Privacy Policy
Last updated: February 5, 2025
Effective Date: February 5, 2025
1. Introduction and Scope
Xonoko Budget ("Xonoko," "we," "us," or "our") provides this Privacy Policy to explain how we collect, use, disclose, and protect your personal information when you use our budgeting application, website, and related services (collectively, the "Services").
This Privacy Policy applies to all users of our Services, including users in the European Economic Area (EEA), United Kingdom (UK), Switzerland, United States, and other jurisdictions. Where specific laws provide additional rights or requirements, we have included jurisdiction-specific sections below.
By using our Services, you acknowledge that you have read and understood this Privacy Policy.
2. Data Controller Information
For the purposes of data protection laws, Xonoko Budget is the data controller of your personal information.
- Company: Xonoko Budget
- Email: privacy@xonoko.com
- Address: 6 rue de Musset, 75016 Paris, France
As we process data of fewer than 250 employees and our processing is not our core activity involving large-scale systematic monitoring, we are not required to appoint a Data Protection Officer under GDPR Article 37. However, you may contact us at privacy@xonoko.com for any data protection inquiries.
3. Categories of Personal Information We Collect
We collect the following categories of personal information:
3.1 Information You Provide Directly
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email address, password (hashed) | Account creation and authentication |
| Profile Information | Display name, profile picture (optional), preferences | Personalizing your experience |
| Payment Information | Card type, last 4 digits, expiration date, billing address | Processing subscription payments |
| User-Generated Content | Budget names, project names, notes, categories you create | Providing budgeting features |
| Communications | Support tickets, feedback, emails to us | Customer support and service improvement |
3.2 Financial Information from Connected Accounts
When you connect your bank accounts, we access the following through our secure third-party data providers:
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Account name, type, masked account number (last 4 digits), current balance | Displaying account overview |
| Transaction Data | Transaction date, amount, merchant name, category, pending status | Budget tracking and categorization |
| Institution Data | Bank name, connection status | Managing account connections |
Important: We access your financial data in read-only mode. We cannot initiate transactions, transfer money, or make changes to your bank accounts. We never store your bank login credentials — these are handled directly by our certified data aggregation partners.
3.3 Information Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Device Information | Device type, operating system, unique device identifiers, app version | Technical support, security, optimization |
| Usage Data | Features used, screens viewed, actions taken, timestamps | Service improvement, analytics |
| Log Data | IP address (anonymized after 30 days), access times, error logs | Security, debugging, fraud prevention |
4. Legal Bases for Processing (EEA/UK Users)
Under GDPR, we process your personal data based on the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Providing the budgeting service, syncing accounts, categorizing transactions | Contract Performance (Art. 6(1)(b)) — necessary to fulfill our service agreement |
| Processing payments for subscriptions | Contract Performance (Art. 6(1)(b)) |
| AI-powered categorization and predictions | Contract Performance (Art. 6(1)(b)) — core feature of the service |
| Service-related emails (updates, security alerts) | Contract Performance (Art. 6(1)(b)) |
| Security monitoring, fraud prevention | Legitimate Interests (Art. 6(1)(f)) — protecting users and our service |
| Analytics and service improvement | Legitimate Interests (Art. 6(1)(f)) — improving user experience |
| Marketing communications | Consent (Art. 6(1)(a)) — you can opt out anytime |
| Responding to legal requests | Legal Obligation (Art. 6(1)(c)) |
5. How We Use Your Information
We use your personal information for the following purposes:
- Provide Services: Create and manage your account, sync bank accounts, display balances and transactions, track budgets and projects
- AI Features: Automatically categorize transactions, predict recurring expenses, suggest budget improvements (see Section 10 for details)
- Process Payments: Charge subscription fees through RevenueCat and payment processors
- Communicate: Send service updates, security alerts, and respond to support requests
- Improve Services: Analyze usage patterns, fix bugs, develop new features
- Security: Detect fraud, prevent unauthorized access, protect against abuse
- Legal Compliance: Comply with applicable laws, respond to valid legal requests
6. How We Share Your Information
We do not sell your personal information. We share data only in these circumstances:
6.1 Service Providers
| Provider Type | Purpose | Data Shared |
|---|---|---|
| Bank Data Aggregators (e.g., Plaid, Tink) | Securely connect to your bank accounts | Bank credentials flow through them (not stored by us); they provide transaction data to us |
| Payment Processors (Stripe, Apple, Google via RevenueCat) | Process subscription payments | Payment card details, billing address |
| Cloud Infrastructure (EU-based providers for EU users) | Host and store data | All service data (encrypted) |
| Analytics | Understand usage patterns | Anonymized usage data only |
All service providers are bound by data processing agreements that require them to protect your data and use it only for the specified purposes.
