Privacy Policy

Last updated: December 12, 2025

1. Introduction

This Privacy Policy describes how Busynest ("we", "us", or "our") collects, uses, stores, and protects your personal information when you use our expense tracking application and related services (the "Service").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: Busynest
Contact: support@busynest.org

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Full name
• Email address (primary and any verified secondary addresses)
• Password (stored securely using one-way encryption)
• Registration date and time
• Terms of Service acceptance timestamp and version

2.2 Expense and Transaction Data

When you use the Service, we collect and store:

• Expense titles, descriptions, amounts, and currencies (GBP, USD, EUR)
• Transaction dates, amounts, and currency information
• Base currency amounts for multi-currency support
• Categories assigned to expenses and transactions
• Notes and comments
• Recurring expense definitions and schedules

2.3 Email Receipts and Attachments

When you forward receipt emails to receipts@busynest.org, we collect:

• Email sender address and verification status
• Email subject line
• Email body (to extract payee information)
• Email delivery timestamp
• File attachments (receipts, invoices, documents)
• Attachment metadata (filename, file size, content type)
• Extracted payee name and email address

2.4 Payment Information

We use Stripe for payment processing. Stripe collects and stores:

• Credit card or payment method details
• Billing address
• Payment transaction history

We do not store full credit card numbers on our servers. We only store:

• Stripe customer ID
• Subscription status (trialing, active, past_due, cancelled, paused)
• Trial end date
• Subscription renewal dates

2.5 Session and Usage Data

We collect technical information to provide and secure the Service:

• IP address
• Browser user agent string
• Session tokens and authentication cookies
• Page views and navigation (via Plausible Analytics - anonymized, no cookies)
• Login and logout timestamps

2.6 Support Communications

When you contact support, we collect:

• Support request content and correspondence
• Any attachments you provide
• Support ticket history

3. How We Collect Information

We collect information through:

• Direct input: When you create an account, enter expenses, or upload files
• Email forwarding: When you send emails to receipts@busynest.org (processed by Mailgun)
• Cookies and sessions: For authentication and user preferences
• Third-party services: Payment information via Stripe, analytics via Plausible
• Automated processing: System logs, error tracking, background jobs

4. How We Use Your Information

We use your information to:

• Provide the Service: Store expenses, process transactions, display analytics
• Process receipt emails: Extract payee information, store attachments, create postings in your inbox
• Handle payments: Process subscription payments via Stripe, manage trial periods
• Send transactional emails: Welcome emails, email verification, trial ending notifications, password resets
• Verify email addresses: Ensure only verified users can use email forwarding features
• Prevent fraud and abuse: Use Cloudflare Turnstile for bot prevention on registration
• Improve the Service: Analyze usage patterns (anonymously via Plausible), fix bugs, add features
• Comply with legal obligations: Respond to legal requests, enforce our Terms of Service

5. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Contract performance: To provide the Service you signed up for (GDPR Article 6(1)(b))
• Legitimate interests: To improve the Service, prevent fraud, and ensure security (GDPR Article 6(1)(f))
• Legal obligations: To comply with tax, accounting, and other legal requirements (GDPR Article 6(1)(c))
• Consent: For optional features like analytics, where applicable (GDPR Article 6(1)(a))

6. Data Storage and Security

6.1 Storage Locations

Your data is stored in the following locations:

• Application database (MySQL): Hosted on our Kubernetes cluster
• File storage (Development): Minio (local S3-compatible storage)
• File storage (Production/Staging): DigitalOcean Spaces (EU region)
• Email processing: Mailgun (temporary processing, logs retained per Mailgun policy)
• Payment data: Stripe (secure payment processing and storage)

6.2 Security Measures

We implement industry-standard security measures:

• Encryption in transit: All data transmitted over HTTPS/TLS
• Encryption at rest: Database and file storage encryption
• Password hashing: Passwords stored using bcrypt one-way hashing
• Access controls: Role-based access, authentication required for all actions
• Session management: Secure session tokens, automatic expiration
• Regular backups: Automated backups for disaster recovery
• Security monitoring: System activity logging and monitoring

6.3 Security Limitations

While we take reasonable precautions, no system is 100% secure. We cannot guarantee:

• That user-uploaded files are free from malware or viruses
• Complete protection against all security threats
• Absolute prevention of unauthorized access

You should exercise caution when downloading or opening attachments, even those you uploaded yourself.

7. Third-Party Services and Data Sharing

We use the following third-party service providers and share data with them as necessary to operate the Service:

7.1 Mailgun (Email Processing)

• Purpose: Process emails forwarded to receipts@busynest.org
• Data shared: Email content, attachments, sender information
• Location: Mailgun data centers
• Privacy policy: mailgun.com/privacy-policy

7.2 DigitalOcean Spaces (File Storage)

• Purpose: Store receipt attachments and uploaded files
• Data shared: File attachments (receipts, invoices, documents)
• Location: EU region (GDPR-compliant)
• Privacy policy: digitalocean.com/legal/privacy-policy

7.3 Stripe (Payment Processing)

• Purpose: Process subscription payments and manage billing
• Data shared: Email address, payment method details, billing address
• Location: Stripe data centers (global, GDPR-compliant)
• Privacy policy: stripe.com/privacy

7.4 Cloudflare Turnstile (CAPTCHA)

• Purpose: Prevent bot registrations and abuse
• Data shared: Browser metadata, IP address (during registration)
• Location: Cloudflare network (global)
• Privacy policy: cloudflare.com/privacypolicy

7.5 Plausible Analytics (Website Analytics)

• Purpose: Understand website traffic and usage patterns
• Data collected: Anonymized page views (no cookies, no personal data)
• Privacy-focused: GDPR-compliant, does not track individuals
• Privacy policy: plausible.io/privacy

7.6 No Selling of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We only share data with service providers as necessary to operate the Service.

