← Back
Your data & privacy

Simple, honest,
local-first.

I built this app for users in the US, Canada, UK, Australia, New Zealand, Singapore, and beyond β€” with no servers, so your financial data has nowhere to go but your own device. Your browser translates your CSV files into spending data entirely on your device β€” nothing is uploaded. The app's full source code is public on GitHub β€” anyone can read exactly what it does. Here's how it works.

Last updated June 17, 2026

What leaves your device?
Event
Data sent
Where it goes
Blockable?
Opening the app
Your browser fetches the app's files from the server
Cloudflare's servers
records your internet address, browser type
(standard for any website you visit)
No
Importing a CSV
Nothing
Stays on your device
N/A
Opening the import screen
Cloudflare's servers
Yes
Signing in with Google
Your full financial data
Google's servers
Don't sign in
Signing in with email link
Your email address
+ financial data after sign-in
Firebase (to send the link)
then your account like Google
Don't sign in
Analytics
Session data only
no financial data
Umami (no cookies or personal data)
Yes
Opening the app
Data sentYour browser fetches the app's files from the server
Where it goesCloudflare's servers
records your internet address, browser type (standard for any website)
Blockable?No
Importing a CSV
Data sentNothing
Where it goesStays on your device
Blockable?N/A
Opening the import screen
Data sentcommunity-rules.json
Where it goesCloudflare's servers
Blockable?Yes
Signing in with Google
Data sentYour full financial data
Where it goesGoogle's servers
Blockable?Don't sign in
Signing in with email link
Data sentYour email address
+ financial data after sign-in
Where it goesFirebase (to send the link), then your account
Blockable?Don't sign in
Analytics
Data sentSession data only
no financial data
Where it goesUmami Β· no personal data
Blockable?Yes
Yes = any privacy extension blocks it. No = infrastructure-level, outside your control.
πŸ“„
YOUR BANK OR CREDIT CARD CSV FILE
you import
πŸ’» πŸ“±
YOUR DATA STAYS IN YOUR BROWSER ON YOUR DEVICE
nothing uploaded Β· no account required
⬇
Cloudflare also sends categorization rules to your browser
once per session Β· no financial data leaves your device
without sign-in
Your device only
with sign-in
πŸ”΅ Google's servers
data leaves your device
opt-in only
Without sign-in β€” stays on your device
With sign-in β€” stored on Google's servers
Cloudflare sends categorization rules (no financial data)
πŸ’Ύ Your data saves automatically

The app saves everything β€” accounts, balances, imported transactions, budgets, and snapshots β€” to your browser's local storage. It persists across refreshes and restarts, even without signing in. Your browser processes CSV files locally and nothing leaves your device unless you choose to sync. You can export your transactions and budget history as a CSV anytime from the Spending and Budget tabs, or export a full JSON backup (accounts, budgets, categories, and all transactions) from the overflow menu (β‹―) on the Spending tab β€” and import it back on any device to restore everything.

πŸ” Sign in to sync across devices

Sign in with Google or a passwordless email link and the app backs up your full data β€” accounts, transactions, budgets, categories, and snapshots β€” directly to your account via Firebase. When you sign in, your transaction data leaves your device β€” it's stored in your personal account on Google's servers. Google enforces access at the database level so only you can read it β€” not me. Sign in on any device to restore everything instantly. If you'd rather your data never leave your device, skip sign-in β€” the app works fully without it.

πŸ—‚ Community categorization rules

Once per session when you open the import screen, the app downloads community-rules.json from Cloudflare. This file contains keyword→category mappings the app uses to auto-categorize your transactions. The app sends no transaction data, descriptions, or personal information — it only downloads the rules file. The file lives publicly on GitHub so anyone can audit it. Missing a merchant? Suggest a pattern ↗ — no account required. You can block this download using any privacy extension — the app will still work, but will skip applying community categorization rules to your transactions. Your own custom rules still apply.

