Security & Trust

Your money data, protected.

Smata Systems started because our founder wanted to understand his own finances — so we treat your financial data the way we'd want ours treated. Security wasn't bolted on later; it was built in from the first line of code.

🔒 Your bank login is never stored

When you connect a bank, authentication happens through Plaid's secure, OAuth-based connection — the same technology trusted by major financial apps. Smata never sees or stores your bank username or password. Prefer not to connect a bank at all? You can simply upload a CSV instead.

🛡️ Encrypted, coming and going

Your data is encrypted in transit (everything travels over HTTPS) and encrypted at rest on our servers. The most sensitive items — like the keys that link to your bank — get an additional layer of encryption on top of that.

👁️ Only you see your full picture

Every part of Smata is scoped to your account. Your data is never sold, never shared with advertisers, and never used to target you with ads. We don't make money from your data — we make it from a simple subscription. That's the whole model.

✅ Security-first, and tested

Smata is built to widely-recognized web security standards (the OWASP Top 10), and an automated security test suite runs on every deployment to catch regressions before they ship. Our bank integration also passed a third-party production security review before going live.

🎛️ You're in control

What we don't do

Always improving

Security is never "done." We continuously review our systems, keep our dependencies current, and expand our protections as we grow. If you're a security-minded organization evaluating Smata and want more detail, we're happy to talk.

Questions about security or privacy? Reach us at security@smatasystems.com.