Security

Your data security is our highest priority

moneymood is built on a privacy-first foundation. Every architectural decision, every feature, and every line of code is designed with your data protection in mind.

Our Principles

Security built in, not bolted on

Encryption Everywhere

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. Your financial information is protected by the same standards used by Australian banking systems.

Privacy by Design

Privacy is not an afterthought at moneymood. It is built into every feature from the start. We collect only what is needed, and we are transparent about how your data is used.

Your Data, Your Purpose

Your financial data exists solely to provide you with financial insights and analysis. We are transparent about how your data is used.

🔒
Secure Authentication
✔️ Passwords hashed with bcrypt
✔️ JWT with secure refresh token rotation
✔️ Rate limiting on all endpoints
✔️ Anti-enumeration on sensitive routes
✔️ Email verification required
Authentication

Secure access, every time

Your moneymood account is protected with industry-standard security measures. Passwords are hashed using bcrypt with salt, meaning even moneymood cannot see your password. Session tokens are securely rotated and expire automatically.

Rate limiting protects against brute force attempts, and anti-enumeration measures ensure that attackers cannot discover whether an email address is registered with moneymood.

Industry-standard password hashing (bcrypt)
Secure session management with automatic expiry
Protection against brute force and enumeration attacks
Multi-factor authentication (2FA) support planned as an additional security layer for user accounts
Your Control

You decide what happens with your data

moneymood gives you full control over your financial data. You can export your data at any time, revoke any connected account, or delete your entire account and all associated data.

We believe your financial data belongs to you. We are custodians of it while you use moneymood, not owners of it.

Revoke any data connection at any time
Export your data whenever you need it
Delete your account and all data permanently
Clear, transparent privacy policy with no surprises
Consumer Data Right

Secured by Australia's open banking framework

moneymood connects to your financial accounts using Australia's Consumer Data Right (CDR), the government-backed framework that gives you secure, controlled access to your own financial data.

Government Backed

CDR is established under Australian federal law, administered by the ACCC and OAIC.

Read Only Access

moneymood can view your data but can never move money, make payments, or change your accounts.

No Passwords Shared

You authorise connections directly with your bank. Your banking credentials are never shared with moneymood.

Revoke Any Time

Disconnect any account at any time through moneymood or directly through your bank.

Data Handling

How we handle your information

Data Collection

We collect only the financial data needed to provide you with insights and analysis. We do not collect unnecessary personal information, browsing history, or data from other apps.

Data Storage

Your data is stored securely on Australian-hosted infrastructure. All data at rest is encrypted using AES-256. Database access is restricted and monitored.

Data Deletion

When you delete your account, all personal data and financial information is permanently removed from our systems. We do not retain your data after account closure.

Secure. Private. Free to use.

Every feature included. No credit card required. Set up in under 2 minutes.

Get in Touch Read Privacy Policy