Privacy Policy
TL;DR: Your financial data stays on your device, encrypted with AES-256 — we never see it. The free version shows ads served by Google AdMob, which collects limited device and ad interaction data (see Section 9). You can remove all ads with a one-time in-app purchase. We do not sell your personal data.
1. Who We Are
Budgeting365 is a personal finance management application available on the Google Play Store, developed and published by:
- Developer: AAS Codeworks (Sole Proprietorship, registered in India)
- Address: Hyderabad, Telangana, India
- Email: support@budgeting365.com
- Website: https://budgeting365.com
2. Scope & Applicability
This Privacy Policy applies to:
- The Budgeting365 mobile application (Android), available on the Google Play Store
- The budgeting365.com website, which serves as an informational landing page for the app
This policy applies to all users (“you”) who download, install, or use the Budgeting365 app, as well as visitors to our website, regardless of geographic location.
This policy does not apply to any third-party websites, services, or applications that may be linked from our website or app (such as the Google Play Store).
3. Definitions
To keep this policy clear, here is what we mean by the following terms:
- “Personal Data” — any information that identifies or can be used to identify a person, directly or indirectly. This includes names, email addresses, IP addresses, device identifiers, financial records, and similar information.
- “Processing” — any action performed on personal data, whether automated or manual. This includes collecting, recording, storing, modifying, retrieving, using, sharing, or deleting data.
- “You” / “User” — any person who downloads, installs, or uses the Budgeting365 app, or visits the budgeting365.com website.
- “We” / “Us” / “Our” — AAS Codeworks, the developer and publisher of Budgeting365.
- “Device” — the smartphone, tablet, or other device on which you install and use the app.
- “SPDI” — Sensitive Personal Data or Information, as defined under the Information Technology (Reasonable Security Practices) Rules, 2011 (India).
4. Data We Collect
🔒 Your Financial Data Stays On-DeviceWe (AAS Codeworks) do not collect your financial data. All transactions, accounts, budgets, goals, and other financial information you enter is stored exclusively on your device, encrypted with AES-256. We do not operate servers or databases that receive your financial information.
However, the free version of Budgeting365 displays advertisements served by Google AdMob. Google’s ad SDK collects limited technical data to serve and measure ads (see Section 9 for full details). Your financial data is never shared with Google or any ad network.
| Data Type | Collected? | Details |
|---|---|---|
| Financial data (transactions, accounts, balances) | No | Stored only on your device, AES-256 encrypted |
| Personal identifiers (email, phone, national ID) | No | Never requested or stored |
| Display name & profile photo | Locally only | A display name and optional profile photo are stored on-device in your encrypted vault. Never transmitted to any server. |
| Household member names | Locally only | Optional “spender” names you enter are stored on-device in your encrypted vault. Never transmitted. |
| Location data | No | No location permissions requested |
| Device identifiers | No | No device fingerprinting |
| IP addresses | No | No server to receive requests |
| Usage analytics | Limited | Google AdMob may collect app interaction data for ad measurement (see Section 9). We do not use any separate analytics SDK. |
| Crash reports | No | No automatic crash reporting by us. Google Play may collect crash data per its own policies. |
| Advertising data | Yes (AdMob) | Google AdMob collects advertising ID, IP address, and ad interaction data to serve and measure ads. See Section 9 for full details. Removable via one-time purchase. |
| Social media data | No | No social logins or social SDKs |
| Form submissions to external services | No | The app has local setup and configuration forms, but no data is ever submitted to any server, service, or third party. |
| Cookies | No | Neither the app nor website uses cookies of any kind |
We (AAS Codeworks) do not collect personal data directly. The Google AdMob SDK embedded in the free version collects limited technical data as described in Section 9. Users who purchase the “Remove Ads” upgrade will have no third-party data collection whatsoever.
5. Legal Basis for Processing
Your financial data is processed exclusively on your device, under your sole control. We act neither as a data controller nor a data processor for your financial information.
For advertising data collected by Google AdMob in the free version, the legal bases are:
- GDPR (EU/EEA/UK): Your explicit consent, obtained via a consent dialog shown before any ads load (Google’s UMP Consent SDK). You may withdraw consent at any time via the in-app settings or by purchasing the “Remove Ads” upgrade.
- CCPA / US state laws: Legitimate interest for non-personalised ads; opt-out available via “Do Not Sell My Personal Information” mechanisms and Android’s ad settings.
