Privacy policy

The Budgeez application (hereinafter the "application") is a B2C mobile application. Its purpose is to make it easier for the natural person user (hereinafter the "user") to manage their personal finances. It allows:

  • • a connection to the user’s bank account(s), thereby retrieving all transactions carried out,
  • • the creation of a monthly budget using envelopes. The user sets a fixed monthly budget, which is used to fund as many envelopes (spending categories defined by the user) as desired. The user can then classify their transactions (debits and credits) into these envelopes, which decrease or increase the virtual available amount.

The Budgeez application operates through the sole proprietorship of Benoit Bauchet, a natural person (hereinafter "the sole proprietorship"). It is located at 22 bis rue de la haute Bercelle, 77300 Fontainebleau. It holds the following SIREN number: 833 404 569 and is exempt from registration with the Trade and Companies Register (RCS) and the Trades Register (RM).

The connection to the user’s bank account(s) is provided by GoCardless SAS, WeWork - 7 rue de Madrid, 75008 Paris (hereinafter "the bank connection provider").

The sole proprietorship, as data controller, implements all measures to process the personal data of its users in accordance with applicable data protection regulations.

What personal data is requested and used?

To enable the user to manage their monthly budget, the application invites them to create an account. Creating an account requires the user to enter their first name, last name, and email.

This data is provided directly by the user and will be kept by the sole proprietorship for the duration of the contractual relationship, which ends when the user’s account is deleted.

To connect their bank accounts, the user is invited by the provider to enter the data required to connect to their online banking space (varies by institution, often the online ID and a password). This bank connection data is not stored by the sole proprietorship.

What data is collected?

    The data collected when using the application includes:
  • • Certain contact details: last name, first name, email address.
  • • Certain financial information: bank account number(s), bank transactions (read-only).
  • • User content: data collected in case of a customer support request.
  • • Identifiers: username
  • • Usage data: Interaction data with the product
  • • Diagnostics: Data collected in case of an app malfunction.

Why is this collection of personal data justified?

Processing the user’s personal data is necessary to pursue the legitimate interest sought by the user, namely the management of their personal finances via aggregation of their bank accounts and categorization of their expenses into budget envelopes.

    The data collected is processed in particular to ensure:
  • • Creation of a personal account in the application;
  • • Retrieval of bank transactions for categorization;
  • • Preparation of statistics to help the user manage their budget;
  • • Offering advice and a personalized interface to the user according to how they manage their money;
  • • Fixing bugs/malfunctions to continuously improve the app;
  • • Sending personalized transactional emails.

How is the collected personal data processed?

All measures are taken to preserve the integrity of personal data processed and published as part of the application, as well as to ensure a sufficient level of security and confidentiality.

Who are the recipients of the collected personal data?

The data is collected by the sole proprietorship of Benoit Bauchet, a natural person (hereinafter "the sole proprietorship"). It is located at 22 bis rue de la haute Bercelle, 77300 Fontainebleau. It holds the following SIREN number: 833 404 569 and is exempt from registration with the Trade and Companies Register (RCS) and the Trades Register (RM).

It is also transmitted to its data hosting provider, Heroku Inc., 650 7th Street, San Francisco, United States.

The connection to the user’s bank account(s) is provided by GoCardless SAS, WeWork - 7 rue de Madrid, 75008 Paris (hereinafter "the bank connection provider"). The passwords to connect to bank accounts do not pass through the sole proprietorship and are therefore in no case stored by the sole proprietorship. The connection to the GoCardless provider allows read-only access to bank transactions. It does not allow any bank transfer or any other action offered by online bank accounts.

The sole proprietorship ensures that sufficient guarantees in terms of personal data protection are in place for each data transfer, including with its service providers.

Any user may, upon simple request to the sole proprietorship, request complete information on the transferred data, the exact recipients of the information, and the measures implemented to govern this transfer.

Where is the collected personal data hosted?

Users are informed that personal data concerning them is hosted by Heroku Inc., 650 7th Street, San Francisco, United States. The data centers used by the sole proprietorship for hosting personal data are located exclusively in the European Union.

How long is the collected personal data kept?

A user’s personal data will be kept for the entire duration of their contract; it will be deleted immediately if the account is deleted.

If the account is not deleted, the user’s personal data will be retained for a period of two (2) years after the last contact with the user. The concept of "last contact" means the date on which the user last visited the application.

What rights do users have over their personal data?

    In accordance with applicable data protection regulations, everyone has the following rights:
  • • a right of access to data concerning them
  • • a right to rectify their personal data
  • • a right to the portability of their personal data
  • • a right to object to the processing of their personal data
  • • a right to the erasure of their personal data
  • • a right to the restriction of processing relating to their personal data
  • • a right to determine the fate of their data in the event of death
  • • a right to withdraw consent for the use of their personal data

How can users exercise their personal data rights?

Anyone can exercise their rights by sending their request to the following email address: [email protected]

The time required to process the request may vary between one and three months, depending on its complexity.

Complaint to the Commission Nationale de l’Informatique et des Libertés (CNIL)

For any complaint relating exclusively to the processing of users’ personal data, it is possible to contact the competent authority in this area and submit a request to the CNIL either on its website www.cnil.fr, or by post at 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.

How can the user delete their account?

The user can delete their account from the Budgeez app, in the "Profile" tab, by clicking the "delete my account" button.

All of their data is deleted immediately.