balenoritha Logo
balenoritha
Activity-Based Budgeting Solutions

Privacy Policy

Your privacy matters to us. This policy explains how balenoritha handles your personal information.

Last Updated: March 15, 2025

Introduction and Data Controller

balenoritha ("we," "us," or "our") is committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information.

As a provider of activity-based budgeting solutions, we understand that trust forms the foundation of our relationship with you. This comprehensive privacy policy outlines our practices regarding personal data collection, processing, storage, and your rights as a data subject under applicable privacy laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

balenoritha operates as the data controller for the personal information we collect through our website, services, and interactions with you. Our registered address is St. James Centre, 24-30 St. James Street, Hessle Road, Hull HU3 2DH, United Kingdom. We take our responsibilities as a data controller seriously and have implemented comprehensive measures to ensure your personal data is handled with care and in accordance with applicable laws.

Information We Collect

Personal Identifiers

We collect your name, email address, phone number, and business information when you register for our services, contact us, or participate in our learning programs.

Financial Information

When you use our budgeting tools, we may collect information about your financial activities, spending patterns, and budget categories to provide personalized insights.

Technical Data

We automatically collect IP addresses, browser information, device details, and usage patterns to improve our services and ensure platform security.

Communication Records

We maintain records of your communications with us, including emails, support tickets, and feedback, to provide better customer service and improve our offerings.

The information we collect falls into several categories, each serving specific purposes in delivering our services. We collect personal identifiers primarily when you voluntarily provide them through our registration process, contact forms, or when enrolling in our educational programs. This information helps us create and maintain your account, communicate with you about our services, and provide personalized support.

Financial information is collected only when necessary for our budgeting services and is handled with the highest level of security. We never collect full bank account numbers or sensitive payment credentials – instead, we focus on spending categories, budget allocations, and financial goal information that you choose to input into our system. Technical data collection helps us understand how you interact with our platform, identify potential security threats, and optimize the user experience across different devices and browsers.

How We Use Your Information

  • Service Delivery: We use your personal information to provide, maintain, and improve our activity-based budgeting platform, including creating personalized budget recommendations and financial insights tailored to your specific needs and goals.
  • Communication: We use your contact information to send important service updates, respond to your inquiries, provide customer support, and share relevant educational content about financial management and budgeting best practices.
  • Platform Security: Technical data helps us protect against fraud, unauthorized access, and security breaches, ensuring the safety of your personal and financial information while maintaining the integrity of our platform.
  • Legal Compliance: We process personal data to comply with applicable laws, regulations, and legal obligations, including tax requirements, financial reporting standards, and data protection regulations.
  • Service Improvement: We analyze usage patterns and user feedback to enhance our platform's functionality, develop new features, and create more effective budgeting tools and educational resources.
  • Marketing Communications: With your explicit consent, we may send promotional materials, newsletters, and updates about new features, educational webinars, and relevant financial management resources.

Our Commitment to Purpose Limitation

We strictly adhere to the principle of purpose limitation, meaning we only use your personal data for the specific purposes outlined in this policy and for which we have a lawful basis. We will never use your information for purposes that are incompatible with those originally disclosed without obtaining your explicit consent.

Data Sharing and Third Parties

We maintain a strict policy regarding data sharing and only disclose your personal information to third parties under specific, limited circumstances. We do not sell, rent, or trade your personal data to any third parties for their marketing purposes. When we do share information, it is always done with appropriate safeguards and legal protections in place.

Service Providers: We work with carefully selected third-party service providers who assist us in delivering our services, such as cloud hosting providers, payment processors, email service providers, and customer support platforms. These partners are bound by strict contractual obligations to protect your data and can only use it for the specific services they provide to us. We conduct regular audits of these relationships to ensure ongoing compliance with our privacy standards.

Legal Requirements: We may disclose your information when required by law, court order, or governmental regulation. This includes responding to legitimate requests from law enforcement agencies, tax authorities, or regulatory bodies. In such cases, we will only disclose the minimum amount of information necessary and will notify you of such disclosures where legally permitted.

Business Transfers: In the event of a merger, acquisition, or sale of our business assets, personal data may be transferred to the acquiring entity. We will provide notice of such transfers and ensure that any receiving party agrees to treat your information in accordance with this privacy policy. You will have the opportunity to delete your account before any such transfer if you choose.

Professional Advisors: We may share information with our legal advisors, accountants, and other professional service providers who assist us in operating our business. These parties are bound by professional confidentiality obligations and can only use your information for the specific professional services they provide to us.

Data Security and Protection

Protecting your personal and financial information is our top priority. We have implemented comprehensive technical, administrative, and physical security measures designed to safeguard your data against unauthorized access, alteration, disclosure, or destruction. Our security framework follows industry best practices and is regularly updated to address emerging threats and vulnerabilities.

Encryption

All data transmission is protected using TLS encryption, and sensitive information is encrypted at rest using advanced encryption standards (AES-256).

Access Controls

We implement strict access controls, requiring multi-factor authentication for system access and limiting data access to authorized personnel only.

Regular Audits

Our security measures are regularly tested through internal audits and third-party security assessments to ensure ongoing effectiveness.

Incident Response

We maintain a comprehensive incident response plan to quickly address any potential security breaches and minimize any impact on your data.

Our technical security measures include secure server infrastructure hosted in certified data centers with physical security controls, regular security patching and updates, continuous monitoring for suspicious activity, and secure backup procedures with geographic redundancy. We also maintain cybersecurity insurance to provide additional protection in the unlikely event of a significant security incident.

From an administrative perspective, all balenoritha employees undergo comprehensive privacy and security training, are bound by confidentiality agreements, and are granted access to personal data only on a need-to-know basis. We conduct regular background checks on employees with access to sensitive systems and maintain detailed audit logs of all data access activities.

