Sierra Digital Forge

Mia Budget Buddy  ›  Privacy Policy

Privacy Policy for Mia Budget Buddy

Effective date: 2026-05-17 Last updated: 2026-05-17

This Privacy Policy describes how Sierra Digital Forge LLC (“Sierra Digital Forge,” “we,” “us,” or “our”) collects, uses, and shares information when you use the Mia Budget Buddy mobile application (the “App”). By installing or using the App, you agree to the practices described below.

Contact: privacy@sierradigitalforge.com Developer address (for Play Store listing): Sierra Digital Forge LLC, c/o Northwest Registered Agent LLC, 732 S. 6th St., Suite N, Las Vegas, NV 89101, USA Play Store package: com.rwarre.miabudgetbuddy

Play Store account-deletion route (Google’s “Data deletion URL” requirement)

In compliance with Google Play’s account-deletion disclosure requirements, you have two paths to delete every record we (or Firebase, our backend provider) hold about you:

  1. In-app: open the App and tap Settings → Account → Delete Account & Wipe Data. This wipes the device immediately and triggers backend deletion within 30 days.
  2. By email: send a deletion request to privacy@sierradigitalforge.com with the subject “Delete My Mia Account.” We respond within 5 business days and complete deletion within 30 days.
  3. Public web page: a permanent summary of this route is hosted at https://sierradigitalforge.com/apps/mia-budget-buddy/delete-account (the URL also listed on the Play Store listing).

The hosted versions of this Privacy Policy, the Terms of Service, the Community Guidelines, the COPPA Policy, and the Refund Policy live under https://sierradigitalforge.com/apps/mia-budget-buddy/.

1. Summary

Mia Budget Buddy is a personal budgeting, debt-payoff, and household-management app. The App is designed to be local-first for your financial records: budgets, transactions, receipts, shopping lists, recipes, and goals are stored on your device by default.

A small set of cloud services support specific features:

  • Account credentials (the email/password or sign-in identity you use to access the App) are managed by Google Firebase Authentication.
  • Community features are opt-in. If you enable them, the information you choose to publish is stored on our backend so other users can see it.
  • Bank-account linking is provided by Plaid when you choose to connect a financial institution.
  • Receipts, recipes, voice, and merchant lookups may be processed by third-party AI and mapping services as described in Section 5.

We do not sell your personal information. We do not display third-party advertising in the App. We do not run analytics SDKs that track your activity across other apps or websites.

2. Information We Collect

2.1 Information You Provide Directly

  • Account credentials: the email address and password, or third-party sign-in identity (such as Google), that you use to create and access your account. Credentials are managed by Google Firebase Authentication (Section 5.7).
  • Profile information: the display name you enter during onboarding, and any avatar or profile fields you set.
  • Financial information you enter or import: budget amounts, budgeting method preference, income, transactions, debt balances and terms, payment history, savings goals, and category assignments.
  • Receipts and attachments: photos or PDFs of receipts, invoices, bills of lading, and product labels you capture or import.
  • Recipes and lists: recipe text and images, shopping lists, and list items.
  • Voice input: when you use the voice-capture feature, your spoken audio is transcribed to text.
  • Photos of products and barcodes: when you use the universal capture feature to scan a product or barcode.

2.2 Information Collected Automatically

  • App-local preferences and state: the App stores your settings, tab defaults, drag positions for floating UI elements, and similar local state on your device.
  • Diagnostic logs: the App writes runtime logs (Android logcat) on your device to help diagnose issues. These logs remain on your device unless you choose to share them with us.

We do not collect device identifiers (such as advertising ID) for tracking, and we do not embed third-party analytics SDKs.

2.3 Permissions the App Requests

Permissions are requested only when you use the feature that needs them, and can be revoked in your device settings.

PermissionWhy the App requests it
CameraCapture receipts, recipes, product labels, and barcodes
Microphone / Record AudioVoice input for capture, search, and conversational features
Photos and mediaImport existing photos when you choose to attach one to a record
Location (approximate / precise)Look up nearby merchants when you tag a transaction
CalendarOptional — read/write reminders for bill due dates and goal milestones, if you connect a Google account
InternetCommunicate with the third-party services in Section 5

3. How We Use Your Information

We use information you provide to:

  • Operate the core budgeting, debt-payoff, goals, lists, and recipe features.
  • Categorize transactions and learn your merchant → category preferences locally on your device.
  • Generate spoken responses and prompts from the in-app assistant (“Mia”).
  • Extract line items, totals, and merchant data from receipts and invoices.
  • Look up product information from a scanned barcode.
  • Provide bill and goal reminders through your calendar (only if you opt in).
  • Diagnose crashes and bugs you choose to report to us.