- India (IT Act / DPDP Act): AAS Codeworks does not directly process personal data on its servers. Google acts as an independent data controller for ad-related data under its own privacy policy.
Under India’s Digital Personal Data Protection (DPDP) Act, 2023: AAS Codeworks does not process any Digital Personal Data on any server or system it controls. Google LLC processes limited ad-related data as an independent data controller. You remain the sole Data Principal with full control over your financial data.
For Android permissions that require your consent (such as biometric access or camera), the legal basis is your explicit consent, which you grant or deny through Android’s built-in permission dialogs.
6. How Your Data Is Stored
All data you enter into Budgeting365 is stored locally on your device only. Your data is protected by:
- AES-256 encryption — a strong and trusted encryption method used to keep your data safe
- Biometric authentication — optional fingerprint or face unlock
- Password protection — app-level password/PIN lock
- Android Keystore — encryption keys are stored in hardware-backed secure storage
If you uninstall the app, all data is permanently deleted from your device. We have no backup copies of your data because we never receive it.
No employee, contractor, or any person at AAS Codeworks has access to your data. Since your data never leaves your device and we operate no servers, there is zero possibility of internal access.
7. Data Retention
Your data remains on your device for as long as you choose to keep it. There is no automatic expiry or server-side retention schedule because we never receive your data.
- While the app is installed: Your data is retained on your device, encrypted, and accessible only to you.
- When you delete records: Deleted data is removed immediately and permanently from local storage.
- When you uninstall the app: All data is permanently and irreversibly erased from your device by the Android operating system.
We maintain no backups, archives, or copies of your data at any point, because we never receive it in the first place.
8. Permissions We Request
Budgeting365 requests the following Android permissions:
| Permission | Purpose |
|---|---|
| USE_BIOMETRIC / USE_FINGERPRINT | To authenticate you with biometric lock (optional) |
| READ/WRITE_EXTERNAL_STORAGE | To import/export CSV files (Android 9 and below only) |
| INTERNET | Required to serve advertisements via Google AdMob in the free version, for in-app purchase verification, and for security integrity checks. No financial data is ever transmitted. Users who purchase the “Remove Ads” upgrade will have no ad-related network requests. |
| ACCESS_NETWORK_STATE / ACCESS_WIFI_STATE | Used by AdMob and system components to check connectivity status before requesting ads. |
| POST_NOTIFICATIONS | To display bill reminders, budget alerts, and other local notifications you configure. Requested at runtime on Android 13+; you can decline. |
| SCHEDULE_EXACT_ALARM | To schedule bill reminders and recurring transaction notifications at precise times. |
| RECEIVE_BOOT_COMPLETED | To re-schedule pending notification alarms after your device restarts. |
| AD_ID (com.google.android.gms.permission.AD_ID) | Allows Google AdMob to access the Android Advertising ID for ad personalisation and measurement. Not used if you purchase “Remove Ads.” |
| CAMERA | To optionally take a profile photo using your device camera (requested at runtime; you can decline). |
You can revoke any permission at any time through your device’s Settings > Apps > Budgeting365 > Permissions. Revoking a permission may disable the corresponding feature but will not affect the core functionality of the app.
9. Third-Party Services & Advertising
9.1 Google AdMob (Advertising)
The free version of Budgeting365 displays advertisements served by Google AdMob (a service of Google LLC). AdMob is used to support the ongoing development of the app.
What AdMob collects: To serve and measure advertisements, Google’s AdMob SDK may collect the following data from your device:
| Data Type | Purpose | Controller |
|---|---|---|
| Advertising ID (AAID / GAID) | Serve relevant ads and measure ad performance | Google LLC |
| IP address | Approximate geographic targeting and fraud prevention | Google LLC |
| Device information (model, OS version, screen size) | Optimise ad rendering and compatibility | Google LLC |
| App interaction data | Ad impressions, clicks, and viewability measurement | Google LLC |
Important: Your financial data (transactions, accounts, budgets, balances, goals, loans, etc.) is never shared with Google AdMob or any ad network. Only the technical data listed above is collected by Google for advertising purposes.
9.2 Ad Types
Budgeting365 may display the following types of advertisements:
- Banner ads: Small ads displayed at the bottom of certain screens
- Interstitial ads: Full-screen ads shown at natural transition points (e.g., after completing an action). Limited to a maximum of one every few minutes.
