If you connect a Sapplify Account
If you connect a Sapplify Account to sBudget, the Sapplify Account Privacy Policy and Sapplify Account Terms of Service additionally apply to your use of account-related features (sign-in, profile, cross-device sync, Sync subscription).
1. Introduction
In short: sBudget works fully offline. Your data stays on your device unless you connect a Sapplify Account and enable Sync. We don't track you, we don't sell your data, and we don't show ads. You are in complete control.
Welcome to the Privacy Policy for sBudget ("we", "us", or "our"). sBudget is a budget tracking app designed to help you manage your income, expenses, and financial goals while maintaining control over your personal financial data.
sBudget operates on a local-first principle: your data is stored on your device by default. Cloud synchronization is entirely optional and is provided through Sapplify Sync, a separate paid subscription tied to your Sapplify Account.
This Privacy Policy covers what sBudget does on your device. Account-related processing (sign-in, profile, the server-side copy of your data when Sync is active) is covered by the Sapplify Account Privacy Policy, which applies in addition to this one when you sign in.
Data Controller
The data controller responsible for your personal data is:
Anthony Eli Rasch - sapplify
PO Box 004
91501 Nove Mesto nad Vahom
Slovakia
Email: contact@sapplify.com
2. Data Collection
sBudget collects only the financial information that you actively enter into the app:
Financial Data You Enter
- Transactions: Amount, type (income/expense), date, category, notes, and currency
- Accounts: Account names and organization preferences (e.g., "Personal", "Business")
- Categories: Spending and income category names, icons, and colors
- Budgets: Budget amounts, periods, and warning thresholds
- Recurring Transactions: Templates for automatic transaction entries
Account Data (Sapplify Sync Users Only)
If you choose to connect a Sapplify Account and enable Sync, the data above is also kept on our servers so it can be synced across your devices. Account identity (email, optional display name, auth provider IDs, subscription state) is collected and processed by Sapplify Account, not by sBudget directly; see the Sapplify Account Privacy Policy §4 for the full list.
What sBudget Does NOT Collect
- We do NOT collect bank account numbers, credit card details, or banking credentials
- We do NOT connect to your bank or any financial institution
- We do NOT use analytics or tracking services for behavioral profiling
- We do NOT display advertisements
- We do NOT sell or share your financial data with third parties
- We do NOT collect location data
- We do NOT access your contacts, photos, or other personal files
3. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR) and applicable data protection laws, we process your personal data based on the following legal grounds:
Contract Performance
We process your data when necessary to provide you with the sBudget service:
- Storing your financial data locally on your device
- Managing your Pro entitlement (one-time purchase)
If you have connected a Sapplify Account and enabled Sync, the additional cross-device processing is governed by Sapplify Account; see the Sapplify Account Privacy Policy §5.
Consent
We process certain data only with your explicit consent:
- Enabling Sync (you choose to connect a Sapplify Account and subscribe)
- Sending notifications (you enable this in settings)
- Exporting or sharing your data (you initiate this action)
You can withdraw consent at any time by disabling the relevant features or deleting your account.
Legitimate Interest
We may process limited data based on our legitimate interests:
- Ensuring security and preventing fraud
- Responding to support inquiries
Legal Obligations
We may process data when required by law, such as responding to valid legal requests from authorities.
4. Local Data Storage
By default, sBudget stores all your financial data locally on your device. This means your data never leaves your device unless you explicitly enable Sapplify Sync.
Strictly Necessary Storage
Under the EU ePrivacy Directive, the local storage technologies we use are strictly necessary for providing the budgeting service you requested. A budgeting app cannot function without storing your financial data locally. Therefore, no separate consent is required for this storage, and we do not display a "cookie consent" pop-up for these essential functions.