We do not use your information for advertising, profiling for third-party marketing, or sale to data brokers.

4. Where Your Data Is Stored

  • On your device: The primary copy of your financial records — budgets, transactions, debts, goals, receipts, recipes, lists, and preferences — lives in App-private storage on your device. Receipt and recipe files are kept in App-scoped external storage under Android/data/com.rwarre.miabudgetbuddy/files/DCIM/MiaBudgetBuddy/, which is not browsable from your photo gallery and is removed automatically when you uninstall the App.
  • On our backend (Firebase): Your account credentials and authentication state are stored by Google Firebase Authentication. If you opt in to Community features (Section 6), the specific information you choose to publish there is also stored on our Firebase-backed infrastructure so it can be shown to other users.
  • In transit to third parties: Some features (Section 5) send specific data to third-party processors over HTTPS. Those processors handle the data under their own privacy policies.
  • What is NOT on our backend by default: your budgets, individual transactions, receipts, recipe contents, shopping-list contents, and debt balances are not uploaded to our servers unless you explicitly share them through a Community surface.

5. Third-Party Services

The App integrates the following third-party services. We send only the data described below, and only when you use the corresponding feature.

5.1 Google Gemini (AI processing)

Data sent: the image or text content of the item you capture (receipt, recipe, product label, barcode result) and a generic prompt. No display name, no historical transactions, no account identifiers. Purpose: extract structured fields (merchant, date, total, line items, recipe ingredients, product category). Provider policy: Google AI / Gemini API terms and privacy policy.

5.2 ElevenLabs (text-to-speech)

Data sent: short text strings spoken by the in-app assistant. Purpose: generate natural-sounding voice output. If ElevenLabs is unavailable or disabled, the App falls back to the on-device system text-to-speech engine and no data leaves your device for that feature. Provider policy: ElevenLabs privacy policy.

5.3 Google Places API

Data sent: the merchant name or partial address you are tagging, plus an approximate location radius. Purpose: suggest nearby merchant matches. Provider policy: Google Maps Platform privacy policy.

5.4 Google Sign-In and Google Calendar API (optional)

Data sent: your authenticated account identifier, and the calendar events the App creates on your behalf. Purpose: create bill reminders and goal-milestone events in your Google Calendar. Provider policy: Google account and Calendar privacy policies. You can revoke access at any time at https://myaccount.google.com/permissions.

5.5 Android System Speech Recognizer

Data sent: captured audio is processed by the on-device or cloud speech-recognition service provided by your device manufacturer or operating system (typically Google). Purpose: convert your speech to text. Provider policy: governed by your device OS provider.

5.6 Plaid (financial-account linking)

Data sent (when you connect an institution): the credentials and account selections you provide inside the Plaid Link flow, plus subsequent account and transaction data the Plaid service returns to the App. Purpose: import transactions and balances from financial institutions you choose to connect. Provider policy: Plaid End User Privacy Policy (https://plaid.com/legal/#end-user-privacy-policy). Plaid is an independent data processor. Linking a financial institution is entirely optional and the App functions without it. You can revoke a Plaid connection from inside the App at any time, which instructs Plaid to stop pulling data on your behalf.

5.7 Google Firebase Authentication

Data sent: the email address, password (transmitted to Firebase over TLS and stored as a salted hash on Firebase’s infrastructure — we do not see or store your plaintext password), or third-party sign-in token (e.g., Google) you use to create your account, plus the resulting account identifier and session tokens. Purpose: authenticate you to the App and protect your account. Provider policy: Firebase Privacy and Security (https://firebase.google.com/support/privacy). Firebase is operated by Google and acts as our authentication service provider. We use Firebase Authentication for credential management; if we additionally use Firebase services such as Cloud Firestore, Cloud Storage, or Cloud Functions to support Community features, those services act as the storage backend described in Section 4 and Section 6.

We do not share your data with any party not listed in this section.

6. Community Features and User-to-User Sharing

The App includes optional Community features (feed, challenges, rankings, and awards). Community is opt-in: it is off by default, and the App’s core budgeting, debt, goal, list, and recipe features work fully without it.

