Skip to main content

Privacy Policy

Your privacy is fundamental to everything we do

Version 2.5 - Last updated: 24th February 2026

TL;DR

  • We will never sell, trade, or rent your personal data to anyone.
  • Your financial data is encrypted in transit and at rest. Only you and the systems that serve your requests can access it.
  • AI features process your data in real time and never store it. Your data is never used to train AI models.
  • We use privacy-friendly analytics (Plausible) that sets no cookies and stores no personal data.
  • You can export, correct, or delete your data at any time. Delete your account and we remove your data within 30 days.

This summary is provided for convenience. The full policy below is the legally binding version.

Introduction

Doughsense Ltd ("we," "our," or "us") is a company registered in England and Wales. We take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at doughsense.com (the "Website") and when you use our web application at app.doughsense.com (the "Service"), regardless of where you are located in the world.

Information We Collect

Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Financial Information: Account balances, transaction data, income, expenses, and financial milestones you choose to track
  • Voice Data: If you use dictation, audio is streamed to Amazon Transcribe for real-time conversion to text. Audio is not stored after transcription.
  • Profile Information: Currency preferences, notification settings, and other personalised preferences
  • Communications: Any messages or feedback you send to us

Information Collected Automatically

  • Usage Data: How you interact with our Service, features you use, and actions you take
  • Device Information: Device type, operating system, unique device identifiers
  • Log Data: IP address, browser type, pages visited, time and date of visits

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process and track your financial data as you request
  • Send you notifications about your account and financial milestones
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyse usage patterns to improve user experience
  • Detect, prevent, and address technical issues
  • Comply with legal obligations

Data Security

We implement industry-standard security measures to protect your information:

  • All data is encrypted in transit using SSL/TLS
  • Sensitive data is encrypted at rest
  • Access to personal information is restricted to authorised personnel only
  • Regular security audits and updates
  • Secure authentication with multi-factor login support

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following situations:

  • With Your Consent: When you explicitly agree to share information
  • Service Providers: With trusted third parties who assist us in operating our Service, subject to appropriate data processing agreements (see "Service Providers" below)
  • Legal Requirements: If required by law or to respond to legal process
  • Protection of Rights: To protect the rights, property, or safety of Doughsense Ltd, our users, or others

Service Providers

We use the following service providers to operate the Service. Appropriate data processing agreements are in place with each provider to ensure your data is handled in accordance with applicable data protection law.

  • Stripe: the payment process for subscriptions is handled by Stripe, a third-party payment provider. See the Stripe Privacy Policy for full details.
  • Amazon Web Services: application hosting, infrastructure, and AI-powered features. Data processed in the EU. See the AWS Privacy Policy for full details.
  • Cloudflare: content delivery and DDoS protection. Traffic passes through Cloudflare's global network for security and performance; no personal data is stored on edge nodes. See the Cloudflare Privacy Policy for full details.
  • Resend: transactional email delivery. Data processed in Ireland (EU). See the Resend Privacy Policy for full details.
  • Sentry: error monitoring. Data processed in the EU. Session replay and DOM snapshots are disabled. Error data is retained for 90 days. See the Sentry Privacy Policy for full details.
  • Plausible: privacy-friendly website analytics. EU-based. Plausible does not use cookies or store personal data. IP addresses are anonymised with a daily-rotating hash and are never stored. See Plausible's data policy.
  • Google: if you choose to sign in with Google, the authentication process is handled by Google. By using this option you are agreeing to Google's terms and privacy policy. See the Google Privacy Policy for full details.
  • Apple: if you choose to sign in with Apple, the authentication process is handled by Apple. By using this option you are agreeing to Apple's terms and privacy policy. See the Apple Privacy Policy for full details.
  • Fider: the public feature suggestions board at doughsense.fider.io is a separate third-party service. Any information you provide there is governed by Fider's own policies. See the Fider Privacy Policy for full details.

AI Features

The Service includes optional AI-powered features (such as the AI assistant) that process your financial data to provide personalised insights and suggestions.

  • AI processing is performed via AWS Bedrock in the EU region
  • Your data is processed in real time and is not stored by the AI model provider
  • Your data is not used to train or improve AI models
  • AI features do not make automated decisions that produce legal or similarly significant effects: all outputs are informational suggestions only
  • If you use dictation, audio is streamed to Amazon Transcribe in the EU region for real-time speech-to-text conversion. No audio is retained after transcription.

Your Data Rights

Under the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Update or correct inaccurate information
  • Erasure: Request deletion of your account and associated data
  • Data Portability: Download your data in a portable format. You can export your data directly from the Settings page within the Service.
  • Objection: Object to processing of your personal data
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us at privacy@doughsense.com. We will respond to your request as soon as possible.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal obligations.

Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately and we will take steps to delete such information.

International Data Transfers

As we operate internationally, your information may be transferred to and processed in countries other than your country of residence, including the United Kingdom where we are based. These countries may have data protection laws that are different from the laws of your country.

We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy. When transferring data outside the UK, we rely on:

  • Adequacy decisions by the UK government
  • Standard contractual clauses approved by the UK Information Commissioner's Office
  • Other appropriate safeguards as recognised by UK data protection law

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will notify you via email or through the Service.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: Processing necessary to provide our Service to you
  • Legitimate Interests: Processing necessary for our legitimate business interests
  • Consent: Where you have given explicit consent for specific processing
  • Legal Obligations: Processing necessary to comply with legal requirements

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Doughsense Ltd

Company No. 16611898

ICO Registration Number: ZB948761

71-75 Shelton Street

Covent Garden

London WC2H 9JQ

United Kingdom

Privacy Team: privacy@doughsense.com

General Enquiries: hello@doughsense.com

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.