🛡️

Trust & Security Center

Every question a cautious user should ask — answered plainly.

🔑 The most important thing to know

Your financial transactions and data live in your own Google Sheets or OneDrive Excel file — inside your personal Google Drive or Microsoft OneDrive account. GFinTrack reads that file to show you insights, but we do not copy your transaction history onto our servers. You own it, you control it, and you can revoke our access in one click at any time.

🗺️

Where Your Data Actually Lives

Most finance apps pull your data into their own database. GFinTrack works differently. Here is the exact data flow:

📊

Your Google Sheet

Google Drive — your account

GFinTrack

Reads & displays — no copy stored

📱

Your screen

Charts, analytics, insights

📗

Your OneDrive Excel

OneDrive — your account

GFinTrack

Reads & displays — no copy stored

📱

Your screen

Charts, analytics, insights

What GFinTrack stores in its own database: Your email address, name, feature preferences, tax profile, and session tokens to keep you logged in. Not your transactions, balances, account numbers, or any financial history. That all stays in your spreadsheet.
🔵

Google Access — Exactly What We Can See

When you sign in with Google or connect Google Sheets, you see an OAuth consent screen. Here is what each permission actually means in plain English.

Google Sheets — spreadsheets.readonly scope

✓ We CAN see

Read the one specific spreadsheet you connect to GFinTrack
Read the cell values, formulas, and sheet names in that file
Refresh that data automatically every 6 hours to show you current balances

✗ We CANNOT see

Read, edit, or delete any other file in your Google Drive
Access your Gmail, Calendar, Contacts, or any other Google service
See your Google account password or recovery information
Create, modify, or delete any spreadsheet
Share your spreadsheet with anyone
Google Drive — drive.file scope (receipt storage only)

✓ We CAN see

Create and read a single folder named GFinTracker-Receipts in your Drive
Upload receipt images you explicitly choose to save
Read files that GFinTrack itself created in that folder

✗ We CANNOT see

See, read, or modify any other folder or file in your Drive
Access files not created by GFinTrack
Delete your Drive files
Share any of your files
Revoke at any time: Visit myaccount.google.com/permissions → find GFinTrack → Remove Access. This immediately disconnects the app. Your spreadsheet and all its data remain in your Google Drive completely untouched.
🔷

Microsoft OneDrive Access — Exactly What We Can See

If you choose OneDrive + Excel for your data sync, here is what the Microsoft OAuth permission covers.

Microsoft OneDrive — Files.ReadWrite.AppFolder scope

✓ We CAN see

Read and write to a dedicated app folder in your OneDrive (GFinTracker-Sync.xlsx)
Sync your financial data to that Excel workbook every 6 hours
Read rows you add directly in Excel and pull them back into the app
Create the sync workbook on first use if it doesn't exist

✗ We CANNOT see

Access any other file or folder in your OneDrive
Read your personal documents, photos, or other files
Access your Outlook, Teams, or any other Microsoft service
See your Microsoft account password or recovery information
Share your files with anyone
Microsoft OneDrive — Files.ReadWrite (receipt storage only)

✓ We CAN see

Create and manage a folder named GFinTracker-Receipts in your OneDrive
Upload receipt images you explicitly choose to save
Read receipt files previously saved by GFinTrack

✗ We CANNOT see

Read, modify, or delete any file you didn't upload through GFinTrack
Access your other OneDrive folders or files
Share your OneDrive files with anyone
Revoke at any time: Visit account.live.com/consent/Manage → find GFinTrack → Remove. Your OneDrive files and Excel workbook remain completely intact and in your possession.
🗄️

What We Store (and What We Don't)

✓ Stored on our servers

Your email address and display name
Household/budget name
Sign-in method (Google, Microsoft, or email/password)
Hashed password (bcrypt, cost 12) — never plaintext
Feature preferences and module settings
Tax filing status and state (for tax estimates only)
Session tokens — expire automatically
Security event logs — 90-day rolling window

✗ Never stored on our servers

Your financial transactions or balances
Bank account or credit card numbers
Investment holdings or portfolio values
Budget categories or spending history
Tax document contents
Receipt images (stored in your Drive/OneDrive only)
Google or Microsoft access tokens (never persisted)
Any financial data from your spreadsheet
🚫

Do You Sell or Share My Data?

No. Full stop.

Do you sell data to advertisers?

No. We do not work with ad networks or data brokers.

Do you share data with banks or financial institutions?

No. We have no relationships with any financial institution.

Do you use my data to train AI models?

No. Your data is never used to train any AI or machine learning system.

Do you share data with third parties?

Only with the infrastructure services required to run GFinTrack: Supabase (database hosting on AWS), Vercel (web hosting), and Resend (transactional email only). None of these receive your financial data — only the minimum required to operate (e.g., your email for authentication).

Could you change this policy?

