Security & data handling

How bank connections work

When you link a bank or card, authorization is handled through Plaid—the same secure connection layer used by thousands of financial apps. You sign in to your bank inside Plaid's authentication flow; Nethaven never sees or stores your online banking username or password on our servers. We only receive the account metadata, balances, and transaction data needed to power your dashboard, budgets, and net worth view.

Connections are read-only. Nethaven can read account and transaction data, but it cannot move money, initiate transfers, place trades, or make changes at your bank on your behalf. If you ever want to revoke access, you can disconnect an account from in-app settings, which stops future syncing immediately. You can also revoke Plaid's authorization directly from your bank's site or app.

Coverage depends on your institution and region. Most major US and Canadian banks are supported, with additional regions handled where Plaid is available. If a particular bank is not reachable through Plaid, you can still add the account manually and keep its balance current by hand—the rest of the dashboard continues to work the same way.

How brokerage connections work

Supported brokerages connect through SnapTrade, which acts as the authorization layer between you and your broker. Your brokerage sign-in is handled during the SnapTrade flow; Nethaven does not store the credentials as plain text. Once connected, holdings, balances, and position values flow into the same dashboard that tracks your budgets, debts, and goals.

Like bank connections, brokerage sync is read-only: we display what you hold, we do not place trades or move funds. Coverage depends on SnapTrade and your region, and the list of supported brokerages changes over time. When your specific brokerage is not yet supported, you can still record holdings manually and update them when you want, keeping your net worth complete.

Crypto tracking

Crypto is tracked read-only. Nethaven never asks for your private keys or seed phrase, and it never takes custody of funds. You can add wallet addresses or supported exchange holdings to track balances, and Nethaven reflects them in your net worth and portfolio view. Tracking is for display and planning—values are not investment advice and are not a substitute for the records your exchange or wallet maintains.

What we store

We store the financial data needed to power your dashboard: account metadata, transactions, budgets, portfolio entries, debts, savings goals, subscriptions, and the settings you configure in the app. We also store the credentials needed to keep your session signed in, encrypted at rest, and tied to your account on this device.

We do not store your bank or brokerage username and password on our servers. We do not store your crypto private keys or seed phrase. We do not sell personal financial profiles to third parties, and we do not use your data to advertise to you on other apps or websites. The first-party analytics we use (described in the Privacy Policy) is limited to operating, securing, and improving the product, and you can disable it from in-app Privacy Settings.

Encryption

Data is encrypted in transit using TLS 1.2 or higher, and we serve the site exclusively over HTTPS with HSTS preload enabled. At rest, sensitive data is stored using modern symmetric encryption, and access to production systems is limited to authorized personnel through access-controlled tooling. The Nethaven web app is served from Cloudflare with Brotli compression, HTTP/3, and additional edge protections enabled.

No method of storage or transmission is fully guaranteed, but we continuously work to reduce risk. We monitor for unusual activity, review access logs, and follow responsible disclosure for any reports we receive.

Account deletion and data export

You can request account deletion at any time from in-app settings (Settings → Delete Account). Deletion removes the account and the financial data tied to it, with limited exceptions where we are required to keep records for legal or compliance reasons. We may retain de-identified, aggregated data that cannot reasonably be tied back to you.

If you cannot access the app, email support@nethaven.app for help with deletion or data export. We process deletion requests as quickly as we can once identity is verified, and we confirm completion by email.

Your choices and controls

• Connections: disconnect any linked account, broker, or wallet from in-app settings to stop future syncing.
• Analytics: disable first-party analytics from Privacy Settings at any time.
• Notifications: control which push notifications you receive, both in-app and at the operating system level.
• Household sharing: invite partners to a shared budget or remove them; each household member always keeps their own login.
• Account deletion: request deletion from Settings or by contacting support, as described above.

Compliance and posture

Nethaven operates as a software provider for personal financial data. We do not act as a bank, broker-dealer, custodian, or money services business, and we do not hold customer funds. Plaid handles bank authentication and SnapTrade handles brokerage authentication, both as regulated third-party data partners. Our role is to read the data these providers surface and present it to you in one place.

If you have security concerns, want to report a vulnerability, or need to reach the team about a privacy or data-handling question, contact support@nethaven.app. We treat security reports as priority work.