Information Arrival Points

Details about you enter our environment through several distinct channels. Each channel represents a different form of interaction, and understanding these pathways helps clarify what we work with and when we receive it.

Registration and Account Formation

When you establish an account with our budgeting platform, we receive identifying elements such as your name, email address, and chosen password. This information arrives directly through the forms you complete. Phone numbers appear when you choose to provide them during account setup or profile configuration.

Financial Connection Authorization

Singapore banking integration requires specific consent pathways. When you authorize connections to financial accounts, we receive transaction histories, account balances, and merchant information. These data streams arrive through secure banking APIs after you've granted permission through your financial institution's authentication process.

We don't receive your actual banking credentials—that authentication occurs entirely within your bank's environment. What reaches us are read-only transaction records and balance snapshots that refresh according to the update frequency you specify.

Budget Configuration Activities

As you set up weekly budgets and categorize spending, we record these preferences and decisions. Category names you create, spending limits you establish, and allocation percentages you define all become part of your profile. These configuration choices help the platform personalize recommendations and track your progress against the parameters you've set.

Communication Exchanges

When you contact our support team at [email protected], message content and associated metadata arrive in our systems. This includes the substance of your inquiry, timestamps, response threads, and any attachments you include to illustrate issues or ask questions.

Platform Interaction Signals

Your use of the platform generates operational data: which features you access, how frequently you log in, what devices you use, and which budget views you consult most often. IP addresses, browser types, and device identifiers arrive automatically through standard web protocols.

Purpose Framework and Operational Necessity

Every piece of information we handle serves specific operational purposes. We've structured our explanation around the actual functions that depend on each data category rather than listing abstract uses.

Service Delivery Requirements

Your email address enables account access recovery and serves as your primary identifier within our system. Without this identifier, we couldn't distinguish your budget configurations from those of other users or send you the weekly summaries you've requested.

Transaction data forms the foundation of budget tracking. When you link a bank account, those transaction records allow the platform to categorize spending, calculate remaining weekly budgets, and identify patterns. This data creates the core value proposition—automated budget monitoring that reflects your actual financial activity.

Personalization Dependencies

Budget preferences and category customizations shape how the platform presents information to you. If you've renamed "Food & Dining" to "Groceries & Meals," that preference ensures consistent terminology throughout your experience. Spending limits you set for each category determine when the system alerts you to approaching thresholds.

Usage patterns inform feature development priorities. When we observe that most users access the mobile interface during specific hours, that insight influences when we schedule maintenance windows to minimize disruption.

Security and Authentication Logic

Login credentials verify your identity each time you access the platform. IP addresses and device information help us detect unusual access patterns that might indicate unauthorized attempts. When someone tries to log into your account from a location or device that doesn't match your typical behavior, these signals trigger additional verification steps.

Regulatory Compliance Obligations

Singapore's Personal Data Protection Act requires us to maintain records demonstrating how we've honored your privacy preferences and consent choices. Transaction records connected to financial services fall under specific retention requirements established by the Monetary Authority of Singapore.

When we receive legal requests for information, certain operational logs help us respond accurately while limiting disclosure to what's specifically required.

Information Handling Practices

Once information arrives in our environment, several different handling processes begin. Some are automated, others require human judgment, and specific categories receive additional protections based on their sensitivity.

Automated Processing Operations

Transaction categorization occurs through algorithmic analysis—merchant names and transaction amounts pass through classification models that assign categories based on patterns. This happens without human review unless you manually recategorize a transaction, which then feeds back into the learning system.

Weekly budget calculations run automatically each Sunday at 23:00 Singapore Time. The system aggregates your week's transactions, compares totals against your established limits, and generates summary reports. These calculations involve reading transaction records and budget parameters but don't modify your underlying financial data.

Human Access Protocols

Our support team can view your account details when you contact them for assistance. This access is limited to specific support personnel who've completed privacy training and signed confidentiality agreements. They can see your budget configurations and transaction categorizations to troubleshoot issues, but they cannot access your raw banking credentials or modify your financial connections.

Engineering staff may access pseudonymized data during system maintenance or feature development. In these cases, identifying details are removed or obscured—they see transaction patterns and budget structures without linking them to specific individuals.

Storage Architecture

Your information resides in databases hosted in Singapore to ensure data residency compliance with local regulations. Financial transaction data receives encryption at rest using AES-256 standards. Database access requires multi-factor authentication and is logged for audit purposes.

Backups occur daily and are retained for 30 days before automatic deletion. These backups include the same information as production systems and receive equivalent security protections.

Cross-Border Considerations

Some supporting infrastructure components operate through international service providers. Email delivery, for instance, routes through servers that may temporarily process message content in various locations. We've selected providers who meet European data protection standards even when handling information originating from Singapore users.

