Privacy Policy

Understand how we collect, protect, and use your personal data. Your privacy and trust are our priority.

Last Updated:

In this privacy statement, we explain what we do with the data we obtain about you via our BudgetFitter® website (https://budgetfitter.co.uk), our mobile applications (“App”), and our browser extensions (“Extension”). Collectively, these are our “Services”. We recommend you carefully read this statement.

In our processing, we comply with the requirements of privacy legislation, including the UK General Data Protection Regulation (UK GDPR). That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us using the details at the end of this statement.

1. Information We Collect and Why

To provide and improve our Services, we collect information in three main ways:

a) Information You Provide to Us (Primarily for our App users)
  • Account Information: When you create an account in our App, we collect your email address, name (if provided), and chosen authentication method (Email/Password, Google, or Apple). We use this to secure your account, sync your data, and communicate with you.
  • User Preferences: We store a list of the brands you “favourite” to provide you with a personalised “Feed” and send you relevant deal alerts. We also save your notification and newsletter preferences as configured by you in the App’s settings screen.
  • Communications: When you report an issue with a deal or contact us, we process the information you provide to assist you and improve our services.
b) Information Collected Automatically When You Use Our Services (All Platforms)
  • Usage and Interaction Data (Analytics): To understand how our Services are used, we collect anonymised data such as the brands or categories you view, the deal links you click, the terms you search for, your navigation through the App, and crash reports. We use services like Google Analytics and Firebase Analytics for this purpose. Your IP address is anonymised within Google Analytics.
  • Technical Device Data (For the App): To send you push notifications, we collect an anonymous push notification “token” (Firebase Cloud Messaging Token) for your device. This token does not personally identify you or your device.
  • Cookies and Local Storage:
    Website & Extension: We use cookies to ensure the functionality of our services (e.g., remembering your preferences) and to gather usage statistics. For detailed information, please see our Cookie & Tracking Technologies Policy.
    App: If you are not logged in, we temporarily store data like your favourite and recently viewed brands in your device’s local storage. When you log in, this data is synced to your account and cleared from local storage. We also use a local cache to store data from our API to provide a faster experience.
c) Information We Receive from Third Parties (For the App)
  • Social Logins: If you choose to sign in to our App using your Google or Apple account, we receive basic profile information such as your name and email address from these services, as permitted by you on their platform.

2. How We Share Your Information

We do not sell your personal data. We only share your data with other parties (processors) when necessary for the provision of our Services and to comply with our legal obligations. These parties may include:

  • Service Providers: IT and cloud infrastructure providers (e.g., Google Firebase), email service providers, and analytics providers that help us operate our Services.
  • Affiliate Networks and Partners: When you click on a deal link, we redirect you to the respective brand’s website. This action may involve passing through an affiliate network, which uses anonymous tracking (often via cookies) to identify that the referral came from us. This is part of our business model that allows us to offer our Services for free. For more details, see our Disclaimer & Disclosure Policy.
  • Legal and Regulatory Authorities: We may disclose personal information if we are required by law or a court order, or for an investigation on a matter related to public safety.
  • Business Transfers: If our organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have data processing agreements in place with these parties where required to ensure they provide adequate guarantees to protect your data and respect your rights.

3. Data Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. These measures include, but are not limited to:

  • Use of secure, encrypted connections (TLS/SSL) for all data in transit.
  • Implementation of modern web security standards like HSTS and secure DNS settings.
  • Strict access controls to ensure only necessary persons have access to your data.
  • Regular security audits and vulnerability detection.
  • Biometric Sign-In (App only): If you choose to enable Biometric Sign-In, your credentials (email and password) are encrypted and stored locally on your device’s secure enclave (e.g., iOS Keychain or Android Keystore). We never have access to this information, and it is never transmitted to our servers.

4. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

5. Your Rights and Choices

You have full control over your data. You have the following rights:

  • Right to know: You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us. App users can access most of this information directly within the App’s settings.
  • Right to rectification: You have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • Right to revoke consent: If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to data portability: You have the right to request all your personal data from us and transfer it in its entirety to another controller.
  • Right to object: You may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

To exercise these rights, please contact us using the information below. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

App-Specific Choices: Within our App, you can directly manage your preferences for push notifications, newsletter subscriptions, and biometric sign-in from the “Settings” screen. You can also manage your list of “Favourite Brands” from the dedicated tab.

6. Children’s Privacy

Our Services are not designed to attract children and it is not our intent to collect personal data from children under the age of 16. We therefore request that children under this age do not submit any personal data to us. If we learn that we have collected personal data from a child under this age, we will take steps to delete such information.

7. Third-Party Websites

This privacy statement does not apply to third-party websites connected by links on our Services. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

8. Amendments to this Privacy Statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible (for example, by a notice on our website or App, or via email if you are subscribed to our communications).

9. Submitting a Complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

10. Contact Details