1. General

Before using Bilance, you are required to acquaint yourself with the Terms of Use and this Privacy Policy (“Policy”), which regulates the collection, processing, and use of your personal data.

This Policy forms an integral part of the Terms of Use.

Bilance Technology OÜ, registry code 14637103, Estonia (“Bilance”, “Provider”, “we”, “us”) acts as the data controller of your personal data processed in connection with the Bilance application (“Services”).

You agree to provide only accurate, truthful, and up-to-date personal data and to keep it updated.

2. Legal Basis for Processing

Bilance processes your personal data on the following legal bases under the General Data Protection Regulation:

• Performance of a contract

• Legitimate interests

• Consent

Where processing is based on consent, you may withdraw your consent at any time.

3. Service Provision

Bilance processes personal data as necessary to provide the Services.

The purpose of processing is service provision, which includes:

• Creating and maintaining your account

• Providing financial tracking features

• Providing account synchronization

• Delivering insights and financial analysis

• Providing customer support

• Ensuring security and fraud prevention

3.1 Account Data

Minimum personal data required to create and maintain your account includes:

• First name

• Last name

• Email address

• Login credentials

• Language preference

• Currency

• Subscription details

Provision of additional personal data is voluntary and depends on the features you choose to use.

3.2 Financial Data You Provide

If you use financial tracking features, Bilance processes personal financial information based on your input, including:

• Income information

• Expense information

• Budget categories

• Notes and transaction classifications

3.3 Open Banking and Payment Account Synchronization

If you use the payment account synchronization feature, Bilance uses one or more licensed Open Banking Providers under PSD2 to access your payment account data with your explicit consent.

Open Banking Provider means a licensed third-party account information service provider (AISP) that enables secure, read-only access to your payment account data.

Open Banking Providers used by Bilance may include:

• GoCardless SAS

• Enable Banking Oy

When you connect your bank account:

• The Open Banking Provider retrieves your account data directly from your bank.

• Bilance receives account information from the Open Banking Provider.

• Bilance has read-only access only and cannot initiate payments or move your funds.

• Bilance does not store your online banking credentials.

• Authentication takes place directly between you, your bank, and the Open Banking Provider.

Depending on the integration model, the Open Banking Provider may act as an independent data controller or as a data processor under its own privacy policy.

Bilance acts as an independent data controller once the data is received in the application.

Financial data retrieved may include:

• Account number

• Account name

• Account balance

• Currency

• Transaction details (amount, description, counterparty, date)

3.4 Profile and Personalization Data

To provide a more personalized experience and financial insights, you may voluntarily provide additional information such as:

• Profile photo

• Birth date

• Sex

• Family status

• Housing situation

• Education and employment details

• Property and economic information

3.5 Profiling

As part of service provision and improvement, Bilance may use profiling and automated analysis to:

• Categorize transactions

• Generate financial overviews

• Provide personalized insights

• Improve budgeting suggestions

• Develop and test features

Profiling is used solely to provide services.

Bilance does not carry out solely automated decision-making that produces legal effects or similarly significant effects for you.

4. Marketing Communications

Bilance may use your email address obtained during registration to send you direct marketing communications related to the Services.

You may opt out at any time by:

• Clicking the unsubscribe link in the email, or

• Contacting support at help@bilanceapp.com

Where required, marketing communications are sent based on your consent.

5. Service Improvement and Development

Bilance processes personal data based on its legitimate interests to improve, develop, secure, and optimize the Services.

This may include:

• Improving transaction categorisation

• Enhancing financial analytics and AI-driven insights

• Refining algorithms and data models

• Testing and developing new features

• Measuring engagement and feature usage

• Detecting bugs and preventing misuse

For these purposes, Bilance may process personal data, including identifiable personal data, where necessary and proportionate.

Where possible, Bilance applies data minimisation, pseudonymisation, aggregation, or other technical safeguards to reduce privacy risks.

Users have the right to object to processing based on legitimate interests as described in the “Your Rights” section.

This processing does not result in solely automated decision-making producing legal or similarly significant effects.

6. Disclosure of Personal Data

Bilance may disclose personal data in the following circumstances:

6.1 Service Providers

We may share personal data with trusted service providers who assist us in providing, maintaining, and improving the Services. These providers process personal data only under our instructions and are bound by appropriate confidentiality and data protection obligations.

6.2 Legal Requirements

We may disclose personal data if required by law, court order, or regulatory authority.

6.3 Business Transfers

In the event of a merger, acquisition, or restructuring, personal data may be transferred to the relevant parties, subject to confidentiality obligations.

6.4 At Your Request

You may choose to share your information with other account holders (e.g., family members). Bilance is not responsible for the use of data you choose to share.

7. Service Providers

Bilance uses third-party providers to operate the Services. These may include:

Open Banking Providers

• GoCardless SAS, registration No.834422180, is a limited liability company registered under the laws of the French Republic and is operating as an authorized account information service provider, supervised by the French Financial Conduct Authority (Autorité de Contrôle Prudentiel et de Résolution).

• Enable Banking Oy is a Registered Account Information Service Provider regulated by the Finnish Financial Supervisory Authority (FIN-FSA).

Cloud Infrastructure Providers

• Google Cloud Platform

Analytics and Monitoring Providers

Platform and Payment Providers

• Apple App Store

• Google Play Store

The list of service providers may be updated from time to time.

8. Technical Data

Bilance may collect technical data, including:

• Device information

• Operating system

• IP address

• App usage data

• Crash logs

Technical data is used to:

• Ensure security

• Improve performance

• Provide customer support

• Analyze usage

Where possible, technical data is anonymized or aggregated.

9. Location Data

Some features may use location data if enabled on your device. You may disable location access through your device settings. Certain features may not function properly if location access is disabled.

10. Facebook and Google Login

You may sign up using your Facebook or Google account. In that case, Bilance will process the identification details provided by the respective platform according to the permissions you grant.

11. Cookies

Bilance uses cookies and similar technologies to:

• Maintain user sessions

• Ensure security

• Analyze usage

• Personalize content

You may block or delete cookies through your device or browser settings, though some functionality may be affected.

12. Data Security

Personal data is stored and processed electronically on secure servers protected by appropriate technical and organizational measures, including encryption, access controls, and firewall protection.

While Bilance implements industry-standard security measures, no method of electronic storage or transmission is completely secure.

13. Data Retention

Bilance retains personal data only for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.

You may request deletion of your account and personal data at any time by contacting help@bilanceapp.com.

Some data may be retained where required by applicable law or for legitimate business purposes.

14. Your Rights

Under GDPR, you have the right to:

• Access your personal data

• Rectify inaccurate data

• Request erasure of your data

• Restrict processing

• Object to processing based on legitimate interests

• Withdraw consent where processing is based on consent

• Receive your data in a structured, commonly used format (data portability)

To exercise your rights, contact help@bilanceapp.com.

Bilance will respond within 30 days.

If you believe your data is processed unlawfully, you have the right to lodge a complaint with the relevant supervisory authority.

15. Contact Information

If you have any questions regarding this Privacy Policy or data protection matters, please contact: help@bilanceapp.com

This Privacy Policy was last changed in February 2026