Local Storage Technologies
- SQLite Database: Your transactions, accounts, categories, budgets, and recurring transactions are stored in a local database on your device
- Shared Preferences: Non-sensitive app settings like language preference, theme, and onboarding status
- Flutter Secure Storage: For storing sensitive settings and authentication tokens (when signed in)
Benefits of Local-Only Storage
Complete Privacy
Your data stays on your device and is never transmitted anywhere
Offline Access
Full functionality without internet connection
No Account Required
Use all core features without creating an account
You Own Your Data
Export your data anytime in JSON or CSV format
5. Sapplify Sync
Cross-device sync of your sBudget data is provided by Sapplify Sync, a paid subscription tied to your Sapplify Account. Sync is entirely optional; sBudget is fully functional without it.
What Gets Synced
When Sync is active, the data you create in sBudget is uploaded to our servers so it can be received on your other devices:
- Transactions (amounts, dates, categories, notes)
- Account configurations
- Categories and customizations
- Budgets and settings
- Recurring transaction templates
Where and How It Is Stored
Server-side Sync data lives in the unified Sapplify database hosted by Supabase in Frankfurt, Germany (EU). Encryption in transit (TLS) and at rest are handled at the Sapplify Account layer, along with sub-processors, retention, and access controls. See the Sapplify Account Privacy Policy §6 (Sub-processors), §7 (Data Residency), §8 (Retention), and §9 (Security) for full details.
Opting Out
Sapplify Sync is optional. You can:
- Use sBudget without ever connecting a Sapplify Account
- Sign out at any time to stop syncing
- Cancel your Sapplify Sync subscription separately in your store's subscription settings
- Delete your Sapplify Account from inside sBudget to remove the server-side copy
6. Purchases & Payments
sBudget offers two distinct paid upgrades:
- sBudget Pro (One-Time Purchase): Unlocks multiple accounts, recurring transactions, and custom categories. Pro is a per-app, one-time purchase that does not require a Sapplify Account and works entirely on your device.
- Sapplify Sync (Subscription): Suite-wide subscription that enables cross-device sync. Sold and managed at the Sapplify Account level; covered by the Sapplify Account Terms of Service §8.
All payments are processed through the Apple App Store or Google Play Store.
What We Track
- Pro entitlement: Whether you have purchased sBudget Pro on this device (stored locally)
Sapplify Sync subscription state is tracked under your Sapplify Account, not directly by sBudget; see the Sapplify Account Privacy Policy §4 ("Subscription and entitlement records").
What We DO NOT Track
- Credit card or payment method details
- Billing address
- Transaction IDs or purchase receipts
Payment Processing
All payment processing is handled by:
- Apple App Store: For iOS users - Apple Privacy Policy
- Google Play Store: For Android users - Google Privacy Policy
We never see or store your payment details. Subscription management (cancellation, renewal) is done through your device's subscription settings.
7. App Permissions
sBudget requests only the minimum permissions necessary to function:
Required Permissions
- Local Storage: To store your financial data in the local database
Optional Permissions
- Internet Access: Required only for Sapplify Sync, Sapplify Account sign-in, and subscription validation
- File Access: To export your data to files or import from backup (user-initiated only)
- Notifications: For optional budget alerts and reminders (if you enable them)
Permissions We DO NOT Request
- Camera or microphone access
- Contact list access
- Location services
- Background app refresh (except for sync)
- Health or fitness data
- Calendar access
8. Data Sharing
We are committed to keeping your financial data private. Here's how we handle data sharing:
We DO NOT Share Your Data With
- Advertisers or marketing companies
- Data brokers or analytics firms
- Social media platforms
- Any third party for commercial purposes
Sub-processors
If you have connected a Sapplify Account, the suite-wide list of sub-processors (Supabase, Apple, Google, Resend, Anthropic) applies. The full list, roles, and locations are kept up to date in the Sapplify Account Privacy Policy §6.
If you use sBudget locally without an account, no third party processes your data on our behalf.
Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. All data processing is for the purpose of providing the budgeting service you requested.
User-Initiated Sharing
You have full control over sharing your data:
- Export your data in JSON or CSV format
- Share exported files with anyone you choose
- Generate reports for personal use or to share with financial advisors
Legal Requirements
We may disclose your information if required by law, such as in response to a valid court order or government request. We will notify you of such requests when legally permitted.