Two separate types of data collection happen when you use this app β€” they're easy to confuse:

  • Server logs β€” automatic records that any web server keeps when it delivers files to your browser. Cloudflare records your internet address and browser type when it sends the app to your device (this is standard for any website you visit). This happens on every visit and can't be turned off β€” it's how the web works.
  • Analytics β€” Umami β€” privacy-respecting page view counts (no cookies, no personal data, no cross-site tracking). You can block it with any privacy extension.
πŸ–₯ Cloudflare hosting logs

When you visit this app, Cloudflare records standard server request data: your internet address, browser type, pages requested, and timestamps (this is standard for any website you visit). Cloudflare manages this logging under their own privacy policy β€” the developer has no control over it and no direct access to individual request logs. It contains no financial data; Cloudflare applies the same logging to every website on their network. See cloudflare.com/privacypolicy for details.

πŸ“Š Analytics β€” what's collected

This site uses Umami, a privacy-respecting analytics tool. It records page views, referrer, browser type, operating system, and country (inferred from your IP address, which Umami never stores). Umami sets no cookies, collects no personal data, and never identifies or tracks individual visitors across sessions. You can block it with any privacy extension β€” the app works fine without it.

Frequently asked questions

Why no bank login?+

By design. Most finance apps use third-party services to pull your transactions directly β€” which means your bank credentials end up on someone else's server, with ongoing access to your account. A CSV export is a file your bank already gives you. Same data, no credentials handed over, no third-party aggregation service in the middle, no ongoing access. You choose what gets imported and when.

Can the developer see my financial data?+

No β€” and this isn't just a policy. It's how the app is built. By default, the app saves your data to your browser on your device. I built no mechanism to transmit it anywhere and run no server to receive it. If you choose to sign in, your data syncs to Google's servers via Firebase β€” Google holds it, not me, and only you can read it. Either way, I have no way to see your financial data.

Could a hacker access my financial data?+

No β€” and this isn't just a policy, it's structural. Neither the app nor the developer holds your financial data, so there's nothing to steal. That said, here are the three things someone could theoretically attack, and how each is protected:

  • The app files β€” hosted on Cloudflare. Deploying any change requires the developer's Cloudflare account credentials plus their physical machine, and that account uses two-factor authentication. An attacker would need both to make any change.
  • The source code β€” stored on GitHub, also protected with two-factor authentication. Because the source is public, anyone can verify exactly what the app does and spot anything unexpected.
  • Your synced data β€” only relevant if you've signed in. Firebase security rules enforce that your data is accessible only with your own sign-in credentials. An attacker would need to compromise your account, not the developer's.

None of these paths expose your financial data β€” the app and the developer simply don't hold it.

What if this app shuts down?+

Two scenarios:

  • The website stops working β€” you'd see a 'page not found' message when you try to open it, but your data is unaffected. Without signing in, it lives on your device. With sign-in, it lives on Google's servers via Firebase β€” tied to your sign-in credentials, not to this app.
  • The developer stops updating it β€” the app keeps working exactly as-is. No data loss, no changes.

In either case, export your transactions from the Spending tab, budget history from the Budget tab, or a full JSON backup (everything in one file) from the overflow menu (β‹―) on the Spending tab β€” anytime. Your data outlives the app.

Is my CSV safe after I import it?+

Yes β€” and not just because I say so. Your browser processes the CSV entirely on your device and uploads nothing. The app reads the file, parses the transactions locally, and discards the rest β€” I never receive the file or its contents. If you've signed in, the parsed transaction records sync to Google's servers via Firebase, but your original CSV file never leaves your computer.

Could the developer share my data with governments or law enforcement?+

No β€” and this is technical, not just policy. If you haven't signed in, the app stores your data only on your device and I receive none of it β€” nothing to hand over. If you have signed in, your data lives on Google's servers via Firebase β€” any legal request would need to go to Google directly, not to me. Either way, there's nothing for me to hand over.

Does this app use cookies?+

No β€” Umami sets no cookies and uses no persistent identifiers. Google's infrastructure may set cookies if you choose to sign in for the optional sync feature. You can block analytics entirely with any privacy extension.