External Information Sharing

Information leaves our direct control in limited, specific circumstances. Understanding when and why this happens helps clarify the boundaries of our stewardship responsibility.

Service Provider Relationships

Banking data aggregation depends on third-party integration services that facilitate connections between our platform and financial institutions. These providers receive the access tokens you generate through bank authentication and use them to retrieve transaction information on our behalf. They're contractually prohibited from using this information for any purpose beyond facilitating the specific integration you've authorized.

Cloud infrastructure providers host our databases and application servers. While they maintain the physical and virtual infrastructure, they don't have logical access to the information stored within—encryption keys remain under our exclusive control.

Email delivery services process message content when we send you notifications, weekly summaries, or support responses. This processing is transient—messages pass through their systems for delivery but aren't retained beyond standard transmission logs.

Legal Requirement Scenarios

Singapore authorities may request information in connection with investigations or regulatory examinations. When legally obligated, we disclose the specific information requested while limiting disclosure to what's explicitly required by the request. These disclosures occur under legal process—court orders, regulatory demands, or statutory obligations.

We evaluate each request to ensure it meets appropriate legal standards before complying. If a request appears overly broad or lacks proper legal foundation, we may challenge it or negotiate narrower scope.

Business Structure Changes

In the event of acquisition, merger, or restructuring, your information might transfer to successor entities. Any such transfer would occur subject to commitments that the receiving organization honor the privacy promises made to you, or alternatively, provide you the opportunity to delete your account before the transfer occurs.

Consent-Based Sharing

If you explicitly authorize us to share information with specific third parties—perhaps to integrate with a financial advisor's platform or export data to another budgeting tool—we'll honor that authorization according to its scope and duration. You can revoke such authorizations through your account settings.

Protection Measures and Residual Risks

Security involves layered defenses rather than absolute guarantees. We've implemented multiple safeguards, but transparency requires acknowledging that risks persist despite protective measures.

Technical Safeguards

• Transport encryption using TLS 1.3 protects information moving between your device and our servers
• Database encryption at rest ensures stored information remains protected even if physical media is compromised
• Access controls limit which personnel and systems can reach specific data categories
• Multi-factor authentication requirements apply to all administrative access
• Regular security assessments identify potential vulnerabilities before they're exploited
• Automated monitoring detects unusual access patterns or potential breach indicators

Organizational Controls

Personnel undergo background verification before receiving access to production systems. Privacy and security training occurs during onboarding and annually thereafter. Access privileges follow least-privilege principles—team members can reach only the information necessary for their specific responsibilities.

Incident response procedures establish clear escalation paths and notification protocols. If we detect unauthorized access or potential data exposure, these procedures govern our response including user notification where appropriate.

Remaining Vulnerabilities

Despite these protections, certain risks remain inherent to any internet-connected service. Sophisticated attackers might discover vulnerabilities we haven't yet identified. Service providers we depend on could experience breaches that affect our operations. Human error—by our team or yours—could create unintended exposures.

Your own security practices significantly influence your risk exposure. Weak passwords, account sharing, or accessing the service from compromised devices can undermine technical safeguards we've implemented. We can protect information within our environment, but we can't control security practices on your devices or networks.

Breach Notification Commitments

If we discover unauthorized access that likely resulted in exposure of your financial or personal information, we'll notify you within 72 hours of confirming the breach. This notification will describe what happened, what information was affected, what steps we're taking in response, and what actions you might consider to protect yourself.

Your Control Options

Several mechanisms exist for you to influence how we handle your information. These controls vary in scope—some affect ongoing processing, others govern retention, and certain options effectively end our relationship.

Access and Review

You can view all information we maintain about you through your account settings. This includes your profile details, linked financial accounts, transaction history, budget configurations, and support communication archives. This access operates through the same interface you use for regular platform functions.

If you believe we maintain information beyond what appears in your account interface, you can request a comprehensive data report. We'll compile and deliver this report within 30 days, formatted as machine-readable JSON files.

Correction Capabilities

You can modify most information directly through account settings—name changes, email updates, phone number adjustments all occur through self-service interfaces. Budget configurations and category customizations remain entirely under your control and can be modified at any time.

Transaction categorizations can be corrected manually. If you notice groceries miscategorized as dining expenses, recategorizing those transactions updates your budget calculations and improves future automated classifications.

Limitation Requests

You can restrict certain processing activities while maintaining your account. If you want to pause automated budget tracking temporarily, you can disable transaction synchronization. This stops new transaction data from arriving without deleting historical records. You can also unlink specific financial accounts while keeping others connected.

Weekly summary emails can be disabled independently from account notifications. You might want transaction alerts but prefer to check budget summaries manually rather than receiving scheduled emails.