9. Data Security
We implement multiple layers of security to protect your financial data:
Local Security
Local Database
Data stored in SQLite on your device's protected storage
Secure Storage
Sensitive settings and tokens stored in platform secure storage (Keychain/Keystore)
Soft Deletes
Deleted data can be recovered locally before permanent removal
Server-Side Security (Sapplify Sync Users)
If you have enabled Sync, server-side security is provided by Sapplify Account: TLS in transit, AES-256 at rest, per-user row-level isolation. See the Sapplify Account Privacy Policy §9 for details.
No end-to-end encryption
Sapplify Sync is not end-to-end encrypted. Your data is encrypted in transit and at rest, but Sapplify-side service-role access could in principle read the contents. Do not use Sync to store information that requires end-to-end encryption.
Conflict Resolution
When syncing across devices, we use a last-write-wins strategy with timestamps to resolve conflicts, ensuring your most recent changes are preserved.
Your Responsibility
To maximize security, we recommend:
- Secure your Sapplify Account with a strong password (or your Apple/Google account if you sign in through them) and two-factor authentication
- Enable device lock screen protection (PIN, password, biometric)
- Keep your device operating system and sBudget app updated
- Sign out from shared or public devices
- Create regular local backups via data export
10. Data Retention & Deletion
Local Data
- Local data remains on your device until you delete it or uninstall the app
- Uninstalling the app removes all local data permanently
- You can clear all local data from within the app settings
Server-Side Data (Sapplify Sync Users)
Server-side sBudget data is held under your Sapplify Account and follows the suite-wide retention policy in the Sapplify Account Privacy Policy §8. Summary:
- Data is kept while your account is active
- If your Sync subscription lapses, server-side data is preserved so you can resume later
- When you delete your Sapplify Account from inside sBudget, all sBudget rows are immediately hard-deleted; encrypted backups age out within 30 days
How to Delete Your Data
Delete Local Data Only
Go to Settings > Data & Privacy > Clear All Data. This removes all transactions, budgets, and settings from your device.
Delete Sapplify Account (and all server-side sBudget data)
Go to Settings > Account > Delete account. This will:
- Immediately hard-delete all your server-side data across every Sapplify app, including sBudget
- Remove your account from our authentication system
- Not cancel your App Store / Google Play subscription — cancel that separately to stop future charges
- Leave your local sBudget data on this device unless you also clear it
See sapplify.com/account-deletion for step-by-step instructions.
Export Before Deletion
We recommend exporting your data before deletion. Go to Settings > Data & Privacy > Export Data to save a backup.
11. Your Rights
You have full control over your personal and financial data:
Access Your Data
You can view all your data within the app at any time. Export functionality allows you to download a complete copy in JSON or CSV format.
Correct Your Data
Edit any transaction, category, budget, or account directly within the app.
Delete Your Data
Delete individual items or your entire account. See the Data Retention & Deletion section for details.
Data Portability
Export your data in standard formats (JSON, CSV) to transfer to other services or for your own records.
Withdraw Consent
You can:
- Sign out to stop syncing while keeping local data
- Delete your Sapplify Account while retaining local data
- Disable notifications at any time
GDPR Rights (EU Users)
If you are in the European Union, you have additional rights under GDPR including:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
For account-level rights (rights of access, erasure, portability over the data held on our servers under your Sapplify Account), see the Sapplify Account Privacy Policy §11.
CCPA/CPRA Rights (California Users)
California residents have the right to:
- Know what personal information is collected
- Request deletion of personal information
- Opt-out of the sale of personal information
- Non-discrimination for exercising privacy rights
We do not sell or share your personal information. We do not "sell" your data as defined by the CCPA, nor do we "share" it for cross-contextual behavioral advertising purposes. We have no advertising in our app and do not monetize your data in any way.
Sensitive Personal Information: Your financial data is considered "Sensitive Personal Information" under California law. We only use this information for the purpose of providing the sBudget budgeting service that you requested. We do not use your sensitive personal information for any secondary purposes, and therefore a "Limit the Use of My Sensitive Personal Information" option is not required.
