© 2026 Bill-e-Buddy.com. Built by Create Better Things

Get Early Access

Privacy Policy

You are here:
  1. Home
  2. Privacy Policy

Privacy Policy for Bill-E-Buddy

Last Updated: 27th of October 2025

I. Introduction

Bill-E-Buddy (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data (“Data”).

This privacy policy (the “Policy”) explains how we collect, process, store, share, and protect the Data we collect when you use our website, https://bill-e-buddy.com/ (the “Site”), and any of its related services.

We reserve the right to modify this Policy at any time. If we make changes, we will publish the new policy on this page and update the “Last Updated” date. Your continued use of the Site after any changes are posted will constitute your acceptance of the modified Policy.

II. What Data We Collect

We collect your Data to provide and improve our services and to secure our Site. We collect Data in two main ways:

A. Data You Provide to Us

  • Comments: When you leave a comment on the Site, we collect the data shown in the comments form (such as your name, email address, and website).
  • User Accounts: For users that register on our website (if any), we store the personal information you provide in your user profile.
  • Media: If you upload images to the Site, you should avoid uploading images with embedded location data (EXIF GPS). Visitors to the Site can download and extract any location data from images.
  • Surveys and Questionnaires: If you complete a survey, feedback form, waiting list form, or other research questionnaire on our Site (including pre-launch surveys)

B. Data We Collect Automatically

  • Device and Connection Information: When you leave a comment, we automatically collect your IP address and browser user agent string.
  • Cookies: We use cookies and similar technologies to help our Site function and to improve your experience. (See Section IV for details).
  • Password Resets: If you request a password reset, your IP address will be included in the reset email.

If you complete a survey, feedback form, waiting list form, or other research questionnaire on our Site (including pre-launch surveys), we may collect:

  • Your name (if provided)
  • Your email address (if provided)
  • Your responses to survey questions
  • Any optional free-text comments
  • Information about your interest in our services
  • Any demographic information you choose to share

III. How and Why We Use Your Data

Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Legitimate Interests: To develop, improve, and validate our services, including through surveys and research.
  • Consent: Where you provide your email address to receive updates, marketing communications, or launch notifications. You may withdraw your consent at any time.
  • Legal Obligations: Where processing is necessary to comply with applicable law.

We also process your Data for the following purposes:

  • To Provide Our Service: To manage your account, allow you to post comments, and process your requests (like password resets).
  • To Improve Your Experience: To use cookies for your convenience (e.g., saving your details so you don’t have to re-enter them) and to save your screen display choices.
  • To Protect Our Site: To use your IP address and browser data for spam detection and to secure our Site.
  • To Provide Integrated Features: To provide your email hash to the Gravatar service to display your profile picture with your comment, if you use this service.

Data Processing Agreement

This Policy also outlines the terms and conditions under which Bill-e-Buddy, acting as the Controller and Obrenza Ltd, as the Processor, will process Personal Data on behalf of the Controller, consistent with the requirements of applicable data protection laws, including the UK General Data Protection Regulation (“GDPR”).

Hope Macy is 100% subsidiary of Obrenza Ltd. A company incorporated in England and Wales with company number 11942110, and its registered office at W2 Business Centre Wellington House (First Floor), Wellington Street, Cardiff, Wales, CF11 9BE. For the purposes of this privacy policy, any mention of The Processor, Hope Macy or Open Banking integrations shall relate to Obrenza Ltd.

The Processor shall process Personal Data solely on the documented instructions of the Controller. The Processor shall not process Personal Data for any other purpose unless required to do so by applicable law. In such cases, the Processor shall inform the Controller of that legal requirement before processing, unless prohibited from so doing by law.

The Processor shall ensure that all persons authorized to process the Personal Data have committed to confidentiality or are under an appropriate statutory obligation of confidentiality.

The Processor shall implement and maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing the Personal Data. These measures shall be designed to protect Personal Data from unauthorized or unlawful processing, as well as from accidental loss, destruction, or damage.

The Processor shall not engage a sub-processor without the prior specific or general written authorization of the Controller. Where general written authorization is provided, the Processor shall notify the Controller of any intended changes concerning the addition or replacement of sub-processors. The Controller shall have the right to object to such changes. The Processor shall ensure that any sub-processor is bound by a written agreement that imposes data protection obligations no less protective than those contained in this Agreement. The Processor’s currently authorized sub-processors are listed in Appendix 1.

IV. Cookies and Tracking Technologies

  • Comment Cookies: If you leave a comment, you may opt-in to saving your name, email address, and website in cookies. These are for your convenience and last for one year.
  • Session Cookies: We set a temporary cookie on our login page to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
  • Login & Preference Cookies: When you log in, we set cookies to save your login information and screen display choices. Login cookies last for two days, and screen options cookies last for one year. If you select “Remember Me,” your login will persist for two weeks. These cookies are removed if you log out.
  • Editor Cookies: If you edit or publish an article, an additional cookie is saved in your browser. It includes no personal data, simply indicates the post ID of the article you edited, and expires after 1 day.