Objection and Withdrawal

If you object to specific processing activities, contact our privacy team at [email protected] with details about which activities concern you. We'll evaluate whether we can honor your objection while still providing meaningful service. Some processing is essential to platform functionality—we can't provide budget tracking without analyzing transactions—but other activities might be optional.

You can withdraw consent for financial account access at any time through account settings. This immediately stops transaction synchronization and severs the connection to your bank. Historical transaction data remains available for your reference until you request deletion.

Deletion Procedures

Account deletion requests can be submitted through account settings or by emailing [email protected]. Deletion occurs within 7 business days and removes:

• All personally identifying account information
• Transaction histories and financial data
• Budget configurations and customizations
• Support communication archives
• Usage logs and operational records

Certain information persists in backup systems for up to 30 days before automatic purging. Limited information may be retained longer if required by regulatory obligations—typically just proof that an account existed and when it was deleted, without substantive content.

Retention Duration Logic

Different information categories remain in our systems for varying durations based on operational necessity, user benefit, and regulatory requirements. Understanding these retention periods clarifies how long specific elements persist.

Active Account Information

While your account remains active, we retain all information necessary for service delivery. Transaction histories remain accessible for budgeting reference and historical analysis. Budget configurations persist until you modify them. Support communications remain available for continuity if you contact us about recurring issues.

Inactive Account Handling

If you stop using the platform without formally closing your account, we treat the account as dormant after 18 months of inactivity. At that point, we'll email you asking whether you want to maintain the account or prefer deletion. If you don't respond within 60 days, we'll delete the account and associated information following the same procedures as deliberate closure requests.

Post-Deletion Retention

Most information disappears from production systems within 7 days of account deletion. Backup systems retain copies for up to 30 days before automatic purging. Financial transaction records may be retained in anonymized form for up to 7 years to meet Singapore regulatory requirements—these records contain transaction amounts and categories but are severed from identifying details.

Aggregated Data Persistence

Statistical aggregations derived from user data may persist indefinitely. These aggregations don't identify individuals—they might show that users in a certain age bracket typically allocate 30% of weekly budgets to groceries, but contain no information about specific users. Once data is genuinely anonymized in this way, it falls outside the scope of personal information.

Legal Foundation and Geographic Scope

Our information handling practices rest on several legal foundations depending on the processing activity and information category involved.

Contractual Necessity

Many processing activities occur because they're essential to delivering the budgeting service you've requested. When you create an account, we enter into a service agreement—processing necessary to fulfill that agreement rests on contractual necessity as its legal basis. Transaction analysis, budget calculations, and account access all fall into this category.

Consent Foundations

Financial account connections require your explicit consent—you authorize access through your bank's authentication interface, creating a clear consent record. Marketing communications, where we send them, also depend on consent you can withdraw through unsubscribe links or account preferences.

Legitimate Interests

Certain operational activities rest on legitimate interests—purposes that benefit both you and us, pose minimal privacy impact, and align with reasonable expectations. Fraud detection and security monitoring fall into this category. You expect us to protect your account from unauthorized access, and these protections require analyzing usage patterns.

Platform improvement activities also rely on legitimate interests. Understanding which features users engage with most helps us prioritize development efforts. These analyses use pseudonymized data and don't create individual profiles beyond basic functionality requirements.

Regulatory Compliance

Singapore's Personal Data Protection Act governs our handling of personal data. The Monetary Authority of Singapore establishes specific requirements for financial services providers, including transaction record retention and security standards. Our practices align with these frameworks.

While we primarily operate in Singapore, we've designed our practices to meet European GDPR standards as well. This provides additional protections and ensures consistency if we expand service availability.

Cross-Border Data Movement

Your information primarily remains within Singapore-based infrastructure. Limited cross-border transfers occur when using international service providers for supporting functions like email delivery. These transfers rely on adequacy decisions, standard contractual clauses, or the providers' participation in recognized data protection frameworks.

Children and Eligibility

Our service targets adults managing personal finances. We don't knowingly collect information from individuals under 18 years of age. Account creation requires affirming that you meet this age threshold.

If we discover that someone under 18 has created an account, we'll delete it promptly upon discovery. If you're a parent or guardian who believes a child has provided information to us, contact [email protected] so we can investigate and respond appropriately.

Policy Evolution

This policy may change as our practices evolve, regulations develop, or service features expand. When modifications occur, we'll update the effective date at the top of this document and notify you through email if changes materially affect how we handle your information.

Continued use of the service after receiving change notification constitutes acceptance of the updated practices. If you object to changes, account closure remains available before new practices take effect.

We maintain archived versions of previous policy iterations. If you want to review what privacy commitments applied during a specific past period, contact our privacy team for access to historical versions.