Privacy Policy

Last Updated: December 11, 2025

EK Personal Budget Planner ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our budget planning application and services.

1. Information We Collect

1.1 Personal Information

When you create an account, we collect:

• Email address
• Full name
• Country of residence
• Password (stored securely using industry-standard hashing)

1.2 Financial Data

To provide our budgeting services, we store:

• Account names and balances you enter
• Transaction records you create or import
• Budget categories and allocations
• Financial goals and notes

1.3 Payment Information

When you subscribe to our premium services:

• Payment processing is handled by PesaPal (supporting M-Pesa and card payments)
• We do not store your full credit card numbers
• We receive only transaction confirmations and subscription status

1.4 Automatically Collected Information

• IP address and general location (country level)
• Browser type and device information
• Usage patterns and feature interactions
• Error logs for troubleshooting

2. How We Use Your Information

We use your information to:

• Provide and maintain our budgeting services
• Process your subscription and payments
• Send important account notifications
• Respond to your support requests
• Improve our application and services
• Detect and prevent fraud or abuse

3. Data Security

We implement robust security measures:

• Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest
• Secure Authentication: JWT tokens with secure expiration
• Password Protection: Passwords are hashed using bcrypt
• Access Controls: Strict role-based access to data
• Regular Backups: Data is backed up regularly

4. Data Sharing

We do NOT sell your personal information. We only share data with:

• Payment Processors: PesaPal for transaction processing (supports M-Pesa and card payments)
• Service Providers: Hosting and infrastructure providers under strict contracts
• Legal Requirements: When required by law or to protect our rights

5. Your Rights

You have the right to:

• Access: Request a copy of your data
• Correction: Update inaccurate information
• Deletion: Request deletion of your account and data
• Export: Download your data in standard formats
• Opt-out: Unsubscribe from marketing communications

6. Data Retention

We retain your data:

• Active accounts: As long as your account is active
• Deleted accounts: Data is purged within 30 days
• Payment records: As required by law (typically 7 years)
• Logs: Automatically deleted after 90 days

7. Cookies and Tracking

We use essential cookies for:

• Authentication and session management
• Remembering your preferences
• Security and fraud prevention

We do not use third-party advertising cookies.

8. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, please contact us immediately.

9. International Users

Our servers are located in secure data centers. By using our services, you consent to the transfer and processing of your data in these locations. We comply with applicable data protection laws including GDPR principles.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Continued use after changes constitutes acceptance.