Privacy Policy

Operated by Buddy Labs Inc. · privacy@buddylabs.ca

Last updated · May 19, 2026

1. What We Collect — Local-Only Mode (No Account)

If you use Finance Buddy without signing in, all financial data you enter — including income, account balances, debt amounts, expense figures, and pay logs — is stored exclusively on your device using browser local storage.

This data is never transmitted to Finance Buddy's servers, never accessible to us, and never shared with any third party for any purpose.

2. What We Collect — Signed-In Mode (Cloud Sync)

When you sign in with email or Google, we sync your app state to Supabase (Canada region) so you can access it across devices. The synced state includes the same financial data you would have stored locally: profile, income, accounts, debts, holdings, expenses, AI-conversation history, alerts, and Pro entitlement.

We never sell, rent, or share this data with advertisers or marketers.

3. Authentication Providers

We support two passwordless sign-in methods: email magic-link OTP via Supabase Auth, and Google OAuth. We never see or store your password. From Google we receive only your email address, which is used as your Finance Buddy account identifier.

4. What We Do NOT Collect

Bank account credentials (no Plaid; brokerage links via SnapTrade are read-only and broker-managed)
Credit card numbers (subscriptions handled by Apple App Store / Google Play)
Social security / SIN / passport numbers
Government IDs of any kind
Precise device location (no GPS, no IP geolocation for personalisation)
Photos or videos beyond what you explicitly capture for the on-device receipt scanner (see Section 9b)

5. AI Assistant — Third-Party Data Processing

The AI portfolio builder, AI coach, and AI moderation pipeline are powered by Anthropic's Claude API. The portion of your prompt and relevant portfolio context required for each request is sent to Anthropic. Anthropic's privacy policy applies; per their terms, Claude API inputs are not used to train models.

6. Optional Pseudonymous Analytics (Opt-In Only)

If you opt in to anonymous analytics in Settings, we use PostHog to record event-level interactions (e.g. "opened budget tab", "completed onboarding step 3"). Events are tied to your Supabase user ID (UUID) but not to your email or any financial figures. You can opt out at any time.

6b. Local Storage & Session Storage

Finance Buddy uses browser local storage to persist your app state on the device, and session storage to coordinate auth-flow intent across the OAuth round-trip. We do not use third-party cookies for tracking.

7. How We Use Your Data

Provide the core app functionality (track finances, build portfolios, give AI guidance)
Authenticate you and sync your data across devices
Send service-critical notifications (bill reminders, price alerts, goal milestones) only if you opt in
Investigate fraud, abuse, or technical issues you report
Improve the product based on aggregate, non-individual usage patterns (only when you opt in to analytics)

8. Brokerage Connections (SnapTrade)

If you connect a brokerage account via SnapTrade, you authenticate directly with your broker; SnapTrade brokers the read-only handshake. Finance Buddy receives only the holdings + balance data SnapTrade returns. We never see, store, or transmit your broker credentials.

8b. Family Plan Data Sharing

Pro users can create a Family Plan. While on a Family Plan, member emails are visible to all members of the plan. Aggregate net worth (a single rounded total) is shared only if you explicitly opt in via the per-user "share net worth" toggle. No other financial data (holdings, transactions, debts, income, expenses, AI history, alerts) is shared. Each member retains a fully independent profile.

9. Third-Party Services

Supabase — Cloud database + authentication. Data stored in Canada. supabase.com/privacy
Anthropic (Claude API) — AI features. Data processed in the US. anthropic.com/privacy
Google (OAuth) — Sign-in. Only your email is received. policies.google.com/privacy
SnapTrade — Read-only brokerage connection. Data processed in Canada. snaptrade.com/privacy
Yahoo Finance — Public ETF prices. No personal data sent.
RevenueCat — App Store / Play subscriptions. revenuecat.com/privacy
Vercel — Hosting + serverless API. Data processed in the US. vercel.com/legal/privacy-policy
Sentry — Error reporting. Data processed in the US. sentry.io/privacy
PostHog — Opt-in analytics only. posthog.com/privacy
Firebase Cloud Messaging (FCM) — Android push notifications. firebase.google.com/support/privacy
Apple Push Notification Service (APNs) — iOS push notifications. apple.com/legal/privacy

Cross-border transfer notice: Several processors above operate in the United States. By using Finance Buddy, you consent to the transfer of your data to those jurisdictions for the purposes described, as required under PIPEDA s.4.1.3 and Quebec Law 25 art. 17.

