Privacy Policy

Pocket Budget by FamilyNexus · Last updated: May 2026 · Applies to budget.familynexus.co.uk

    Short version
    We store only what you enter. We never sell your data. You can download or delete everything at any time from your profile.
  

1. Who we are

Pocket Budget is operated by FamilyNexus, a UK-based service. Contact: hello@familynexus.co.uk

2. What data we collect

Account data: your email address, display name and chosen colour.
Budget data: income and expense entries, savings pots, and chat messages you create.
Usage data: when you last logged in and a daily visit count. No page-level analytics.
Payment data: if you subscribe to Pro, payment is handled entirely by Stripe. We store only your Stripe customer ID and subscription status — never your card details.

3. How we use your data

To provide and operate the Pocket Budget service.
To send verification and password-reset emails (nothing else).
To process Pro subscription billing via Stripe.
To show your budget entries and savings pots to your partner if you share a household.

We do not use your data for advertising, profiling or any third-party analytics.

4. Data sharing

Your data is shared only with:

Your household partner — if you invite a partner, they can see your shared budget entries and savings pots. Private sections are visible only to you. Chat messages are visible to both household members.
Stripe — for payment processing. Stripe's privacy policy: stripe.com/privacy
Microsoft Azure — our hosting provider (West Europe region). Data is processed and stored in the EU/UK.

We never sell, rent or share your data with advertisers or data brokers.

5. Data security

Passwords are hashed with PBKDF2-SHA512 (100,000 iterations + random salt). We cannot read your password.
Sessions use HMAC-signed JWT tokens, transmitted only over HTTPS via HttpOnly cookies.
All connections are encrypted with TLS. HSTS enforced.
Login attempts are rate-limited. Accounts are locked for 15 minutes after 10 failed attempts.

6. Your rights (UK GDPR)

You have the right to:

Access your data — download everything from Profile → Subscription → Download my data.
Delete your account — from Profile → Subscription → Delete account. This removes all your data immediately.
Correct your data — update your display name and email from your profile at any time.
Object or restrict processing — contact us at hello@familynexus.co.uk.
Portability — your data download is in standard JSON format.

7. Data retention

Your data is kept for as long as your account exists. When you delete your account, all personal data is removed immediately. Backups may retain data for up to 7 days.

8. Cookies

We use a single cookie (pbtoken) to keep you logged in. It is:

HttpOnly — not accessible to JavaScript
Secure — transmitted over HTTPS only
SameSite=Strict — not sent cross-site
Expires after 8 hours of inactivity

No tracking cookies. No third-party cookies.

9. Children

Pocket Budget is not intended for users under 16. If you believe a child has created an account, contact us and we will delete it.

10. Changes

We will notify users of material changes by posting a notice in the app. The date at the top of this page shows when it was last updated.

11. Contact

Questions or requests: hello@familynexus.co.uk