Privacy Policy

Last updated: March 23, 2026

1. Introduction

This Privacy Policy explains how HibiBudget ("we") collects, uses, stores, and protects your personal information when using our application. We are committed to maintaining the privacy and security of your data.

2. Data We Collect

We collect the following data when you use the Service:

2.1 Account Data

  • Full name
  • Email address
  • Phone number
  • Password (stored encrypted)
  • Profile photo (optional)
  • Date of birth, gender (optional)
  • Address (optional)
  • Language preference

2.2 Financial Data

  • Transaction data (income, expenses, transfers) manually entered by you
  • Wallet information (name, type, balance)
  • Monthly budgets and savings targets
  • Kakeibo expense categories
  • Receipt/transaction proof photos you upload

2.3 AI & Interaction Data

  • AI Chat Assistant conversation history
  • Spending emotion analysis results
  • AI-generated saving suggestions

2.4 Technical Data

  • IP address
  • Browser and device type
  • Activity log data (login, logout)

3. How We Use Your Data

We use your data to:

  • Provide the Service — display dashboard, transactions, budgets, and monthly reviews
  • AI Insights — analyze spending patterns to provide financial insights and suggestions
  • Notifications — send reminders, budget alerts, and service updates
  • Data export — generate Excel and PDF reports upon your request
  • Service improvement — understand how users use features for improvements
  • Security — detect and prevent unauthorized activities

4. AI Usage & Third Parties

AI Insights features use OpenAI services (GPT-4o-mini) to generate analysis. In this process:

  • Your financial data (transaction summaries, categories, balances) is sent to OpenAI's API for processing
  • Data is transmitted securely and encrypted
  • OpenAI does not store your data for model training per their API policy
  • You can choose not to use AI features

Apart from OpenAI, we do not share your personal data with any third parties, unless required by law.

5. Data Storage & Security

We implement the following security measures:

  • Passwords are stored using bcrypt hashing (cannot be reversed)
  • Communications are encrypted using HTTPS/TLS
  • Database access is restricted and secured
  • Uploaded files (receipts, payment proofs) are stored securely on our servers
  • Sessions automatically expire after periods of inactivity

Your data is stored for as long as your account is active. Upon account deletion, all data will be permanently removed from our systems.

6. Your Rights

You have rights regarding your personal data:

  • Access — You can view all your data through the dashboard and export features
  • Correction — You can modify your profile and transaction data at any time
  • Export — You can export your data to Excel or PDF
  • Deletion — You can delete your account and all related data
  • Withdraw consent — You can stop using AI features at any time

7. Cookies & Local Storage

We use cookies and local storage for:

  • Maintaining your login session (session cookie)
  • Storing language preferences
  • Supporting PWA features (offline support via Service Worker)
  • CSRF tokens for form security

We do not use third-party tracking cookies or advertising cookies.

8. Children's Data

Our Service is not intended for children under 13 years of age. We do not knowingly collect data from children under that age. If you become aware that a child under 13 has created an account, please contact us for deletion.

9. Policy Changes

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or in-app notification. We recommend reviewing this page periodically.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Back to Home ← Terms & Conditions