12. Children's Privacy
sBudget is intended for users who are at least 13 years old. To create a Sapplify Account (required for Sync), you must be at least 16 years old; see the Sapplify Account Privacy Policy §13. In some EU member states, the minimum age for consenting to data processing may be higher (up to 16 years) in accordance with local law under GDPR Article 8.
- If you are under 13, please do not use sBudget
- If you are between 13 and 16, you can use sBudget locally without an account, but you cannot enable Sapplify Sync
- The local-only features can be used without providing any personal information
- Parents or guardians should supervise app usage and help set up appropriate settings
- If we discover we have collected data from a child under 13, we will delete it promptly
If you believe a child under 13 has provided us with personal information, please contact us at contact@sapplify.com.
13. International Users
sBudget is available to users worldwide. Here's how we handle international data:
Local-Only Users
If you use sBudget without Sapplify Sync, your data stays entirely on your device. There are no cross-border data transfers.
Sapplify Sync Users
If you enable Sync, your server-side data is stored in Frankfurt, Germany (EU). International transfers to specific sub-processors (when applicable) are covered by Standard Contractual Clauses; full details in the Sapplify Account Privacy Policy §7.
Supported Languages
sBudget currently supports 15 languages: English, German, French, Italian, Spanish, Portuguese, Dutch, Polish, Czech, Slovak, Turkish, Russian, Japanese, Chinese, Korean.
Supported Currencies
sBudget supports transactions in 150+ currencies, allowing you to track finances in your local currency.
14. Data Breach Notification
We take data security seriously. In the unlikely event of a data breach affecting your personal information, we will:
Notification Process
- Assess the breach: Immediately investigate the scope and impact
- Notify authorities: Report to relevant data protection authorities within 72 hours as required by GDPR Article 33
- Notify affected users: Inform you without undue delay if the breach poses a high risk to your rights and freedoms, as required by GDPR Article 34
- Provide details: Inform you of the nature of the breach, potential consequences, and measures taken
What We Will Communicate
- Description of the breach and data involved
- Likely consequences of the breach
- Measures taken or proposed to address the breach
- Recommendations for protecting yourself
- Contact information for follow-up questions
Your Local Data
Note that data stored only locally on your device is not affected by server-side breaches. This is another benefit of our local-first approach.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, add new features, or comply with legal requirements.
How We Notify You
When we make material changes, we will notify you by:
- Posting an in-app notification when you next open sBudget
- Updating the "Last updated" date at the top of this policy
- Sending an email notification (if you have an account and email notifications enabled)
- Updating the privacy policy in app store descriptions
Your Continued Use
Your continued use of sBudget after changes are posted constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the app and delete your account.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
16. Governing Law
This Privacy Policy and any disputes arising from it are governed by the laws of the Slovak Republic, without regard to conflict of law principles. This does not affect your mandatory consumer protection rights under EU law, which may provide additional protections regardless of the governing law.
Jurisdiction
For users in the European Union, any disputes shall be subject to the jurisdiction of the courts in Slovakia, unless mandatory consumer protection laws in your country of residence provide otherwise.
EU Users
If you are located in the European Union, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your data protection rights.
As we are based in Slovakia, our lead supervisory authority is:
Urad na ochranu osobnych udajov Slovenskej republiky
(Office for Personal Data Protection of the Slovak Republic)
Hranicna 12
820 07 Bratislava 27
Slovak Republic
Website: dataprotection.gov.sk
Email: statny.dozor@pdp.gov.sk
Dispute Resolution
We encourage you to contact us first at contact@sapplify.com to resolve any concerns or disputes. We are committed to working with you to reach a fair resolution.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
General Inquiries: contact@sapplify.com
Privacy & Data Protection: privacy@sapplify.com
We are committed to addressing your privacy concerns and will respond to your inquiry within 30 days.
Data Protection Inquiries
For specific data protection requests (access, deletion, correction), please email us with:
- Your account email address
- A clear description of your request
- Any relevant details to help us locate your data
We may need to verify your identity before processing certain requests to ensure the security of your data.