What if my device has spyware on it?+

Spyware is malicious software that secretly records what happens on your device β€” it could capture anything visible on your screen or stored locally, including data this app saves to your device. This risk applies to all software that runs locally, not just this app. I can only control what's in the app's code β€” your device is yours to protect. Keeping your operating system and browser updated is the single most effective step you can take.

Does the app work without an internet connection?+

Yes β€” after the initial page load, the app runs entirely in your browser with no connection required. You can view your data, add transactions, and use every feature offline. The only things that need a connection are: loading the app for the first time, downloading the community rules file when you open the import screen (optional β€” the app works without it), and syncing if you're signed in.

What is Firebase and why use it if you care about privacy?+

Honest answer: Firebase is Google infrastructure. I use it here for one thing only β€” optional sign-in and data sync (authentication and database). The app's files are served by Cloudflare, not Firebase. I chose Firebase for auth because it's reliable, well-audited, and handles the hard parts of secure sign-in. The tradeoff is that Google's servers store your data if you choose to sync. If that's a concern, skip sign-in β€” the app works fully without it, and the source code is public so anyone can verify exactly what it does.

Can I self-host this?+

Yes. The full source code is on GitHub β€” it's a single HTML file with no build step or server required. Download it and open it directly in your browser, or host it on any static file host. Your data stays wherever you run it.

What third-party code runs in the app?+

The app uses D3.js, a widely used open-source charting library, to draw the spending visualizations. Like most web apps, it loads this library from jsDelivr β€” a content delivery network (CDN) that serves open-source software files. Your browser fetches it when the app loads. jsDelivr receives no financial data β€” it only delivers a JavaScript file. The same applies to the Firebase Software Development Kit (SDK), loaded from Google's CDN. If you block either request using a privacy extension, your financial data remains completely safe β€” charts won't render without D3, but all your data stays intact and accessible.

Can other websites read my data?+

No β€” and this isn't just a policy, it's how browsers work. Each website gets its own private storage, and your browser strictly enforces those boundaries. No other site can reach what this app stores β€” not by policy, but by technical design.

Your rights

These rights apply to users in the EU (GDPR β€” General Data Protection Regulation), UK (UK GDPR), and similar frameworks elsewhere. I honor them for everyone regardless of location. Because this app holds no financial data on its own servers, most of these rights are already satisfied by design β€” but here's the full picture:

Access Request a copy of personal data held about you. For most users the answer is: none β€” financial data stays on your device. If you've synced, your data is stored on Google's servers via Firebase β€” email me at contact@trakyodollas.com and I'll delete it from the database.
Erasure Request deletion of personal data. Clear all data in the app (β‹― menu) wipes local storage and removes synced data. Or email contact@trakyodollas.com and I'll delete it from the database.
Portability Export your data anytime. Use the CSV export buttons in the Spending and Budget tabs, or export a full JSON backup from the overflow menu (β‹―) on the Spending tab β€” no request needed, no waiting.
Rectification Correct inaccurate data. Your data lives on your device β€” edit transactions directly in the app. No request needed.
Objection Object to processing based on legitimate interest. The only processing in this category is Cloudflare's server logs (IP address, browser type). These are managed by Cloudflare β€” you can limit them by using a VPN or Tor, or contact Cloudflare directly.
Restriction Ask for processing to stop while a dispute is resolved. Email contact@trakyodollas.com and I'll respond promptly.
Legal basis for each type of data processing
Cloudflare hosting logs Legitimate interest β€” logging IP address and browser type is technically necessary to deliver the website. Standard for any web host.
Umami analytics Umami collects no personal data β€” GDPR doesn't apply to this processing. No cookies set, no identifiers stored. Block it with any privacy extension.
Account sync Performance of a user-initiated service β€” explicitly opt-in, clearly optional, and can be revoked by signing out. The app works fully without it.
Questions or concerns?

If you have questions about this privacy policy or how your data is handled, there are two ways to reach me:

βœ‰ contact@trakyodollas.com β€” for privacy questions or anything you'd rather not post publicly
βŽ” GitHub Issues β€” for bugs, feature requests, or public discussion

This app is built and maintained by one person. I read everything. It's free, with no data selling β€” if it's useful to you, you can support its development.