Your Data Security is Our Priority.

Access to Your Data

We believe you should always have full visibility and control over your financial data. Your data belongs to you—and we make it easy to export or delete your records whenever you choose.

Your personally entered data is only accessed by our team when it is absolutely necessary—for example, if you’ve requested help troubleshooting an issue. Even then, access is tightly restricted, logged, and only granted to authorized personnel under strict privacy and security protocols.

We never use your individual data for marketing purposes. For internal analytics and service improvement, we may use aggregated and anonymized data, but this information cannot be traced back to you. For more details about how we handle your personal information, please refer to our Privacy Policy.

To protect your account, we’ve implemented multiple security layers, including multifactor authentication (MFA) during login to verify your identity, and automatic sign-out after periods of inactivity to reduce the risk of unauthorized access. These features help ensure that only you—and no one else—can access your information.

All data is encrypted end-to-end using industry-leading security standards. We use AES-256 encryption to protect your information at rest (when stored in our systems) and TLS encryption to secure all data in transit (when it's sent to or from our servers). This means your information is protected during every stage of its lifecycle on our platform.

We do not see or store your payment details. All billing for the web-based application is handled securely through Stripe, a certified PCI Level 1 payment provider, which means your credit card details never touch our servers. Additionally, our app does not connect directly to your bank accounts or financial institutions; all data is entered by you and stored securely under your control. This gives you complete autonomy over what is shared, and no third-party aggregators or bank credential access is involved.

If you choose to stop using our web-based application, you can delete your account at any time. Upon deletion, all associated data will be permanently removed from our systems in accordance with the data retention provisions of our Privacy Policy.

Digital Products

For our digital spreadsheet templates and one-time product purchases, payments are processed through Shopify Checkout. We do not store any personal financial information submitted through Shopify. All payment details are securely managed by Shopify and its integrated payment gateways, which comply with the PCI DSS (Payment Card Industry Data Security Standard). Shopify's platform provides secure handling of checkout data, and we rely on their infrastructure to ensure the confidentiality and integrity of your purchase information.

For these downloadable digital products, all of your financial data is stored locally on your own device within the .xlsm file. We do not collect or transmit the contents of your file to our servers. The only communication with our systems is for licensing validation purposes, which checks your purchase and activation status. You remain in full control of your data at all times, with no ongoing data exchange or syncing required.

Infrastructure

Our web-based application is built on Supabase, a secure, scalable backend-as-a-service built on PostgreSQL. Supabase powers our core infrastructure, including user authentication, real-time database access, file storage, and serverless functions. It is designed with strong security, performance, and transparency to meet the needs of modern web applications.

All user data is encrypted at rest and in transit using industry-standard protocols. Supabase manages encryption through its own Key Management System (KMS) to ensure your data remains protected at every stage of its lifecycle. Access to sensitive data is tightly restricted using role-based permissions and secure authentication layers.

We perform automatic encrypted backups every 12 hours, allowing us to quickly restore your data in the unlikely event of data loss or disruption. These backups are securely stored and handled in accordance with our disaster recovery and data retention policies.

To enhance performance and protection, our platform uses Cloudflare’s global content delivery network (CDN) to mitigate Distributed Denial of Service (DDoS) attacks and ensure fast, secure access for users around the world. We also monitor login activity, enforce rate limits on API requests, and block suspicious behavior to prevent abuse and unauthorized access.

Security is an ongoing priority. We conduct regular third-party penetration testing, run automated vulnerability scans, and carry out internal code and infrastructure reviews. Security updates are applied promptly to protect against evolving threats and maintain the integrity of your data.

Privacy and Data Handling

We collect only the information you provide or that is necessary to operate and improve our web-based platform, including account details, manually entered financial data, and device usage information. Your data is handled securely with strict confidentiality, and we share it only with trusted service providers who support our operations. We retain your data as long as needed to provide services, comply with legal obligations, and support your account activity. You have full control to delete your account and data at any time. For a detailed explanation of what data we collect, how we use it, and your rights regarding your information, please see our full Privacy Policy.