- Rewarded ads: Optional video ads that you can choose to watch in exchange for unlocking certain features temporarily
9.3 How to Remove Ads
You can remove all advertisements from Budgeting365 by purchasing the one-time “Remove Ads” in-app upgrade. Once purchased:
- All banner, interstitial, and rewarded ads are permanently disabled
- The AdMob SDK stops collecting any data from your device
- The app reverts to its fully offline, zero-collection state
9.4 Ad Personalisation & Opt-Out
You can control ad personalisation through:
- Android settings: Settings > Google > Ads > “Opt out of Ads Personalization”
- EU/EEA/UK users: A consent dialog is shown before any personalised ads are loaded. You may choose non-personalised ads or withdraw consent at any time.
- Reset Advertising ID: Settings > Google > Ads > “Reset advertising ID”
For more information about how Google processes ad data, see Google’s Advertising Privacy Policy and Google’s Privacy Policy.
9.5 Security Integrity Verification (freeRASP)
Budgeting365 uses freeRASP (by Talsec) for runtime application security protection. This SDK performs on-device checks for root/jailbreak status, app tampering, debugger attachment, and hooking frameworks. The free tier of freeRASP may transmit limited, anonymised device-security telemetry (e.g., threat detection results) to Talsec’s servers for aggregate security analytics. No user-identifiable or financial data is included.
For details, see Talsec’s Privacy Policy. Users who prefer zero external communication can purchase the “Remove Ads” upgrade, though freeRASP security checks will continue to protect your vault.
9.6 Google Play Billing
In-app purchases (such as “Remove Ads”) are processed exclusively through Google Play Billing. AAS Codeworks does not directly collect or process any payment information. All payment data is handled by Google under its own privacy policy.
9.7 Services We Do NOT Use
We do not use:
- Google Analytics or Firebase Analytics
- Facebook SDK or any social media trackers
- Crash reporting tools (Crashlytics, Sentry, etc.)
- Any cloud storage or synchronisation services
- Any embedded third-party content, iframes, or external widgets
The app includes the Google Fonts open-source package for font rendering. Runtime font downloading is disabled — all fonts are bundled within the app itself. No network requests are made to Google Fonts servers.
10. Data Sharing & Sale
We do not sell, rent, or trade your personal or financial data. Your financial information (transactions, accounts, budgets, balances) never leaves your device and is never shared with anyone.
The only data sharing that occurs is between the Google AdMob SDK (embedded in the free version) and Google LLC, for the sole purpose of serving and measuring advertisements. This sharing involves only technical device data (Advertising ID, IP address, device info, ad interactions) — never your financial data.
Under the CCPA, the ad-related data collected by Google AdMob may constitute a “sale” of personal information. You may opt out by: (a) purchasing the “Remove Ads” upgrade, (b) disabling ad personalisation in Android Settings, or (c) resetting your Advertising ID.
Users who purchase the “Remove Ads” upgrade have zero data sharing with any third party.
11. International Data Transfers
Your financial data is stored exclusively on your device and is never transferred internationally or domestically by us.
For advertising data: Google AdMob may transfer the limited technical data it collects (Advertising ID, IP address, device info) to Google servers, which may be located outside your country, including in the United States. Google relies on Standard Contractual Clauses (SCCs) and other approved transfer mechanisms for international data transfers under GDPR. See Google’s data transfer frameworks for details.
Users who purchase the “Remove Ads” upgrade have no international data transfers of any kind.
12. Your Rights
Regardless of where you are located, we respect your data rights. Because all data is stored locally on your device and we have no access to it, you exercise these rights directly through the app:
Under the EU General Data Protection Regulation (GDPR)
- Right of access (Art. 15): All your data is visible within the app at all times.
- Right to rectification (Art. 16): You can edit any record directly in the app.
- Right to erasure (Art. 17): You can delete individual records, categories, or all data from within the app settings, or uninstall the app to erase everything.
- Right to data portability (Art. 20): You can export all your data as CSV files at any time.
- Right to restriction of processing (Art. 18): Since all processing is local, you control it entirely.
- Right to object (Art. 21): No automated processing or profiling occurs.
- Right to withdraw consent: You can withdraw any permission at any time via Android Settings > Apps > Budgeting365 > Permissions. You can also uninstall the app at any time. Withdrawal does not affect data already processed on your device before the withdrawal.
- Right to lodge a complaint: You may lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated.
Under the California Consumer Privacy Act (CCPA) & US State Privacy Laws
- Right to know: We collect no personal information. See Section 4 above.
- Right to delete: Fully supported via in-app deletion and uninstall.
- Right to opt-out of sale: We do not sell personal information to anyone.