8. Email Forwarding Privacy

When you forward receipt emails to receipts@busynest.org:

• We verify that the sender email is associated with a verified Busynest account
• We extract payee information (name and email) from the forwarded email headers
• We process and store attachments that meet our size and format requirements (max 4MB, PDF/images only)
• Failed or oversized attachments generate warning notifications
• Email processing is performed by Mailgun on our behalf
• We do not share email content with third parties except our service providers (Mailgun, DigitalOcean Spaces)
• Emails and attachments are linked to your account and visible only to you

9. Data Retention

9.1 Active Accounts

We retain your data for as long as your account is active and you continue to use the Service.

9.2 Deleted Accounts

When you delete your account:

• Personal data is permanently deleted within 30 days
• Expenses, transactions, and postings are deleted
• Attachments are removed from storage (DigitalOcean Spaces)
• Database backups containing your data are deleted during the next backup cycle (up to 90 days)

9.3 Payment Records

Payment transaction records are retained by Stripe for 7 years to comply with tax and accounting legal requirements.

9.4 Email Processing Logs

Email processing logs (maintained by Mailgun) are retained according to Mailgun's retention policy. We do not control this retention period.

10. Your Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

10.1 Right to Access

You can request a copy of all personal data we hold about you.

10.2 Right to Rectification

You can update or correct your personal information at any time through your account settings.

10.3 Right to Erasure ("Right to Be Forgotten")

You can request deletion of your account and all associated data by contacting support@busynest.org.

10.4 Right to Data Portability

You can request an export of your data in a machine-readable format.

10.5 Right to Object

You can object to processing of your data for legitimate interests or direct marketing purposes.

10.6 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances.

10.7 How to Exercise Your Rights

To exercise any of these rights, please contact us at support@busynest.org with the subject line "Data Protection Request" or "Subject Access Request". We will respond within 30 days.

11. Data Deletion

11.1 Account Deletion Process

To delete your account and all associated data:

1. Export any data you wish to keep (expenses, transactions, receipts)
2. Contact support@busynest.org with the subject "Delete My Account"
3. Confirm your identity and deletion request
4. Your account and data will be permanently deleted within 30 days

11.2 What Gets Deleted

• Account information (name, email, password hash)
• All expenses and transactions
• All postings and inbox items
• All attachments and receipts
• Session data and login history
• Categories and payee information

11.3 What Is Retained

The following may be retained for legal or operational reasons:

• Payment transaction records (Stripe) - retained for 7 years per legal requirements
• System logs required for security audits - retained for up to 90 days
• Anonymized analytics data (Plausible) - not personally identifiable

12. Cookies and Tracking

12.1 Session Cookies

We use session cookies for authentication and to maintain your logged-in state. These cookies are:

• Strictly necessary for the Service to function
• Secure and HTTP-only (not accessible via JavaScript)
• Automatically deleted when you log out or your session expires

12.2 Theme Preference

We store your theme preference (light/dark mode) in browser localStorage. This is stored locally on your device and not transmitted to our servers.

12.3 No Advertising or Tracking Cookies

We do not use:

• Third-party advertising cookies
• Social media tracking pixels
• Cross-site tracking cookies
• Behavioral advertising tools

12.4 Analytics (No Cookies)

We use Plausible Analytics, which does not use cookies and collects only anonymized, aggregated data. Plausible is GDPR-compliant and privacy-focused.

13. International Data Transfers

13.1 Storage Location

Production data is stored in:

• DigitalOcean Spaces: EU region (GDPR-compliant)
• Application servers: EU region (GDPR-compliant)

13.2 Third-Party Processors

Some service providers (Stripe, Mailgun, Cloudflare) operate globally and may process data outside the EU. These providers:

• Are GDPR-compliant
• Use Standard Contractual Clauses (SCCs) or other adequate safeguards
• Implement appropriate technical and organizational security measures

14. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will delete it immediately.

If you believe a child has provided us with personal information, please contact us at support@busynest.org.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

• Sending an email to your registered email address
• Displaying a notice on the Service
• Updating the "Last updated" date at the top of this page

Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

16. Contact and Data Protection Officer

16.1 Contact Information

For privacy-related questions, concerns, or data protection requests:

• Email: support@busynest.org
• Support Form: Contact Us

16.2 Subject Access Requests

To request a copy of your personal data or exercise your GDPR rights, email us at support@busynest.org with the subject line "Subject Access Request". Include:

• Your full name and registered email address
• Specific information or action you are requesting
• Proof of identity (if required for security)

We will respond within 30 days as required by GDPR.

16.3 Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection supervisory authority.

For UK residents, this is the Information Commissioner's Office (ICO): ico.org.uk