Legal

Privacy Policy

Last Updated: March 1, 2026  ·  Effective: March 1, 2026

Summary: UrbanPX, LLC takes your privacy seriously. We collect only what we need, never sell your data, and give you full control over your information. Read on for full details.

1. Who We Are

This Privacy Policy applies to the mobile and web applications operated by UrbanPX, LLC ("Company," "we," "our," or "us"), including Almighty Budget and Almighty Split (collectively, the "Services" or "Apps"). Our registered address is in the United States.

For questions about this policy, contact us at support@urbanpx.com.

2. Information We Collect

We collect information you provide directly and information collected automatically when you use our Services.

2a. Information You Provide

Category Examples Purpose
Account Information Name, email address, password (hashed) Account creation and authentication
Profile Data Display name, profile photo (optional) Personalization and social features
Financial Data Budget categories, manual transactions, income amounts Core budgeting and tracking functionality
Split / Group Data Group names, shared expense descriptions, participant lists Bill-splitting and expense sharing
Bank Link Credentials Plaid Link tokens (we never see raw banking credentials) Automated transaction import via Plaid
Payment Information Subscription purchase records (processed by Apple/Google) Subscription management
Support Communications Email messages, in-app feedback Customer support and service improvement

2b. Information Collected Automatically

Category Examples Purpose
Device Information Device type, OS version, unique device identifiers Compatibility and debugging
Usage Data Features used, screens visited, session duration Product improvement and analytics
Log Data IP address, timestamps, error reports Security monitoring and diagnostics
Crash Reports Stack traces, app state at time of crash Bug fixing and stability improvements
Local Storage / IndexedDB Cached preferences, offline data Offline functionality and performance

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and improve the Services — operate core features, fix bugs, and build new functionality.
  • Account management — create and authenticate your account, process subscriptions.
  • Personalization — tailor the experience to your preferences and usage patterns.
  • Cross-app sync — if you use both Almighty Budget and Almighty Split, share relevant data between the two apps with your consent.
  • Communications — send transactional emails (receipts, password resets), and optional product updates if you opt in.
  • Security — detect fraud, unauthorized access, and abuse.
  • Legal compliance — fulfill legal obligations and enforce our Terms of Service.
  • Analytics — understand aggregate usage trends to improve the product (anonymized or pseudonymized where possible).

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

4. Financial Disclaimer

Important: Almighty is a personal finance management tool, not a financial advisor. Nothing in the Services constitutes financial, investment, tax, or legal advice. Always consult a qualified professional before making financial decisions.

Financial data you enter or sync is used exclusively to power the Services' features and is not used to make automated decisions about your creditworthiness or financial eligibility.

5. Data Storage and Protection

Your data is stored on secure servers hosted by Google Firebase (Firestore, Authentication, and Cloud Storage) in the United States. We apply the following security measures:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access control — employees access data only on a need-to-know basis
  • Firebase Security Rules enforce per-user data isolation
  • Regular security reviews and dependency audits
  • Two-factor authentication for administrative access

No method of transmission over the internet is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security.

6. Cross-App Data Flows

When you use both Almighty Budget and Almighty Split with the same account, we may share data between these apps to provide a seamless experience. Specifically:

  • Expenses settled in Almighty Split can be pushed to Almighty Budget as transactions.
  • Budget categories can be referenced when categorizing split expenses.
  • Account balance context may be surfaced across apps for informational purposes.

Cross-app data sharing is opt-in and can be disabled in your account settings at any time. Disabling cross-app sync does not delete existing synced data; you must delete those records separately.

7. Plaid Integration and Bank Data

Almighty Budget uses Plaid Technologies, Inc. to connect to your bank accounts. When you link a bank account:

  • You authenticate directly with Plaid — we never receive or store your bank username or password.
  • Plaid provides us with read-only access to transaction history, account balances, and institution metadata.
  • We store the Plaid access token (encrypted) to refresh your transaction data on your behalf.
  • Bank account numbers are masked (only the last 4 digits are retained).

Plaid's use of your data is governed by Plaid's Privacy Policy. You may revoke Plaid access at any time in Settings → Connected Accounts, or through the Plaid Portal.