- Right to non-discrimination: We do not discriminate against users who exercise their privacy rights.
- These rights also apply under the Virginia CDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, and similar US state privacy laws.
Under India’s Information Technology Act, 2000 & IT Rules, 2011
- Financial data is classified as Sensitive Personal Data or Information (SPDI) under Rule 3 of the IT (Reasonable Security Practices and Procedures and SPDI) Rules, 2011.
- All SPDI is stored locally on your device with AES-256 encryption, which constitutes reasonable security practices under the IT Act.
- We do not collect, store, or process SPDI on any server.
- Under the DPDP Act, 2023: AAS Codeworks does not act as a Data Fiduciary since no Digital Personal Data is processed on our systems. You are the sole Data Principal.
- For grievances, see Section 20 (Grievance Officer) below.
13. Consent & How You Agree
By downloading and using Budgeting365, you acknowledge that you have read and understood this Privacy Policy.
- App usage: By installing the app from Google Play, you agree to the terms of this policy as presented on the app’s Play Store listing and on our website.
- Permissions: Each Android permission is requested individually through the operating system’s standard permission dialog. You can accept or decline each one. We never use pre-checked boxes or hidden consent.
- Marketing: We do not send marketing emails, push notifications, or promotional content. There is no marketing consent to grant or revoke.
- Withdrawal: You may withdraw your agreement at any time by uninstalling the app. You may also revoke individual permissions via Android Settings at any time without affecting the rest of the app.
14. Children’s Privacy
Budgeting365 is designed for users aged 18 and above.
- We do not knowingly target, market to, or collect information from children under 13 (or under 16 in the EU, or under the applicable age in your jurisdiction).
- Since we collect no data at all, there is no risk of children’s data being processed.
- If a parent or guardian believes their child has used the app, no personal data has been collected or sent to us. Uninstalling the app will remove all locally stored data.
- We do not require or implement parental consent mechanisms because no data is collected from any user, regardless of age.
15. Data Export & Deletion
You have full control over your data at all times:
- Export: You can export your data as CSV files at any time from within the app. The exported files are saved to your device’s storage and can be moved anywhere you choose.
- Delete: You can delete individual records, categories, or all data from within the app settings.
- Uninstall: Uninstalling the app permanently and irreversibly removes all data from your device.
Since your data never leaves your device, there is no “account deletion” request needed — you are always in complete control.
16. Security
We take the security of your data seriously. All financial data stored in Budgeting365 is encrypted using AES-256-CBC with HMAC-SHA256 for authenticated encryption. Key derivation uses PBKDF2 with 100,000 iterations. Encryption keys are stored in Android’s hardware-backed Keystore system.
Our security measures include:
- Encryption at rest: All data stored on your device is encrypted with AES-256.
- No server infrastructure: We operate no servers, databases, or cloud services. There is nothing to hack remotely.
- No employee access: No person at AAS Codeworks can access your data, because it never leaves your device.
- No server logging: Since we have no servers, there are no server logs, access logs, or request logs of any kind.
- Website security: Our website (budgeting365.com) is served over HTTPS with TLS encryption for all connections.
However, no method of electronic storage is 100% secure. While we use strong and well-tested methods to protect your data, we cannot guarantee absolute security if your device is physically compromised, rooted, or infected with malware.
17. Breach Notification
Since Budgeting365 does not collect, store, or process any user data on our servers, a traditional “data breach” (where a hacker accesses user data on a company’s servers) is not possible. Accordingly, breach notification obligations under GDPR, DPDP Act, or other regulations apply only to security issues affecting the app’s code itself (such as a vulnerability in encryption or storage), not to user data stored on-device, which we never access or control.
However, if we become aware of:
- A security vulnerability in the app’s encryption or storage mechanism, or
- A compromised version of the app distributed through unofficial channels,
we will:
- Publish a notice on our website (budgeting365.com) within 72 hours of confirmed discovery
- Release a patched update to Google Play as quickly as possible
- Clearly describe the nature of the vulnerability and recommend steps for users
18. Dispute Resolution
If you have a concern or dispute regarding this Privacy Policy or your privacy rights:
- Contact us first: Email support@budgeting365.com. We will respond within 30 days and work to resolve your concern informally.
- Grievance Officer: If you are in India, you may contact the Grievance Officer listed in Section 20 below.
- Supervisory Authority: If you are in the EU/EEA, you may lodge a complaint with your local data protection authority. If you are in India, you may approach the relevant adjudicating officer under the IT Act.
