Privacy Policy

FlowTrack is built on a simple principle — your financial data is yours and yours alone. We don't connect to your bank, we don't sell your data, and we never will.

Last updated: 25 March 2025

Our privacy promises

No bank connections

We never link to your bank accounts. All financial data is entered by you, manually.

No data selling

Your data is never sold, rented, or shared with advertisers. Our revenue comes from subscriptions, not your information.

Encrypted everywhere

Your data is protected with AES-256 encryption both in transit and at rest. Nothing is stored in plain text.

Export your data anytime

Your data belongs to you. Export everything in standard formats whenever you want — no questions asked.

Delete your account anytime

Changed your mind? Delete your account and all associated data permanently with a single action.

What we collect

We collect only what's necessary to provide you with a great experience. Nothing more.

Account information

  • Your name and email address when you sign up
  • Authentication details (password hash or OAuth provider)

Financial data you enter

  • Income, expenses, assets, and liabilities you manually add
  • Categories, labels, and notes you create
  • Goals and budgets you set

Anonymous usage analytics

  • Pages visited and features used (no personal identifiers)
  • Device type and browser for compatibility
  • Crash reports to fix bugs faster

How we use your data

Authentication

We use your email and authentication details to verify your identity and keep your account secure.

Financial calculations & insights

The financial data you enter is used to calculate your net worth, generate trends, and provide personalised insights — all within your own account.

Improving FlowTrack

Anonymous usage analytics help us understand which features are most valuable and where we can improve. This data never includes personal or financial information.

What we do NOT do

We believe in being explicit about our boundaries. Here's what we'll never do with your data.

  • Connect to your bank accounts or financial institutions
  • Sell, rent, or trade your personal or financial data
  • Build advertising profiles based on your financial behaviour
  • Store passwords in plain text
  • Collect government-issued identification numbers
  • Use tracking cookies or cross-site trackers
  • Train AI or machine learning models on your personal data

How your data is protected

AES-256 encryption

All data is encrypted at rest and in transit using industry-standard AES-256 encryption.

Row-level security

Database-level policies ensure your data is isolated — no user can ever access another user's data.

Secure authentication

We support OAuth-based sign-in and store password hashes using modern, battle-tested algorithms.

HTTPS & rate limiting

All traffic is encrypted via HTTPS. Rate limiting and security headers protect against common attacks.

Third-party services

We use a minimal set of trusted third-party services. None of them have access to your financial data.

Google OAuth

Optional sign-in method — we only receive your name and email

Cloud hosting provider

Secure infrastructure to run FlowTrack — no direct access to your data

Payment processor

Handles subscription payments — we never see or store your card details

Your rights

You have full control over your personal data. Here's what you can do at any time.

Access

Request a copy of all personal data we hold about you.

Correction

Update or correct any inaccurate information in your account.

Portability

Export your data in standard formats (CSV, JSON) at any time.

Erasure

Delete your account and all associated data permanently.

Withdraw consent

Opt out of optional data processing at any time without affecting your account.

Children's privacy

FlowTrack is designed for users aged 18 and above. We do not knowingly collect data from anyone under 18. If we learn that we have inadvertently collected information from a minor, we will delete it immediately.

Cookies

We use only essential cookies required to keep you signed in and maintain your session. We do not use tracking cookies, advertising cookies, or any third-party cookies that follow you across the web.

Data breach notification

In the unlikely event of a data breach that affects your personal information, we will notify you via email within 72 hours of becoming aware of the incident, along with details of what happened and what steps we are taking.

Changes to this policy

We may update this policy from time to time. When we make significant changes, we will notify you via email or through a prominent notice within FlowTrack. We encourage you to review this page periodically.

Questions about your privacy?

If you have any questions, concerns, or requests related to your privacy or this policy, reach out to us anytime.

support@flowtrack.money