Pricing Compare FAQ Login Get Started Free

Privacy & Security

Your financial data is yours. MyPB is designed from the ground up to keep it that way.

No Bank Linking

We never ask for your bank credentials. You enter transactions manually, so your login details are never shared with any third party — not us, not Plaid, not anyone.

No Data Selling

We don't sell, share, or monetize your financial data. Ever. Our business model is simple: you pay for the product, not the other way around.

Encrypted Storage

Your data is encrypted at rest and in transit. Passwords are hashed using industry-standard algorithms. We follow security best practices at every layer.

Why We Don't Link to Your Bank

Most budgeting apps require you to hand over your bank credentials to a third-party aggregator like Plaid or Yodlee. This creates real risks:

  • Credential exposure — your bank username and password are stored on third-party servers
  • Broad data access — aggregators often request read access to your full transaction history, balances, and account details
  • Breach risk — a single breach at an aggregator can expose millions of users' banking credentials
  • Terms violations — many banks explicitly prohibit sharing credentials with third parties

MyPB takes a different approach. You enter your transactions manually. This means:

  • Your bank credentials never leave your bank
  • No third-party aggregator has access to your accounts
  • You stay in full compliance with your bank's terms
  • Manual entry makes you more aware of your spending habits

How We Protect Your Data

Authentication

Passwords are hashed with bcrypt. Sessions are secured with HTTP-only cookies, strict same-site policies, and automatic expiration. Failed login attempts are rate-limited to prevent brute-force attacks.

Data Storage

Your budget data is stored in a dedicated database with parameterized queries (no SQL injection). We store only what's needed: your name, email, and the budget data you create.

Transport Security

All connections are encrypted with TLS (HTTPS). Data in transit between your browser and our servers cannot be intercepted or read by third parties.

CSRF Protection

Every form submission is verified with a unique token to prevent cross-site request forgery. This ensures actions can only be performed by you, from your own session.

Access Control

Budget sharing uses granular permissions (full access or read-only). Only people you explicitly invite can see your data. You can revoke access at any time.

Secure Communication

Password reset emails use time-limited, single-use tokens. Invitation links expire and can only be used once. We never send sensitive data via email.

What We Collect & What We Don't

What we store

  • Your name and email address
  • Your hashed password (we can't read it)
  • Budgets, accounts, categories, and transactions you create
  • Assets and liabilities you add for net worth tracking
  • Your theme preference (light/dark)

What we never collect

  • Bank account credentials or login details
  • Social security or government ID numbers
  • Credit card or payment card numbers
  • Location data or device fingerprints
  • Data from third-party financial aggregators

Budget with confidence

Your data stays yours. No bank linking, no data selling, no compromises.

Get Started Free

No payment details required