Privacy & Security
We believe that trust starts with 3 core principles: Safety, Privacy, and Ownership. That's why we're building to put people everywhere in complete control of their own financial data.

This is your financial information, it belongs to you and to you alone. If you choose to share it, it is your choice, if you choose to download it, it’s your choice. You are in control. As for us, we see ourselves as custodians, it is our job to keep it safe and protected.

We believe your financial data is private, personal, and sacred. We do not share it with anyone, or any company, not even with our own team, yes you read that correctly. Technically our system can see your data in order to function, but practically, it is completely locked down. We hold the encryption keys to be able to display your data, our databases are encrypted both at rest and at work, that means that even if someone on our team has access to the database they will not be able to see the unencrypted data. We have advanced protection measures in place to hide the keys, and they are physically separated from the database.

For a detailed overview of our Security and Privacy protocols, please continue reading below.
Privacy Protocols
  • Complete Privacy Your passwords, bank accounts, credit cards, debts, assets, notes, and all your other items are protected with strong encryption: All your passwords and other saved items are private. The accounts and items you save in your user account are encrypted. Your password is private. We don’t know your password. Your metadata is private. Metadata like titles, accounts, transactions, institutions, tags, manual entries, and custom icons are also encrypted.
  • Design Our system is private by design. Your data is yours, and we don’t want to know anything about it. We don’t use it, we don’t share it, and we don’t sell it.
  • Only You Only you have access to your data. Your data is encrypted to keep it safe at rest and in transit. Our security recipe starts with AES 256-bit encryption, and we use multiple techniques to make sure only you have access to your information. This is your data, not ours. You have complete privacy.
  • Available Data User’s names, email addresses, usage patterns (i.e. app metrics), and metadata (i.e. system metrics) comprise the primary data which is available and accessible for our use. By using our service you agree to allow us access to this fundamental data.
  • Zero Tolerance We will never share your data with other companies. There are systemic exceptions we set around Available Data usage. Example, sharing of Name and Email with 3rd party providers for email communications (i.e. Mailchimp). Or the sharing of name and email with a foundational service provider such as Apple Inc. Beyond these structures, we implement a zero tolerance policy for sharing any other data with any 3rd parties.
Security Protocols
  • Encryption Our system uses Secure Socket Layer (SSL) and AES-256 encryption. Our security recipe starts with AES 256-bit encryption, and we use multiple techniques to make sure only you have access to your information. AES-256 is the same encryption standard used by banks and financial institutions to secure customer data. We’ve added some extra layers, just in case, which we do not advertise for security purposes.
  • Layering Our proprietary security system is strictly layered across multiple structures and containers in order to ensure that if one becomes compromised, the others will not be affected. This structure is unique in its approach, design, and implementation; at all times it prioritizes the safety of the system, while simultaneously optimizing for advanced performance.
  • Password Management Our internal systems are all strictly managed by a top tier password management system, including both digital and physical keys, digital vaults, complex login structures, and 2FA.
  • Peer Reviewed We encourage others to audit and test our system in order to strengthen it from attacks, and ensure we are constantly aware of vulnerabilities, so we can make sure our code is rock solid.
  • Separated Databases User data is stored on a completely separate database from the system’s database. This structure ensures there is an additional measure on top of our encryption. Separating user data from the database allows us to maintain and support the database without connecting the encrypted data with any specific user’s information.