Any material change to our data practices will be communicated to all users by email at least 30 days before it takes effect. You can delete your account and data at any time before or after such a change.

🔐

Security Controls

Here is every technical safeguard we have in place, without the marketing fluff.

🔒

AES-256 Encryption at Rest

All data in the Supabase PostgreSQL database is encrypted at rest using AES-256.

🌐

HTTPS / TLS in Transit

All traffic between your browser and GFinTrack is encrypted with TLS 1.2+. HTTP is never used.

🧱

Row-Level Security (RLS)

Every database table has RLS policies enforced at the PostgreSQL level. Your rows are invisible to other users — even if there were a query bug.

🔑

Bcrypt Password Hashing

Passwords are hashed with bcrypt at cost 12 before storage. Plaintext passwords never touch our database.

⏱️

Short-Lived JWT Sessions

Session tokens expire automatically and are invalidated immediately on sign-out. Sign out all devices in one click from Settings.

🚦

Rate Limiting on Auth Endpoints

Login, registration, and password reset endpoints are rate-limited to prevent brute-force attacks.

🔐

OAuth 2.0 for Google & Microsoft

We never see your Google or Microsoft password. Authentication is handled entirely by those providers.

📋

Security Event Logging

Logins, password changes, and sign-out events are logged with timestamps, IP, and device information for a 90-day rolling window.

🔍

Independent Security Audit

GFinTrack completed a full-scope penetration test in May 2026 covering source code, API endpoints, authentication flows, data isolation, and production configuration. All critical and high-severity findings were fully remediated before this report was published.

Completed

Penetration Test — May 2026

Full-scope black/grey-box pentest covering authentication, authorization, data isolation, dependency security, and production hardening.

0 Open

Critical & High Findings

All 7 original findings (SRC-001 through SRC-007) and all 7 validation findings (VAL-001 through VAL-007) fully remediated.

Active

CI Security Gates

Every code push is automatically checked: zero TypeScript errors, zero npm vulnerabilities, lint enforcement, and production build validation.

Purged

Git History Sanitized

All credential files removed from entire git history. Remaining secrets rotated. Row-level security enforced on every database table.

🗺️ Next: Independent SOC 2 Type II audit. We will email all users when this is available.
⚖️

Your Rights & Controls

You have mechanical control — not just promises. Every action below is available in your account today without needing to contact us.

⬇️

Export All Your Data

Download everything GFinTrack holds about you as an Excel workbook — one click from Settings → Account → Export My Data.

🔓

Revoke Cloud Access

Revoke GFinTrack's read access to your Google Sheet or OneDrive Excel file at any time via Google Account Permissions or Microsoft Account Consent. Your spreadsheet is unaffected.

📵

Sign Out All Devices

Immediately invalidate every active session on every device — Settings → Account → Sign Out All Devices.

🗑️

Delete Your Account & All Data

Permanently delete your GFinTrack account and all associated data within 30 days — Settings → Account → Delete Account. Your Google Sheet and OneDrive files are never touched.

✏️

Correct Your Data

Update your name, email, tax profile, or any other setting at any time in Settings.

📬

Know About Breaches

If a security incident ever affects your data, we will notify you by email within 72 hours of confirmation — no exceptions.

GDPR & CCPA: If you are an EU/UK resident (GDPR) or California resident (CCPA/CPRA), you have additional rights including restriction of processing, objection, and the right to lodge a complaint with a supervisory authority. Full details are in our Privacy Policy.
🔮

What Happens If GFinTrack Shuts Down?

Because your financial data lives in your own Google Sheet or OneDrive Excel file, nothing is lost if GFinTrack ceases to operate. Your spreadsheet stays in your personal cloud storage — permanently accessible, completely under your control.

The account data GFinTrack holds (email, preferences, etc.) would be deleted from our servers as part of any wind-down process. You would be notified by email with at least 30 days notice and prompted to export any remaining data.

Bottom line: The most important data — your financial history — was never on our servers to begin with.

🏅

Certifications & Compliance

Active

HTTPS / TLS

All traffic encrypted in transit

Active

AES-256 at Rest

Database encrypted at rest

Active

GDPR Compliance

Full rights + DPA available on request

Active

CCPA / CPRA

California privacy rights honored

Active

Two-Factor Auth (TOTP)

Authenticator app + backup codes

May 2026

Penetration Test

All critical and high findings remediated

Active

CI Security Checks

Automated audit, typecheck, lint, build on every push

📬

Contact & Responsible Disclosure

Privacy questions

GDPR/CCPA requests, data deletion, or anything about how your data is handled.

privacy@gfintrack.com

Security vulnerabilities

Found a security issue? Please report it responsibly — we take all reports seriously and respond within 48 hours.

security@gfintrack.com
🤖
HomeTxnsStocksTax
Trust & Security | GFinTrack | GFinTrack