How your financial data stays safe.

When you connect an account, you sign in to your bank inside Plaid's secure window, not on OpenBudget. Plaid returns a limited, revocable access token. Your bank username and password are never sent to, seen by, or stored on our servers.

OpenBudget connects to your accounts to read them: balances, transactions, and the categories on them. There is no path for OpenBudget, or any AI you connect, to move money, make a payment, or change anything at your bank. The most that can happen is a number being read, never an action being taken.

Bank connectivity is handled by Plaid, the connection network thousands of finance apps use to link to more than 10,000 US banks and card issuers. Plaid encrypts your data and uses each bank's approved connection method, including OAuth wherever the bank supports it.

Every request to OpenBudget travels over TLS, the same HTTPS encryption your bank's own website uses. Your connection to Plaid, and Plaid's connection to your bank, are encrypted in transit.

To make the app and your assistant useful, we store the financial data you connect: your accounts, balances, transactions, and their categories, tied to your OpenBudget account. That data is encrypted at rest in our database. We do not store your bank login credentials; those stay with your bank and Plaid.

When you connect Claude or ChatGPT, they reach your data through an authenticated connection (MCP) tied to your account. Only requests carrying your authorization can read your data, the assistant gets the same read-only access as everything else, and you can disconnect it at any time.

We do not sell, rent, or share your financial data with advertisers or data brokers. Your data is used to run OpenBudget for you, and nothing else. The full detail is in our Privacy Policy.

You can disconnect any linked account at any time, which stops new data from syncing. You can also delete your account and the data we hold for you. If you ever want help with either, email support@openbudget.sh.