Cookies are small text files that are automatically stored on your device when you visit our Site. We use cookies for the following specific purposes:

V. Who We Share Your Data With

We do not sell your personal data. We only share your data with third parties in the following limited circumstances:

  • Service Providers: We may share Data with third-party services that help us operate our Site.
  • Spam Detection: Visitor comments may be checked through an automated spam detection service.
  • Gravatar: An anonymized string (a “hash”) created from your email address may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/.
  • Legal & Security: We may disclose your Data if required by law or to protect the rights, property, or safety of Bill-E-Buddy, our users, or others.
  • To Conduct Research and Improve Our Services: To analyse survey responses, understand user needs, validate product ideas, and shape future development of Bill-E-Buddy. Where you provide your email address and opt in, we may also contact you about launch updates or related services.

Participation in surveys is voluntary. You are not required to provide personally identifiable information unless you choose to do so.

VI. How Long We Retain Your Data

We store your Data only for as long as necessary for the purposes for which it was collected.

  • Comments: If you leave a comment, the comment and its metadata are retained indefinitely. This allows us to recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
  • User Accounts: For registered users, we store the personal information provided in their user profile for as long as the account remains active. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
  • Survey Data: Survey responses are retained only for as long as necessary to analyse research findings and support service development. Personal identifiers (such as email addresses) will be deleted when no longer required for the stated purpose, or upon withdrawal of consent.

VII. How We Keep Your Data Secured

We are committed to safeguarding the security of your Data. We implement reasonable administrative, technical, and physical security measures consistent with industry practices to protect your Data from loss, misuse, and unauthorized access or disclosure.
However, please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Data, we cannot guarantee its absolute security.

VIII. Your Rights Over Your Data

You have certain rights regarding the personal data we hold about you.

  • Right to Access: If you have an account on this Site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
  • Right to Erasure: You can also request that we erase any personal data we hold about you.
    This right does not include any data we are obliged to keep for administrative, legal, or security purposes.

To exercise any of these rights, please contact us using the information in Section XI.

Taking into account the nature of the processing, the Processor shall, by appropriate technical and organizational measures, assist the Controller in fulfilling its obligation to respond to requests from data subjects exercising their rights under applicable data protection law.

The Processor shall assist the Controller in ensuring compliance with its obligations under data protection law, including those related to:
Security of processing.
Notification of Personal Data breaches.
Conducting Data Protection Impact Assessments (DPIAs).
Prior consultation with supervisory authorities.

Upon the termination of the services for which the Personal Data was processed, the Processor shall, at the Controller’s choice, delete or return all Personal Data to the Controller and delete all existing copies, unless applicable law requires the storage of such Personal Data.

The Processor shall make available to the Controller all information necessary to demonstrate compliance with the obligations set forth in this Agreement. The Processor shall also allow for and contribute to audits and inspections, including those conducted by the Controller or an auditor mandated by the Controller.

IX. Third-Party Links & Embedded Content

Articles on this Site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These third-party websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction if you have an account and are logged in to that website. We are not responsible for the privacy practices of these other websites and encourage you to read their privacy policies.

The Processor shall release or transfer Personal Data to a third party only upon a specific, documented instruction from the Controller. The Controller warrants that any such instruction is lawful and that the nominated third party has adequate technical and organisational controls in place to protect the Personal Data. Upon completion of the transfer, the Processor’s obligations and liability for the security of that data shall cease. The Processor shall not be responsible for any data breach, security incident, or other loss that occurs after the data has been released to the third party as per the Controller’s instruction. The Controller assumes all responsibility and liability for the lawfulness and security of such a transfer. The third party to whom data is released or transferred to under this clause does not become a sub-processor of the Processor.

Notwithstanding any other clause in this Agreement, the Processor shall have the right to limit or suspend the processing of Personal Data by a sub-processor or any other third party, or to take any other measure it reasonably deems necessary, if it determines that there is a material risk of data loss or a security incident. The Processor shall inform the Controller of such action without undue delay and shall work with the Controller to address the risk.

X. Children’s Privacy

Our Site is not intended for or directed at children under the age of 16. We do not knowingly collect or solicit personal data from anyone under this age. If we learn that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information.

XI. Research and Survey Participation

From time to time, Bill-E-Buddy may invite users to participate in surveys, research questionnaires, or feedback exercises.

These may be conducted directly through our Site or via trusted third-party platforms.

Participation is entirely voluntary.

You may skip questions or stop at any time.

We do not use survey responses for automated decision-making.

We do not sell or trade research data.

Where survey responses are analysed, we may use aggregated or anonymised insights for internal reporting, investor discussions, or product development. These aggregated insights will not identify you personally.

XII. Duration of Processing

The Processor shall only process Personal Data for the duration of the services provided to the Controller. The Controller must provide a documented instruction to the Processor when the processing of Personal Data is to cease, at which point the provisions of Clause 8 (VIII. Your Rights Over Your Data) shall apply.

XIII. 13 Governing Law

This Agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by and construed in accordance with the law of England and Wales.

XV. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: hello@bill-e-buddy.com or use our contact form.

Appendix 1 – List of Authorised Sub-processors

The Controller provides general authorization for the Processor to engage the following sub-processors for the purposes described below. All processing locations are within the UK.

Cloud computing services and business applications / Hosting and storage of data

Amazon Web Services
Google Cloud Services Hosting and storage of data

Provision of payment services, including account information and credit scoring

Hope Macy (subsidiary of Obrenza)

Provision of payment categorisation services UK

Affordwise (subsidiary of Obrenza)

Provision of website and app functions

Create Better Things Ltd

Get involved

© 2026 Bill-e-Buddy.com. Built by Create Better Things