9b. Device Permissions (Mobile App)

The Android and iOS apps request the following device permissions only when you use the corresponding feature. None of these are used for tracking or advertising.

CAMERA (android.permission.CAMERA / NSCameraUsageDescription) — Required for the optional Receipt Scanner feature (Money tab → Add expense → Scan receipt). When you tap Scan, the camera opens to capture a photo of a paper receipt. Optical character recognition (OCR) runs entirely on your device using Google ML Kit Text Recognition; the receipt image and extracted text never leave your device. We never upload, store, or transmit receipt photos to our servers or to any third party. Only the categorized expense fields (merchant, amount, date) you confirm are saved to your local app data — and synced to your cloud account if you are signed in.
PHOTOS / STORAGE (READ_MEDIA_IMAGES on Android, Photo Library access on iOS) — Optional, used only if you choose to import an existing receipt image from your photo library instead of taking a new photo. Same on-device OCR pipeline as above; the source image is never uploaded.
PUSH NOTIFICATIONS (POST_NOTIFICATIONS on Android 13+, iOS notification prompt) — Optional. Used to deliver bill reminders, price alerts, and goal milestones. See Section 9 for FCM/APNs details.
INTERNET — Required for cloud sync, AI features, and live ETF prices. No always-on background access.

You can revoke each of these at any time via your device's system Settings → Apps → Finance Buddy → Permissions. Revoking CAMERA or Photos disables Receipt Scanner; the rest of the app continues to work normally.

10. Data Retention and Deletion

Local data remains on your device until you uninstall the app or use Reset App Data in Settings. Cloud account data may be permanently deleted instantly via Settings → Account → Delete My Account & Data, or by emailing privacy@buddylabs.ca with "Data Deletion Request" in the subject line.

11. Security

All data in transit is encrypted using TLS 1.2 or higher. Cloud data is encrypted at rest in Supabase. We use Row Level Security so users can only access their own data. No passwords are stored — authentication is passwordless. Data breach notifications, where applicable, follow PIPEDA's 72-hour rule.

12. Operator Access (Service Operations)

Authorised Buddy Labs personnel may access account-level metadata (email, signup date, last activity, country, Pro status, item counts) only for support, abuse investigation, or technical issue resolution. Dollar amounts are never viewed through the operator interface. Every state-changing operator action is recorded in an internal audit log.

13. Your Rights

Canadian users (PIPEDA / Quebec Law 25) — Access, correct, or request deletion of your personal information. Contact privacy@buddylabs.ca.
California users (CCPA / CPRA) — Know, opt out of sale (we do not sell), request deletion, non-discrimination for exercising rights.
All users — Withdraw analytics consent or delete your account at any time.

14. Children's Privacy (COPPA)

Finance Buddy is not directed at children under 13 and we do not knowingly collect personal information from children under 13 without verifiable parental consent.

15. Affiliate Links

Finance Buddy may include affiliate or referral links to third-party brokers such as Questrade and Wealthsimple. If you open an account or transact through these links, we may receive compensation. Your financial data is never shared with these brokers via this app.

16. Changes to This Policy

We may update this Privacy Policy as the app evolves. Material changes will be communicated in-app before they take effect. Continued use after the effective date constitutes acceptance.

Contact & Privacy Officer

Buddy Labs Inc.
privacy@buddylabs.ca

For privacy inquiries, data access, or correction requests under PIPEDA and Quebec Law 25, contact our Privacy Officer at privacy@buddylabs.ca. We respond within 30 days.