6.2 Other Disclosures
- Shared Access: If you use the Horizon plan's shared access feature, other authorized household members can view shared financial data
- Legal Requirements: When required by law, court order, or valid governmental request
- Safety: To protect the rights, safety, or property of Xonoko, our users, or the public
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
- With Your Consent: For any other purpose with your explicit consent
7. Data Retention
We retain your personal information for the following periods:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 30 days after deletion request | Service provision, allow for account recovery |
| Transaction Data | Duration of account + 30 days after deletion | Service provision |
| Payment Records | 7 years after last transaction | Tax and legal compliance |
| Support Communications | 3 years | Quality assurance, dispute resolution |
| Log Data (with IP) | 30 days, then anonymized | Security, debugging |
| Anonymized Analytics | Indefinitely | Service improvement |
8. Data Security
We implement industry-standard security measures:
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- Infrastructure: SOC 2 Type II compliant hosting providers
- Access Controls: Strict role-based access, multi-factor authentication for staff
- Security Testing: Regular penetration testing and vulnerability assessments
- Bank Credentials: We never receive, store, or have access to your bank login credentials
- Read-Only Access: We cannot move money or make changes to your accounts
While we implement robust security measures, no system is completely secure. We will notify you and relevant authorities of any data breach as required by law.
9. International Data Transfers
9.1 For European Users
Your data is stored exclusively in European data centers, operated by European companies. We do not transfer your personal financial data outside the EEA.
For certain service providers (e.g., some analytics tools), if data transfer outside the EEA is necessary, we ensure appropriate safeguards through:
- EU Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- The EU-US Data Privacy Framework (where applicable)
9.2 For US Users
Your data is stored in secure US-based data centers.
10. Automated Decision-Making and AI
We use artificial intelligence and automated processing for:
- Transaction Categorization: Automatically assigning categories to transactions based on merchant names and transaction patterns
- Spending Predictions: Forecasting upcoming recurring charges based on your transaction history
- Budget Suggestions: Recommending budget amounts based on your spending patterns
- Categorization Rules: Suggesting custom rules based on how you manually categorize transactions
Your Control: You can choose your level of AI automation in settings:
- Review all transactions manually
- Review only flagged/unusual transactions
- Let AI handle all categorization automatically
These automated processes do not make decisions that produce legal effects or similarly significantly affect you. They are designed to assist you in budgeting, and you can always override any automated categorization.
11. Your Privacy Rights
11.1 Rights for All Users
Regardless of your location, you can:
- Access your personal data through the app's export feature
- Update or correct your information in account settings
- Delete your account and associated data
- Disconnect bank accounts at any time
- Opt out of marketing communications
11.2 Additional Rights for EEA/UK Users (GDPR)
Under GDPR, you have the right to:
- Access: Request a copy of all personal data we hold about you
- Rectification: Request correction of inaccurate personal data
- Erasure ("Right to be Forgotten"): Request deletion of your personal data
- Restriction: Request that we limit how we use your data
- Portability: Receive your data in a structured, machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for consent-based processing at any time
- Lodge a Complaint: File a complaint with your local Data Protection Authority (e.g., CNIL in France, ICO in UK)
To exercise these rights, contact us at privacy@xonoko.com. We will respond within 30 days.
11.3 Rights for US State Residents
Depending on your state of residence, you may have additional rights under state privacy laws including CCPA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), and others.
California Residents (CCPA/CPRA)
- Right to Know: Request disclosure of personal information collected, sources, purposes, and third parties
- Right to Delete: Request deletion of your personal information
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising
- Right to Limit Use of Sensitive Personal Information: Request we limit use of sensitive categories
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
California "Shine the Light": California residents may request information about disclosures to third parties for direct marketing purposes. We do not make such disclosures.
Do Not Track: Our Services do not currently respond to "Do Not Track" browser signals.
Virginia, Colorado, Connecticut, and Other State Residents
You may have similar rights to access, delete, correct, and opt-out. You also have the right to appeal if we deny your request. To appeal a denied request, contact us at privacy@xonoko.com with the subject "Privacy Rights Appeal."
Authorized Agents
You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization from you and verify their identity.
12. Children's Privacy
Our Services are not intended for children under 16 years of age (or 18 in some jurisdictions). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@xonoko.com, and we will delete it.
13. Third-Party Links
Our Services may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website with a new "Last Updated" date
- Sending an email notification for significant changes
- Displaying a notice in the app
Your continued use of the Services after changes take effect constitutes acceptance of the updated Privacy Policy.
15. Contact Us
For privacy-related questions, requests, or complaints:
- Email: privacy@xonoko.com
- Subject Line: "Privacy Inquiry" or "Privacy Rights Request"
We aim to respond to all requests within 30 days (or sooner as required by applicable law).
Appendix A: US State Privacy Law Disclosures
The following disclosures are required under various US state privacy laws:
Categories of Personal Information Collected (Past 12 Months)
- Identifiers (name, email, IP address)
- Financial Information (account balances, transaction history from linked accounts)
- Commercial Information (subscription history, payment records)
- Internet Activity (usage data, log data)
- Geolocation (general location from IP address)
- Inferences (spending categories, budget recommendations)
Sources of Personal Information
- Directly from you (account registration, user input)
- Your financial institutions (via secure data aggregators)
- Automatically (device and usage data)
Business/Commercial Purposes for Collection
- Providing and improving our Services
- Processing payments
- Security and fraud prevention
- Legal compliance
Categories of Third Parties
- Service providers (payment processors, cloud hosting, analytics)
- Financial data aggregators
- Legal/regulatory authorities (when required by law)
Sale or Sharing of Personal Information
We do not sell your personal information. We do not share personal information for cross-context behavioral advertising.
Sensitive Personal Information
We collect financial account information to provide our Services. This information is used only for the purposes described in this Privacy Policy and is not used to infer characteristics about you.