How We Keep Your Data Safe
Per Diem is built for people sharing sensitive financial information. This page explains the safeguards we use to protect account data, limit access, and respond quickly when something goes wrong.
What data we access
We request only the financial data needed to power budgeting, net worth tracking, and FIRE projections. We do not ask for unnecessary permissions unrelated to the service.
Encryption and storage
- Traffic between your device and Per Diem services is encrypted in transit with TLS.
- Sensitive provider credentials and access tokens are encrypted before storage.
- Production data stores and backups use encryption at rest.
Access controls
- Internal access is limited to approved personnel with role-based permissions.
- Access to production systems is logged and reviewed.
- Secrets are managed through environment-level secret management workflows.
Application security practices
- Code changes go through review before deployment.
- Dependencies are updated regularly and security issues are prioritized.
- Runtime observability is used to detect, investigate, and remediate failures quickly.
Incident response
If we identify a material security issue, we investigate immediately, contain impact, and implement remediation. When appropriate, affected users are notified with relevant next steps.
Report a vulnerability
If you believe you found a security issue, contact [email protected]. Include reproduction steps and supporting details so we can investigate efficiently.
For additional details on data handling and user rights, read our Privacy Policy and Terms of Service.