Can I still use ZenExpenses if I don't trust giving any service my transaction data?

If you prefer not to upload data to any online service, ZenExpenses might not be the right fit. However, since you control exactly what and when to upload, and never share banking credentials, it offers more privacy than most expense trackers.

What if my bank doesn't allow exporting transactions?

Most banks in the US, Canada, and EU offer CSV or Excel export. If yours doesn't, you can manually enter transactions one by one in ZenExpenses, though this is more time-consuming.

Is manual upload more secure than automatic syncing?

It depends on your priorities. Manual uploads mean you never share banking credentials with a third party, reducing one layer of risk. Automatic syncing is more convenient but requires trusting an aggregation service with account access. Neither is inherently better, it's a trade-off between convenience and control.

Can I delete my data from ZenExpenses?

Yes. You can delete individual transactions, entire uploads, or close your account at any time. When you close your account, all transaction data is permanently removed.

Safety & Privacy Policy

We never ask for your online banking username, password, or any direct access to your bank. We don't sell, rent, or share your data with anyone.

What this means in plain words

We never ask for your online banking username, password, or any direct access to your bank.
We don't sell, rent, or share your data with anyone for marketing or any other purpose.

Who we are

ZenExpenses is an expense-tracking tool. You upload your transactions (typically as a CSV or Excel file you exported yourself from your bank), and we help you categorise, summarise, and understand them. This policy explains what we collect, what we don't, and what we do with the data you trust us with.

What we collect

Account information: the email address you sign up with.
Your transactions: the rows you upload, date, description, amount, source, etc. You provide these; we do not pull them from anywhere.
Things you create in the app: categories, tags, rules, preferences, your locale and currency settings.
Basic operational logs: technical request logs (timestamps, error traces) used only to keep the service running and to debug problems. These are not used to profile you.

What we do NOT collect

No bank credentials. We never ask for, accept, or store online-banking logins, OAuth tokens, or any direct connection to your financial institution. You stay in control of what you upload.
No Google Analytics, Meta pixel, Hotjar, Mixpanel, or ad-network tags. We do use Umami, a privacy-friendly, self-hostable analytics tool that records aggregate page views and basic referrer/device info without cookies, without browser fingerprinting, and without collecting personal data or cross-site identifiers. It's used to understand which pages are useful, not to profile you.
No advertising identifiers.
No data we don't need. If we don't need it to run the app, we don't ask for it.

Cookies

We use only strictly-necessary cookies: an authentication session cookie/token so you can stay signed in. That's it. No tracking cookies, no third-party cookies, no consent banner because there's nothing to consent to beyond what's required to make sign-in work.

Who else sees your data

We rely on a small number of subprocessors to operate the service. We've named them by category, not brand, because the brands can change, but the categories don't:

Authentication provider: sees your email address and password hash so you can sign in. Does not see your transactions.
Database / hosting provider: physically stores the encrypted database that contains your account row, transactions, and preferences. They do not access the contents.
Email provider: sends transactional emails (verification, password reset). Sees the email address and the email content we send you.

That's the full list. We do not share data with anyone else, and we do not sell or rent it to anyone, ever.

Your rights

You can:

Export your data at any time using the in-app CSV export.
Correct your data by editing it in the app.
Delete your account, which removes your transactions and personal data from the active database. Backups containing your data expire within 30 days.
Ask questions by emailing us (see §11).

If you are in the EU/UK, you also have rights under the GDPR (access, rectification, erasure, portability, restriction, objection, complaint to a supervisory authority). Email us to exercise any of them.

Retention

Your data lives in the active database until you delete your account. Once you delete it, your data is removed from production and aged out of backups within 30 days.

Security

All traffic uses TLS in transit.
Authentication is handled by a dedicated provider; we never see plaintext passwords.
Access to production data is limited to a small number of operators on a need-to-know basis.
No system is perfectly secure. If we ever discover a breach affecting your data, we'll notify you as required by law.

Children

ZenExpenses is not intended for users under 16. If you believe a child has created an account, please contact us and we'll remove it.

Changes to this policy

If we make a material change, we'll bump the version number at the top, post the new policy in the app, and ask you to re-accept it the next time you sign in. We won't quietly change the rules under you.

Contact

Questions, requests, or concerns: please email the support address listed on our website.

This document is written in plain English on purpose. If something is unclear, that's our fault, please ask.

Your data is yours

Upload a bank statement, categorize transactions with simple rules, and keep control over your financial data.

Try ZenExpenses ↗