Saowa Budget is designed so your budgets, transactions, and notes stay private. Administrators cannot view individual user data; only aggregate, anonymised metrics are exposed for system health.
Row-level security (RLS) and per-workspace membership ensure you only access your own data. Admins are blocked from budget/transaction endpoints.
Personal API keys inherit your permissions, are hashed at rest, and can be locked to IP ranges and expiry. Step-up MFA is required for sensitive actions like key rotation and revocation.
Logs avoid PII. Error and login telemetry are hashed/redacted. Old auth attempts and error logs are purged automatically to minimise retention.
You can rotate/revoke API keys anytime. We’re adding self-serve export/delete next; contact support to request deletion or export in the meantime.
Questions? Reach out to support—we’ll help without ever asking for your budget contents.