Trust & security
Fintech is a trust business. We don't hand-wave about it. This page describes how Unfazed protects your financial data in plain language. What we do, what we don't, and what we'd tell you if something went wrong.
Every household account has its own encryption key. Your financial amounts, plans, and transactions are encrypted at rest with that key, so a database leak alone would yield ciphertext an attacker cannot read. Unfazed is not architected to bulk-decrypt user data. Reading across households on a whim is not a capability we have.
Every financial amount in our system is encrypted at rest. Our analytics pipeline does not see your balances, your transactions, or how much you spent on anything. The shape of usage is what we measure. The numbers themselves stay where they belong.
Every write to your data is audit-logged. Every entry you create, every series you modify, every plan you stage. The record is tamper-evident, and it is what we would pull if you disputed a change or if we had to investigate an incident.
We keep encrypted recovery copies of your data so we can restore it if our primary storage ever suffered an unrecoverable corruption event. Those copies are encrypted such that obtaining them in isolation gives an attacker nothing useful. Recovery is a posture for catastrophe, not a convenience for us.