FinAtlas
What leaves your device — and what never does
Your statement files never leave your device
When you import a bank, card, or investment statement, the file is parsed inside your browser. There is no file upload. What reaches our server is only the list of transaction rows you saw on the preview screen and chose to save.
Verify it yourself: open your browser's developer tools → Network tab while importing. You'll see one JSON request with the previewed rows — never the file.
PDF passwords stay in your browser
Some statements (e.g. moomoo) are password-protected. The password you enter is used once, in your browser, to open the file for parsing. It is never stored and never sent to the server.
What we do store
The transaction rows, balances, and holdings you confirm at import, plus the things you configure in the app (accounts, category rules, people, filter presets). That's what powers your net worth, spending, and investments views. We never ask for — and cannot access — your banking credentials. There are no analytics or advertising trackers.
Your data is never hostage
Settings → Your Data gives you a one-click download of every row we store about you, and a delete-everything button that permanently removes your account and all of its data.
Where this is heading
The roadmap is local-first: your ledger living on your device, with the server holding only end-to-end-encrypted sync blobs it cannot read. The in-browser parsing you have today is the first step of that architecture.