Privacy Policy

The Personal Information Controller (PIC) for Budqo is August Jake Lourenzo Villar, operating as Budqo, with contact address jekiru.dev@gmail.com.

We serve as our own Data Protection Officer (DPO). For all privacy-related concerns, write to: jekiru.dev@gmail.com with the subject line "Data Privacy Request."

Account data: your full name, email address, and a one-way hashed password. We never store your password in a readable form.

Financial records you enter yourself: wallets, envelopes, transactions, goals, debts, recurring templates, salary configuration, and currency preferences. Every record is tied to your account and visible only to you.

Technical and security data: session identifiers, timestamps, IP address, and browser user-agent string. These are used solely to keep your session secure and to investigate potential abuse.

We do not collect government-issued identification numbers, biometric data, health information, or any data from your bank or financial institution. Every number in Budqo is one you typed in yourself.

We process your personal data on the following legal bases under RA 10173:

Contract fulfillment — to create and maintain your account and to deliver the budgeting service you signed up for.

Legitimate interest — to detect fraud, prevent abuse, maintain the security and integrity of the service, and send transactional emails such as password resets.

Consent — where we ask you explicitly before any non-essential processing. You may withdraw consent at any time.

We do not process your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

We do not sell, rent, trade, or share your personal data with third parties for marketing purposes.

We do not connect to your bank, credit card, e-wallet, or any financial institution on your behalf.

We do not run advertising trackers, behavioral analytics, or third-party scripts inside the authenticated app.

To deliver the service, we use the following sub-processors that may process your data:

Supabase (database hosting) — your financial records are stored on a managed PostgreSQL instance located in the Asia-Pacific (Singapore) region. Supabase processes data under its own privacy policy and security certifications.

Vercel (application hosting and content delivery) — the application code runs on Vercel's global serverless infrastructure. Request logs, including IP addresses, may be processed by Vercel.

All sub-processors are contractually bound to protect your data and are prohibited from using it for their own purposes.

Your data may be processed on servers located outside the Philippines (Singapore for the database; United States and other regions for Vercel's CDN). We ensure that such transfers are made with appropriate contractual safeguards consistent with RA 10173.

We retain your personal data for as long as your account is active. If you delete your account, all data associated with it is permanently removed from the primary database immediately.

Encrypted database backups may retain your data for up to 30 days after deletion as part of normal disaster-recovery rotation. Backups are not accessible to application logic.

Technical logs (IP, session, user-agent) are retained for up to 90 days for security purposes, then purged.

All data in transit is encrypted using TLS. Data at rest is encrypted at the storage layer (AES-256) by our database provider.

Passwords are hashed using a modern one-way algorithm and are never stored or transmitted in plain text.

In addition, certain freeform fields you write are encrypted at the application layer with AES-256-GCM before they reach the database. These fields are: transaction notes, wallet names, envelope names, goal names, debt names, and recurring template labels and notes. The encryption key is held only in our application environment, separate from the database, so anyone who obtains a raw database copy or backup cannot read these fields without also obtaining that key.

Application-layer encryption is intentionally limited to freeform text where you tend to write personal context ("therapy", "loan to mom", a real bank or lender name, a specific person's name). Numeric values — amounts, balances, dates, categories — are not encrypted at the application layer because the app needs to compute sums, ranges, and reports against them. Those values remain protected by storage-layer encryption (AES-256 at rest, TLS in transit) and by the access controls of our database provider.

In the event of a data breach that is likely to result in unauthorized disclosure of your personal data, we will notify you and the National Privacy Commission (NPC) within 72 hours of discovery, as required by RA 10173.

You have the following rights with respect to your personal data:

Right to be informed — to know how your data is being collected, processed, and used. This policy fulfills that obligation.

Right of access — to request a copy of the personal data we hold about you. Use Settings → Export data for an immediate JSON export, or write to us.

Right to rectification — to have inaccurate or incomplete personal data corrected. You may update your name and email directly from your account settings.

Right to erasure or blocking — to have your personal data deleted when it is no longer necessary for the purpose it was collected, or when processing is based on consent you have withdrawn. Use Settings → Delete account for immediate, permanent deletion.

Right to data portability — to receive your personal data in a structured, commonly used, machine-readable format. Use Settings → Export data.

Right to object — to object to the processing of your personal data for purposes other than those stated here.

Right to lodge a complaint — if you believe your rights have been violated, you may file a complaint with the National Privacy Commission at www.privacy.gov.ph.

To exercise any of these rights, contact us at jekiru.dev@gmail.com with the subject line "Data Privacy Request." We will respond within 15 business days.

We use a single session cookie (an HttpOnly, Secure, SameSite=Lax cookie) strictly to keep you signed in. We do not use advertising cookies, tracking pixels, or third-party cookies.

You may clear this cookie at any time by signing out. Blocking cookies will prevent you from logging in.

Budqo is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account, contact us and we will delete it promptly.

We will update the "last updated" date at the top of this page whenever we make changes. For material changes — those that significantly affect your rights or how we use your data — we will send an email notification at least 14 days before the change takes effect.

Continued use of Budqo after the effective date constitutes acceptance of the updated policy.

For all privacy-related questions, requests, or concerns: jekiru.dev@gmail.com — subject line "Data Privacy Request."

National Privacy Commission (Philippines): www.privacy.gov.ph · Telefax: +63 2 8234-2228.