Skip to main content
Your Privacy Matters

Your data is safe with us

We understand that trusting an app with your financial data is a big decision. That's why security isn't just a feature — it's the foundation of everything we build.

Start Free View Privacy Policy
bcrypt
Password Hashing
2FA
Authentication
EU
Data Hosting
GDPR
Compliant

Our security promises

These are the commitments we make to every Assetli user

We never sell your data

Your financial data is yours and yours alone. We will never sell, rent, or share your personal information with advertisers or data brokers. Period.

Read-only access only

Assetli never connects to your bank account and cannot make any payments or transfers. We only work with files you upload or data synced through Wallet by BudgetBakers in read-only mode.

Passwords are never stored in plain text

Your password is hashed using bcrypt with a high number of iterations. Even we cannot see your password. Sensitive data like Family Legacy notes are encrypted with AES-256-GCM.

Data stays in the EU

Your database is hosted on MongoDB Atlas in the EU (Frankfurt, Germany — AWS eu-central-1), ensuring compliance with EU data protection regulations.

How we protect your data

Multiple layers of security work together to keep your information safe

Encrypted connections

All communication between your browser and our servers is encrypted using HTTPS (TLS). Sensitive data like Family Legacy notes and API keys are additionally encrypted with AES-256-GCM at the database level.

Secure authentication

We support two-factor authentication (2FA) via TOTP apps like Google Authenticator, secure Google OAuth login, and automatically lock accounts after repeated failed login attempts.

Regular security reviews

We regularly review our codebase for security vulnerabilities using automated AI-powered audits and promptly fix any issues found. We continuously follow security best practices.

Automatic backups

Your data is automatically backed up by MongoDB Atlas with point-in-time recovery. Files are stored on Cloudflare R2 with built-in redundancy across multiple locations.

Monitoring and analytics

We use application monitoring to detect errors and issues in real-time. This helps us identify and fix problems quickly before they affect your experience.

Continuous updates

We regularly update dependencies, security measures, and follow the latest security best practices to keep the application protected against emerging threats.

What we never do

Clear commitments about what you will never have to worry about

We never sell your personal or financial data to third parties

We never share your data with advertisers or marketing companies

We never use your data to show you targeted ads

We never store your bank login credentials

We never connect directly to your bank or make any transactions

We never keep your data after you delete your account

Standards & compliance

We follow industry standards for data protection

GDPR Compliant

Full compliance with EU General Data Protection Regulation. You can export or delete all your data at any time directly from settings.

HTTPS Everywhere

All connections are protected with TLS encryption. Your data is never transmitted in plain text.

Trusted Infrastructure

Hosted on MongoDB Atlas (AWS), Vercel and Cloudflare — industry-leading platforms with their own security certifications and compliance standards.

Security FAQ

No. We never connect to your bank. When you import transactions, you upload a CSV/PDF file or paste text. If you use Wallet by BudgetBakers integration, it also works in read-only mode only. We cannot make any payments or operations on your accounts.
Passwords are stored as bcrypt hashes and cannot be reversed. Sensitive data like Family Legacy notes are encrypted with AES-256-GCM. Payment processing is handled entirely by Stripe — we never store your card details. In case of any security incident, we will notify affected users immediately.
Absolutely. You can delete your account and all associated data at any time from your settings. Deletion is immediate and permanent — we don't keep hidden copies.
Your database is hosted on MongoDB Atlas in Frankfurt, Germany (AWS eu-central-1). Files are stored on Cloudflare R2. The application runs on Vercel. All providers are established platforms with their own security standards.
Only with essential service providers: MongoDB Atlas (database), Cloudflare (files), Vercel (hosting), Stripe (payments), Resend (emails). These providers only process data necessary for their service. We never share your financial data with advertisers or data brokers.

Ready to take control?

Start managing your finances with confidence. No credit card required for the free plan.

Create Free Account

Free forever plan available. Cancel anytime.