1. Core privacy principles
- No account is required for core usage
- No cloud dependency is required to manage ledgers and expenses
- Data is stored locally on your device by default
- Optional features are opt-in and permission-based
2. Information we process
BPFSOne processes data you create in the app, including city ledgers, expense entries, categories, planned or unplanned flags, budget targets, and planning items saved in Explore.
We may also process limited technical information needed for stable app operation, such as app version and device state related to error handling.
3. Why this data is used
- To store and display your records accurately
- To calculate burn status, trends, and budget progress
- To support export actions that you explicitly trigger
- To maintain performance, reliability, and usability
4. Local-first storage model
Core finance records remain on your device. BPFSOne is designed so that daily usage does not require account registration or continuous cloud services.
If future optional online services are introduced, they will be clearly labeled and separated from local-first core workflows.
5. Permissions
Optional permissions are requested only when you choose related features. You can deny optional permissions and still use baseline budgeting workflows.
Permission choices can be managed in your device settings at any time.
6. Data retention and deletion
Your records remain available on your device until you edit or delete them, clear app data, or uninstall the app. You control retention in normal use.
Exported files are managed by you after export and follow your device or storage location rules.
7. Data sharing and third parties
BPFSOne does not sell personal data. We do not share your core finance records with third parties for advertising purposes.
If a third-party component is required for a specific optional feature, only the minimum data required for that feature will be used.
8. Security
We apply reasonable technical and organizational safeguards intended to reduce unauthorized access and accidental loss. No system can guarantee absolute security, so users should also keep their devices protected.
9. Children and age requirements
BPFSOne is not directed to children under the age required by local law for independent digital consent. If you believe inappropriate data was provided by a child, contact us for follow-up.
10. International use
If you use BPFSOne in a different country or region, local privacy laws may apply in addition to this policy. You are responsible for compliance with local legal requirements where relevant.
11. Policy updates
We may revise this Privacy Policy when product features, legal requirements, or operational needs change. Material updates will be reflected by updating the \"Last updated\" date on this page.
12. Data export and user control
You can export current city data to CSV at any time for backup or personal analysis, and you can remove records directly inside the app.
13. Contact
Privacy inquiries: [email protected]