8. Data Retention

Data Type Retention Period Notes
Account data Until account deletion + 30 days 30-day grace period for recovery
Financial transactions Until account deletion + 30 days Includes manually entered and synced data
Plaid tokens Until bank disconnection or account deletion Revoked with Plaid upon deletion
Crash / error logs 90 days Anonymized before analysis
Usage analytics 24 months (aggregated) Individual events purged after 90 days
Support communications 3 years Required for dispute resolution
Billing records 7 years Tax and legal compliance

After the applicable retention period, data is securely deleted or anonymized.

9. Third-Party Services

Service Provider Purpose Privacy Policy
Firebase Google LLC Authentication, database, hosting, analytics Google Privacy Policy
Plaid Plaid Technologies, Inc. Bank account connectivity Plaid Privacy Policy
App Store Apple Inc. iOS app distribution, in-app purchases Apple Privacy Policy
Google Play Google LLC Android app distribution, in-app purchases Google Privacy Policy
Sentry Functional Software, Inc. Crash reporting and error monitoring Sentry Privacy Policy
Expo 650 Industries, Inc. React Native app build and delivery Expo Privacy Policy

These third-party services have their own privacy policies and practices. We encourage you to review them.

10. Cookies and Tracking

Our web properties use cookies and similar technologies for authentication, preferences, and analytics. Our mobile apps use on-device storage (AsyncStorage, IndexedDB, LocalStorage) for functionality and offline support.

For full details, see our Cookie Policy.

11. Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct inaccurate or incomplete data.
  • Deletion — request erasure of your personal data ("right to be forgotten").
  • Portability — receive your data in a structured, machine-readable format.
  • Restriction — request that we limit processing of your data.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — withdraw previously given consent at any time.

To exercise any of these rights, email support@urbanpx.com. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before processing requests.

You may also delete your account directly in the app (Settings → Account → Delete Account), which will initiate deletion of your personal data subject to the retention periods above.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights.

Categories of Personal Information Collected

CCPA Category Examples Collected? Sold?
Identifiers Name, email, IP address, device ID Yes No
Personal Records Financial account information Yes No
Internet Activity Usage logs, crash reports Yes No
Geolocation IP-derived approximate location Indirect No
Inferences Spending pattern summaries Yes (internal) No
Sensitive Personal Info Financial account data Yes No

Your CCPA Rights

  • Right to Know — categories and specific pieces of personal information collected.
  • Right to Delete — request deletion of your personal information.
  • Right to Correct — request correction of inaccurate data.
  • Right to Opt-Out of Sale/Sharing — we do not sell or share personal information for cross-context behavioral advertising.
  • Right to Limit Use of Sensitive Personal Information — financial data is used only to provide the Services.
  • Right to Non-Discrimination — we will not discriminate against you for exercising CCPA rights.

To submit a CCPA request, email support@urbanpx.com with "CCPA Request" in the subject line. We do not respond to requests submitted through third-party opt-out services unless legally required.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) or equivalent laws apply.

Legal Basis for Processing

Processing Activity Legal Basis
Account creation and authentication Contract performance (Art. 6(1)(b))
Providing core app features Contract performance (Art. 6(1)(b))
Bank account linking via Plaid Consent (Art. 6(1)(a))
Cross-app data sync Consent (Art. 6(1)(a))
Analytics and product improvement Legitimate interests (Art. 6(1)(f))
Security monitoring Legitimate interests (Art. 6(1)(f))
Marketing emails (opt-in) Consent (Art. 6(1)(a))
Billing records retention Legal obligation (Art. 6(1)(c))

International Data Transfers

Your data is stored and processed in the United States. Transfers from the EEA to the US are made under appropriate safeguards, including Standard Contractual Clauses (SCCs) where applicable with our service providers.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not processed your data in accordance with applicable law.

14. Children's Privacy

The Services are not directed to children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children under these ages. If you believe we have inadvertently collected information from a child, please contact us at support@urbanpx.com and we will promptly delete it.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify you via email (if you have an account) or via an in-app notice.
  • For significant changes, ask for your re-consent where required by law.

Continued use of the Services after the effective date of any changes constitutes acceptance of the updated policy.

16. Contact Us

For privacy-related questions, requests, or concerns:

We aim to respond to all privacy inquiries within 30 calendar days.