💾
Local IndexedDB storage
Your cards, balances, and payment history are stored in your browser's IndexedDB — a persistent local database that doesn't leave your device.
IndexedDB API
🔑
AES-GCM encryption
Before data is written to IndexedDB, it's encrypted using the Web Crypto API's AES-256-GCM — the same algorithm used by banks and government systems.
Web Crypto API
🌐
Content Security Policy
Strict CSP headers prevent cross-site scripting attacks and block any unauthorized third-party script from loading — even if our CDN were compromised.
CSP Level 3
📦
Dependency audits
Every dependency is audited on every CI build. We run automated security scans and review all third-party packages before including them.
npm audit · Snyk
☁️
Pro sync: encrypted blobs only
If you use Pro cross-device sync, your data is encrypted client-side before leaving your device. Our servers store encrypted blobs they cannot read.
Zero-knowledge sync
📄
Export warnings
Before any export containing financial data, we display a clear warning and require explicit confirmation. Exported files are labeled with a data sensitivity notice.
PII awareness
What we do collect
In the interest of full transparency — here's the only data that touches our servers at all:
| What | Why | Stored where |
|---|
| Email address (Pro only) | Billing, account recovery | Stripe + our database, encrypted |
| Subscription status | Feature gating | Stripe webhook, our database |
| Encrypted sync blobs (Pro only) | Cross-device sync | Our servers — unreadable without your key |
| Error logs (anonymized) | Bug fixing | Ephemeral, no PII, auto-deleted after 30 days |
✓ We never see your card balances, APRs, payment amounts, or any financial data. This is not a policy choice — it's an architectural one.