Your security

Security

How we handle security

When you choose BudgetBuddie, you’re opting for a service that prioritises the security of your personal and financial information above all else. You can trust that your data will be handled with the utmost care, ensuring its confidentiality, integrity, and availability at all times.

Here’s what you can expect from us:

DATA ENCRYPTION

With BudgetBuddie, your data’s safety is our top priority. We utilise industry-leading encryption protocols to protect your information at every step, whether you’re using our app or website. All your data is secured with HTTPS and SSL/TLS encryption, safeguarding it both in transit and at rest.

Every piece of sensitive information, including your financial data, is protected by AES-256 encryption—the gold standard for data security. This robust level of encryption means that even if your data were intercepted, it would remain completely unreadable and secure, providing you with peace of mind knowing your information is always protected. 


SECURE DATA STORAGE

At BudgetBuddie, your data is stored with the highest level of security using advanced technologies. We take proactive steps to ensure your information remains safe by implementing multiple layers of protection, including robust firewalls, secure VPNs, and strategic network segmentation. These measures work together to create a strong defence against unauthorised access, ensuring that your data stays secure and private at all times.


TWO-FACTOR AUTHENTICATION (2FA) FOR ENHANCED PROTECTION

Two-Factor Authentication (2FA) adds an essential layer of security to your account by requiring a second form of verification beyond just a password. This means that only you can access your financial information, even if your password is compromised. By enabling 2FA, you’re actively enhancing the security of your data, ensuring that your account remains accessible only to you, and keeping your sensitive information safe from unauthorised access.


CONTINUOUS MONITORING AND THREAT DETECTION

Your data’s safety is supported by continuous monitoring and advanced threat detection technologies, including a robust Security Information and Event Management (SIEM) solution. This system provides real-time analysis of security alerts, enabling us to detect and respond to suspicious activity swiftly. Our SIEM solution aggregates data from multiple sources, allowing us to identify and address potential threats before they can affect your information. Regular security assessments further enhance our capabilities, and a dedicated security team is always on standby, ready to respond promptly to any incidents, ensuring your data remains protected at all times.


REGULAR SECURITY AUDITS FOR ONGOING PROTECTION

To maintain the highest security standards, regular third-party security audits and penetration tests are conducted. These thorough assessments help identify vulnerabilities and keep defences robust against potential attacks. By staying current with the latest security practices, we ensure that your data is protected by the most reliable and up-to-date measures available.


SECURE APIS TO PROTECT YOUR DATA

Communication between our app and services is conducted through secure APIs, meticulously designed with security as a priority. Strict access controls are implemented, ensuring that only authorised applications and users can interact with your data. This approach safeguards your information by limiting access strictly to those with the necessary permissions, providing you with a secure and reliable experience.


LIMITED PERSONNEL ACCESS

Access to customer data is restricted to a select group of employees. Our support team may access your account to resolve issues efficiently, but you can opt out of this access if preferred. Certain engineering and operations staff also have access as needed to perform their roles effectively.


CREDIT CARD DETAILS

We don’t store your credit card details. Payments are processed through Stripe, a trusted third-party provider that securely stores credit card information using tokenisation. This method allows us to handle payments without retaining your actual card details, ensuring your information is kept safe and compliant. Stripe adheres to the highest standards in payment processing, including PCI-DSS compliance, which adds an extra layer of security for your transactions. For more details, please refer to Stripe's privacy policy.


CONNECTION AND FEED SECURITY

Our data feeds for the financial accounts you connect to BudgetBuddie are strictly read-only, which means we can only access and display your transactions and account balances without the ability to move or alter your accounts in any way.

AKAHU

Akahu is founded, owned and operated here in New Zealand. They provide reliable, secure, and deeply functional account connectivity with NZ banks, Kiwisaver providers, and Share portfolios.

Akahu, our trusted data provider, ensures the connection with BudgetBuddie and your data is managed securely. All information stored by Akahu is encrypted at rest, and your banking credentials are only stored if absolutely necessary, always in an encrypted format. Your credentials are only handled with Akahu, BudgetBuddie never stores or accesses your credentials directly. For more details, please refer to Akahu’s safety measures.


DATA DELETION

We are committed to protecting your privacy, and your financial data is completely deleted from our database in the following situations:

- When your free trial expires, all associated financial data is automatically removed to ensure your information is not retained unnecessarily.
- When you cancel your subscription plan, your data is promptly deleted from our systems.
- When you revoke your connected accounts through Akahu, we immediately remove your financial data to maintain your privacy.

Our goal is to respect your choices and ensure that your data is handled according to your preferences at all times.


PRIVACY BY DESIGN

Our commitment to your privacy starts from the very beginning. We embed privacy and security considerations into every aspect of BudgetBuddie, from initial development to ongoing operations. This proactive approach ensures that your data is handled with care, respecting your privacy at every step. We regularly update our systems to align with the latest privacy standards and regulations, reflecting our dedication to safeguarding your personal and financial information.


YOUR DATA IS YOURS

We believe in the fundamental right to data ownership, and your information is yours alone. We strictly do not support the sale or renting of your data with any third parties and we do not share it with third parties without your explicit consent. At BudgetBuddie, your data is kept private and secure, reinforcing our commitment to your trust and privacy.