- Jurisdiction: Any unresolved disputes shall be subject to the exclusive jurisdiction of the courts in Hyderabad, Telangana, India.
19. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We will not retroactively reduce your rights without your consent.
If we make significant changes, we will provide clear notice through the app’s Play Store listing and on our website. We encourage you to review this page periodically.
20. Grievance Officer
In accordance with the Information Technology Act, 2000 and the rules made thereunder, the following is designated as the Grievance Officer for the purpose of addressing any discrepancies, grievances, or concerns regarding the processing of information:
- Name: Grievance Officer, AAS Codeworks
- Email: support@budgeting365.com
- Address: Hyderabad, Telangana, India
The Grievance Officer shall address your grievance within 30 days from the date of receipt.
21. Contact Us
If you have any questions or concerns about this Privacy Policy, please contact us:
- Email: support@budgeting365.com
- Website: https://budgeting365.com
For privacy-specific inquiries, please include “Privacy” in your email subject line so we can prioritise your request.
22. Website (budgeting365.com)
This website (budgeting365.com) is a static informational site.
22.1 Advertising (Google AdSense)
This website displays advertisements served by Google AdSense (a service of Google LLC). When you accept cookies via the consent banner, Google AdSense may:
- Set cookies on your browser to serve ads based on your interests and previous visits to this and other websites
- Collect your IP address for approximate geographic targeting and fraud prevention
- Collect device and browser information (user agent, screen size, language) to optimise ad rendering
- Track ad interactions (impressions, clicks) for measurement and billing
No financial data from the Budgeting365 app is involved. The website has no connection to any app data stored on your device.
22.2 Cookie Consent
A cookie consent banner is displayed when you first visit this website. You may:
- Accept: Google AdSense cookies will be set and ads will be displayed
- Reject: No cookies will be set, no ads will be displayed, and no data will be collected
Your choice is stored in your browser’s localStorage (not a cookie) so we can remember
your preference on future visits. You can change your choice at any time by clearing your browser’s
local storage for this site.
22.3 Cookies Used
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| __gads | Google AdSense | Ad serving and frequency capping | 13 months |
| __gpi | Google AdSense | Ad personalisation | 13 months |
| NID / IDE | Google (DoubleClick) | Ad targeting and measurement across Google’s ad network | 6–24 months |
For a complete list of cookies used by Google advertising, see Google’s cookie policy.
22.4 Opt-Out Options
- Reject cookies via our consent banner (no ads or tracking will load)
- Browser settings: Block third-party cookies in your browser preferences
- Google Ad Settings: adssettings.google.com to control ad personalisation
- NAI Opt-Out: optout.networkadvertising.org
22.5 What This Website Does NOT Do
- All fonts are self-hosted — no requests are made to third-party CDNs (such as Google Fonts)
- No user accounts, forms, contact forms, or data submissions exist on this website
- No social media widgets, iframes, or embedded third-party content (other than ads) are loaded
- The website is served over HTTPS with TLS encryption
- We do not use analytics tools (Google Analytics, etc.) on this website
23. Accessibility
We are committed to making both this Privacy Policy and the Budgeting365 app accessible to all users, including those using assistive technologies such as screen readers. We strive to meet WCAG 2.1 Level AA accessibility standards across our website and app.
- This page uses semantic HTML with proper headings, lists, and landmark elements.
- All text meets WCAG 2.1 AA contrast requirements.
- The app supports Android’s built-in accessibility services, including TalkBack.
- The table of contents at the top allows quick navigation to any section.
- If you have difficulty accessing any part of this policy or the app, please contact us at support@budgeting365.com and we will provide the information in an alternative format.
24. Review & Accountability
We commit to reviewing this Privacy Policy at least once per year and whenever we release a significant app update, to ensure it remains accurate and complete.
- Internal review: AAS Codeworks reviews the accuracy of this policy against the actual app behaviour with every major release.
- Accountability: AAS Codeworks is solely responsible for the accuracy and compliance of this Privacy Policy.
- Risk assessment: Given that we collect zero personal data and operate no servers, our privacy risk profile is minimal. We reassess this whenever new features or permissions are added to the app.
25. Cross-References
This Privacy Policy should be read together with:
- Terms of Service — the terms governing your use of Budgeting365
- Google Play Store Listing — the official app listing and Data Safety section
In the event of any conflict between this Privacy Policy and the Terms of Service, this Privacy Policy shall prevail on matters relating to data privacy and protection.