Budg β Personal and Small Business Financial Control is an application developed and managed by Beatriz Dantas Felice, an independent developer based in Brazil.
By creating an account or using the application, the User declares that they have read, understood, and fully agree with these Terms, and provides free, informed, and unambiguous consent to the processing of their personal data as described in this Privacy Policy.
1. Definitions
User / Data Subject: individual who uses the application.
Controller: Beatriz Dantas Felice, responsible for decisions regarding data processing.
Sub-processor: third party engaged by the Controller to process data on its behalf.
Basic Plan: free tier.
Premium Plan: paid subscription tier.
Subscription Period: monthly or annual term contracted via the App Store or Google Play.
2. Nature of the Service
- Budg is a financial organization tool;
- It is not a financial institution;
- It does not perform banking transactions;
- It does not offer financial advice.
The User is solely responsible for financial decisions made based on the information recorded.
3. Beta Phase
The application may initially operate in a beta version. Features may be modified, removed, or made paid at any time.
The temporary free availability of features does not create any vested rights.
4. Freemium Model and Changes
The developer may:
- Modify features;
- Move features from the free plan to the paid plan;
- Change prices;
- Create or discontinue plans.
There is no obligation to maintain premium features in the free plan.
5. Subscriptions
5.1 Payments
Processed exclusively by Apple or Google.
5.2 Renewal
The subscription may renew automatically according to the store's rules.
5.3 Cancellation
Must be done directly in the store. Deleting the app does not cancel the subscription.
5.4 Refunds
Requests must be submitted to Apple or Google. There are no direct refunds from the developer.
6. User Responsibilities
- Keep data accurate;
- Keep password secure;
- Do not perform reverse engineering;
- Do not use the app for unlawful purposes.
7. Disclaimer of Warranties
The application is provided "as is". There is no guarantee of uninterrupted or error-free operation.
8. Limitation of Liability
The developer shall not be liable for:
- The User's financial decisions;
- Errors entered by the User;
- Third-party failures;
- External technical issues;
- Force majeure events.
9. Suspension or Termination
The account may be suspended without refund in case of violation of these Terms.
Features may be discontinued without compensation.
10. Intellectual Property
All code, trademarks, layouts, and content are protected by copyright. Copying, modification, or reverse engineering is prohibited.
PRIVACY POLICY
This Privacy Policy was prepared in compliance with the Brazilian General Data Protection Law (LGPD β Law No. 13,709/2018).
11. Data Controller
Beatriz Dantas Felice
Independent developer β Brazil
π§ contact@budg.app
To exercise your rights, ask questions about privacy, or submit LGPD-related requests, contact us at the email above.
12. Data Collected and Purpose
| Data | Purpose | Legal Basis (LGPD) |
|---|---|---|
| Name | User identification; display in the app | Contract performance (Art. 7, V) |
| Authentication; notifications and communications | Contract performance (Art. 7, V) | |
| Password (hashed) | Secure authentication | Contract performance (Art. 7, V) |
| Country | Currency and language localization | Contract performance (Art. 7, V) |
| Phone | Optional; account recovery | Consent (Art. 7, I) |
| Date of birth | Optional; report personalization | Consent (Art. 7, I) |
| Tax ID (CPF/CNPJ) | Optional; fiscal identification for the organization | Consent (Art. 7, I) |
| Financial data (transactions, accounts, goals) | Core app functionality | Contract performance (Art. 7, V) |
| Device token (FCM/APNs) | Push notification delivery; removed when user opts out to email-only | Consent (Art. 7, I) |
| Technical and access logs | Security, diagnostics, and service improvement | Legitimate interest (Art. 7, IX) |
| Terms acceptance timestamp | Consent record (LGPD Art. 8) | Legal obligation (Art. 7, II) |
13. Sub-processors (International Data Transfers)
The data described above is processed by the following sub-processors, all located outside Brazil. Transfers are made pursuant to Art. 33 of the LGPD, based on contractual clauses and provider compliance certifications:
| Sub-processor | Country | Data Transferred | Purpose |
|---|---|---|---|
| Supabase Inc. | USA | All registered data (profile, transactions, organization, files) | Database, authentication, file storage |
| Google Firebase (FCM) | USA | Device token; notification title and summary count | Push notification delivery |
| Twilio SendGrid | USA | Email address; financial transaction summary (amount, date, description) | Sending notification emails and transactional communications |
| Cloudflare R2 | USA / EU | User-uploaded files (receipts, photos) | Financial attachment storage |
| Apple / Google | USA | Subscription payment data | In-app payment processing |
14. Data Subject Rights (LGPD Art. 18)
Users may, at any time, exercise the following rights by contacting contact@budg.app:
- Access β confirm the existence of and obtain a copy of the data processed;
- Correction β correct incomplete, inaccurate, or outdated data;
- Anonymization, blocking, or deletion β when processing is unnecessary;
- Portability β export your data in structured format (JSON) directly in the app at Settings β Export My Data;
- Deletion β delete your account directly in the app at Settings β Delete My Account (30-day grace period; automatic permanent deletion after that);
- Consent withdrawal β at any time, without affecting processing already carried out under the prior consent;
- Information about sharing β obtain information about the sub-processors listed above;
- Objection β object to processing carried out on the basis of legitimate interest.
15. Data Deletion and Retention
Users can request account deletion directly in the app (Settings β Delete My Account). After the request:
- The account is marked for deletion and remains restorable for 30 days;
- After 30 days, all data is permanently and automatically deleted in cascade;
- Data required to be retained by law (e.g., tax and accounting records required by tax legislation) may be kept for the legally required period before permanent deletion.
16. Data Security
- Communications protected by TLS/HTTPS;
- Data at rest encrypted by Supabase infrastructure (AES-256);
- Row-Level Security in the database β each user accesses only their own data;
- Multi-factor authentication available via OAuth providers (Google, Apple).
17. Policy Amendments
This Policy may be updated at any time. Material changes will be communicated through the app. Continued use after such notice implies acceptance of the new terms.
18. Governing Law and Jurisdiction
Brazilian law applies, in particular the LGPD (Law No. 13,709/2018) and the Consumer Protection Code (Law No. 8,078/1990). The court of the developer's place of residence is elected as the competent jurisdiction.
19. Version History
05/19/2026 β Full revision for LGPD compliance: legal basis per data type, sub-processors, data subject rights, automated deletion, and data portability.
03/02/2026 β Consolidation of Terms and addition of freemium model and data deletion clauses.