6.1 What you may choose to share

If you enable Community, the information you publish there is visible to other Community users. Depending on which Community surfaces you use, this may include:

  • Your display name and any avatar or profile fields you set.
  • Badges and awards you have earned in the App.
  • Your participation in, and progress within, shared challenges.
  • Your position on optional leaderboards or rankings.
  • Posts, comments, reactions, and similar content you submit to the Community feed.
  • Aggregate or milestone-level financial achievements that you explicitly choose to publish (for example, “reached debt-free” or “hit a savings goal”). The App does not publish your individual transaction history, account balances, or linked-bank details to Community.

6.2 How Community data is stored and exposed

  • Content you publish to Community is stored on our backend (Section 4) and transmitted to other users’ devices through that backend.
  • Other Community users may see, copy, screenshot, or quote what you publish. Once content has been shared, we cannot guarantee that copies do not persist outside our control.
  • You can delete individual Community posts you have authored. Deleting a post removes it from the Community surfaces the App controls, but does not retract copies others may have made.
  • You can disable Community at any time inside the App. Disabling Community stops new publication. To remove previously published content, use the in-App delete controls or contact us at privacy@sierradigitalforge.com.

6.3 Conduct

We do not actively monitor every Community post, but we reserve the right to remove content that violates the in-App community guidelines or applicable law, and to suspend accounts that abuse the feature.

7. Data Retention and Deletion

  • On-device data — including receipts, recipes, transactions, debts, goals, and lists — persists until you delete it inside the App, clear the App’s data in Android settings, or uninstall the App. Uninstalling the App removes all on-device data this App has stored, including the App-scoped DCIM/MiaBudgetBuddy/ folder described in Section 4.
  • In-App “Delete Account & Wipe Data” under Settings → Account immediately scrubs every record on the device and closes the App. Reopen to verify a clean start.
  • Firebase account data: your authentication record and any Community content you have published remain on our backend until you delete your account. You can request account deletion at any time from inside the App (Settings → Account → Delete Account & Wipe Data) or by emailing privacy@sierradigitalforge.com. Deleting your account removes your authentication record from Firebase and the Community content stored under it, subject to short-term backups that age out on a rolling 30-day cycle.
  • Third-party services retain data according to their own policies. To request deletion from Gemini, ElevenLabs, Plaid, or Google services, contact those providers directly using the links in Section 5.

8. Security

  • All third-party API calls and all communication with our Firebase backend use HTTPS (TLS).
  • Passwords are never stored in plaintext. They are transmitted to Firebase Authentication over TLS and stored as salted hashes on Firebase’s infrastructure under Google’s security controls.
  • API keys are stored in build configuration and are not exposed in the App’s UI.
  • App-private storage is protected by Android’s sandboxing model.
  • We do not control the security practices of third-party services beyond using their published APIs as documented.

No method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security and you use the App at your own risk.

9. Children’s Privacy

The App is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at privacy@sierradigitalforge.com and we will delete it.

10. Your Rights

Depending on where you live, you may have rights under privacy laws such as the EU/UK GDPR or the California Consumer Privacy Act (CCPA), including the right to:

  • Access the personal information we hold about you.
  • Request correction or deletion of that information.
  • Object to or restrict certain processing.
  • Withdraw consent for optional features (Community, Calendar, Plaid, ElevenLabs, Gemini) at any time by disabling the feature inside the App or revoking the relevant OS permission.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@sierradigitalforge.com. To remove your account, any Community content you have published, and every record stored on this device in one step, use Settings → Account → Delete Account & Wipe Data inside the App. Alternatively, uninstalling the App removes all on-device data.

11. International Users

The third-party services listed in Section 5 — including Firebase — are operated by companies based in the United States and may process your data outside your country of residence. By creating an account, enabling Community, or using any of the features in Section 5, you consent to that international transfer.

12. Changes to This Policy

We may update this policy from time to time. When we do, we will change the “Last updated” date at the top and, for material changes, present an in-App notice the next time you open the App. Continued use after the effective date of an update constitutes acceptance of the revised policy.

13. Contact

Questions or requests about this policy:

Sierra Digital Forge LLC Email: privacy@sierradigitalforge.com Address: c/o Northwest Registered Agent LLC, 732 S. 6th St., Suite N, Las Vegas, NV 89101, USA

A Nevada domestic, member-managed limited-liability company (Entity ID E57035552026-3, Nevada Business ID NV20263569431, filed 4/29/2026).

This privacy policy is provided as a starting template for the Google Play Store listing. It should be reviewed by qualified legal counsel before publication to ensure it meets the specific requirements of your jurisdiction (including GDPR, CCPA, COPPA, and any local consumer-protection laws), and to confirm that every data flow described above matches the App as shipped.