Personal CFO
Trust & security

Built to protect your financial life

Per-user data isolation

Every record is scoped to your account at the database layer — no request can reach another household's data.

No passwords to leak

Sign-in is via Google. We never store a password. Sessions are opaque server-side tokens, revocable at any time.

CSRF & transport protection

All state-changing requests are CSRF-protected, and production traffic is served over HTTPS with strict security headers.

Privacy of sensitive figures

Household names and amounts are scrubbed from server logs. Your plan data is never sold or shared.

You own your data

Export everything as JSON, or delete your account and all data permanently — anytime, from the app.

Auditable actions

Sign-ins, plan changes, and admin actions are recorded to a tamper-evident audit log.