Your Rights and Choices

Under applicable data protection laws, you have several important rights regarding your personal information. We are committed to facilitating the exercise of these rights and will respond to your requests promptly and in accordance with legal requirements. Most requests will be fulfilled within 30 days, though complex requests may take longer with appropriate notification.

  • Right of Access: You have the right to request a copy of all personal data we hold about you, including information about how it is being processed, with whom it has been shared, and the legal basis for processing.
  • Right to Rectification: You can request correction of any inaccurate or incomplete personal information. We will update our records promptly and notify any third parties who have received the incorrect information.
  • Right to Erasure: You can request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the original purpose or when you withdraw consent for processing.
  • Right to Restrict Processing: You can request that we limit how we use your personal data in specific situations, such as when you contest the accuracy of the data or object to our processing.
  • Right to Data Portability: You can request a copy of your personal data in a structured, commonly used format that allows you to transfer the information to another service provider.
  • Right to Object: You can object to certain types of processing, including direct marketing communications and processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you can withdraw that consent at any time, though this will not affect the lawfulness of processing that occurred before withdrawal.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided below. We may need to verify your identity before processing your request to ensure the security of your personal data. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).

Data Retention and Deletion

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Our retention periods are based on the nature of the data, the purpose for which it was collected, and applicable legal requirements.

Account Information: We retain your account information, including personal identifiers and service usage data, for the duration of your relationship with us and for up to seven years after account closure to comply with financial record-keeping requirements and potential legal claims.

Financial Data: Budget information, spending categories, and financial insights are retained while your account is active and for up to three years after closure, unless you request earlier deletion. This allows us to provide continuity of service and restore your data if you reactivate your account.

Communication Records: Customer service communications and support tickets are retained for up to five years to maintain service quality, resolve ongoing issues, and comply with business record requirements.

Technical Data: Server logs and technical data are typically retained for 12 months for security and system optimization purposes, after which they are automatically deleted or anonymized.

When the retention period expires, we securely delete or anonymize your personal data using industry-standard data destruction methods. You can request earlier deletion of your data by exercising your right to erasure, though we may need to retain certain information to comply with legal obligations or defend legal claims.

International Data Transfers

While balenoritha primarily operates within the United Kingdom, some of our service providers and technology infrastructure may be located in other countries. When we transfer your personal data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place to protect your information in accordance with UK GDPR requirements.

Adequacy Decisions: We prefer to work with service providers in countries that have been recognized by the UK government as providing adequate protection for personal data, ensuring your information receives essentially equivalent protection to that provided under UK law.

Standard Contractual Clauses: When transferring data to countries without adequacy decisions, we use Standard Contractual Clauses (SCCs) approved by UK authorities, which provide legal guarantees about how your data will be protected and your rights as a data subject.

Additional Safeguards: Beyond legal mechanisms, we implement additional technical and organizational measures such as encryption, access controls, and regular audits to ensure the security of international data transfers. We also conduct transfer impact assessments to evaluate risks and implement additional protections where necessary.

You can request information about specific international transfers of your data and the safeguards we have implemented by contacting us using the details provided in this policy. We will provide clear information about the countries involved, the legal basis for the transfer, and the protection measures in place.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and provide personalized content. We are transparent about our use of these technologies and provide you with choices about how they are used.

Essential Cookies: These cookies are necessary for the basic functioning of our website, including maintaining your login session, remembering your preferences, and ensuring security features work properly. These cookies cannot be disabled without severely impacting site functionality.

Analytics Cookies: We use analytics cookies to understand how visitors interact with our website, which pages are most popular, and where improvements can be made. This information is aggregated and does not identify individual users.

Functional Cookies: These cookies remember your preferences and choices to provide a more personalized experience, such as remembering your preferred language or display settings.

You can control cookie settings through your browser preferences, and we provide a cookie management tool on our website that allows you to customize your preferences for non-essential cookies. Please note that disabling certain cookies may limit the functionality of our website and the quality of your user experience.

Children's Privacy

balenoritha's services are designed for adults and businesses, and we do not knowingly collect personal information from children under the age of 16. Our registration process includes age verification, and our terms of service specify that users must be at least 16 years old to create an account.

If we become aware that we have inadvertently collected personal information from a child under 16, we will take immediate steps to delete that information from our systems. We will also notify the child's parent or guardian if we have contact information available and take steps to prevent future unauthorized access.

Parents and guardians who believe their child may have provided personal information to us should contact us immediately using the contact details provided below. We will investigate the matter promptly and take appropriate action to protect the child's privacy.

Updates to This Policy

We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or business operations. We will notify you of any material changes through multiple channels, including email notification to registered users and prominent notices on our website.

Minor updates that do not materially affect your rights or our data processing practices will be posted on our website with an updated "Last Modified" date. Major changes that significantly impact how we collect, use, or protect your personal data will be communicated with at least 30 days' advance notice, giving you time to review the changes and make decisions about your continued use of our services.

We encourage you to review this privacy policy regularly to stay informed about our data practices. Your continued use of our services after any policy updates constitutes acceptance of the revised terms, though you always retain the right to delete your account if you disagree with any changes.

Contact Information

If you have questions about this privacy policy, want to exercise your data rights, or need to report a privacy concern, please contact us through any of the following methods:

Email: info@balenoritha.com
Phone: +448438868470
Mail: St. James Centre, 24-30 St. James Street, Hessle Road, Hull HU3 2DH, United Kingdom

We are committed to addressing your privacy concerns promptly and thoroughly. Most inquiries will receive a response within 48 hours, though complex matters may require additional time for proper investigation and resolution.