Your financial data deserves bank-level protection
We take security seriously. Every layer of Steddi is designed to keep your data private and protected, from encryption to infrastructure to the partners we work with.
Read-only access
When you connect your bank through Plaid, we receive read-only access to your transaction history. We cannot move money, initiate payments, or make any changes to your accounts. Your bank credentials are never shared with us.
End-to-end encryption
All data is encrypted in transit with TLS 1.3 and at rest with AES-256, the same standard used by major banks and financial institutions. Your financial data is never stored in plain text.
Secure infrastructure
Your data is stored on Convex, a cloud database platform with SOC 2 compliance, automatic backups, and infrastructure hosted in secure, geographically distributed data centers.
Authentication via Clerk
Account authentication is handled by Clerk, an enterprise-grade identity provider. Clerk supports multi-factor authentication, session management, and protection against common attacks like credential stuffing.
Plaid certified
Our bank connection partner, Plaid, is used by thousands of financial apps and connects to over 12,000 institutions. Plaid is SOC 2 Type II certified and undergoes regular independent security audits.
Minimal data collection
We only collect the data necessary to provide the service. We do not sell or share your personal or financial information with advertisers or data brokers. We do not use tracking cookies.
How bank syncing works
When you link a bank account, you authenticate directly with your financial institution through Plaid's secure portal. Your username and password are exchanged between you and your bank only. Steddi never sees, transmits, or stores your bank login credentials. Once connected, Plaid sends us a read-only feed of your transaction data, which we use to populate your dashboard.
What we store
We store your account profile (name, email), your transaction records (amount, description, category, date), your budget configurations, and your app preferences. We do not store your bank credentials, full account numbers, or social security number. Transaction data imported via Plaid includes only the fields needed for categorization and display.
You are always in control
You can disconnect any linked bank account at any time from your settings page. Once disconnected, we stop receiving new data from that institution. You can also delete your entire account and all associated data by contacting our support team. We honor deletion requests promptly and remove data from active systems within 30 days.
Have a security concern or want to report a vulnerability? Please contact us at security@steddi.com. For details on how we handle your information, see our Privacy Policy.
Start your journey to financial freedom
Join thousands of people who have already simplified their finances. Setup takes less than two minutes.
Get started for freeNo credit card required