We believe the safest data is the data we never touch. ByzCalc is built on a "Local-First" Zero-Knowledge architecture.
Unlike traditional SaaS tools, we do not store your ledgers, bank transactions, or P&L reports on our servers. Your data resides strictly in your browser's Local Storage and is encrypted by your device.
When you use the AI Analyst, data is sent to the LLM (Google Gemini) via a secure, encrypted tunnel. We enforce a strict Zero-Retention Policy, meaning your data is not used to train public models.
Your API keys and sensitive settings are encrypted at rest on your device. Even if ByzCalc were compromised, attackers would find no user financial data to steal because we simply don't have it.
We use Stripe for payment processing. ByzCalc never touches or stores your credit card information. All billing data is handled directly by Stripe's Level 1 PCI-compliant infrastructure.
No. Since you upload CSVs directly to your browser and data is stored locally, we have technically no way to access your financial records.
Because data is stored locally, clearing your cache will wipe your ByzCalc ledger. We recommend regularly using the "Export Data" feature to save a JSON backup of your work.
We run a bug bounty program. If you find a security issue, please email security@byzcalc.com. We respond within 24 hours.