicable EU/UK data protection legislation shall prevail with respect to the processing of personal data of EEA/UK residents.
17. Severability
If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions will remain in full force and effect.
18. Language Translations and AI-Generated Content
18.1 AI-Generated Translations
IMPORTANT NOTICE REGARDING LANGUAGE TRANSLATIONS:
All language translations in this Privacy Policy document, as well as in the app’s user interface, are generated using artificial intelligence (AI) translation tools. While we strive for accuracy, AI translations may contain errors, inaccuracies, or inappropriate expressions.
WE MAKE NO GUARANTEES about the accuracy, completeness, or reliability of any AI-generated translations. This includes but is not limited to:
- Grammatical errors or incorrect word usage
- Contextual inaccuracies or misinterpretations
- Cultural or regional language variations
- Technical terminology translations
- Legal terminology accuracy
18.2 No Responsibility for Translation Errors
WE EXPRESSLY DISCLAIM ALL LIABILITY for any damages, losses, misunderstandings, or consequences arising from:
- Incorrect or misleading translations
- Misinterpretation of legal terms due to translation errors
- Communication barriers caused by translation inaccuracies
- Any actions taken based on potentially incorrect translations
Translation Accuracy Disclaimer: Users are strongly advised to consult the original English version of this Privacy Policy for the most accurate and legally binding information. The English version shall prevail in case of any discrepancies or disputes arising from translation differences.
Recommendation: If you are not fluent in English, we recommend consulting with a qualified legal professional who can review the English version of these terms in your native language.
19. Entire Agreement
This Privacy Policy constitutes the entire agreement between you and Budget Tracker regarding the collection and use of information.
Budget Tracker is committed to protecting your privacy. Your financial data stays on your device, giving you complete control and security.
By using Budget Tracker, you acknowledge that you have read and understood this Privacy Policy.