1.Our Promise
Built by engineers who take your financial data personally.
Our founding team comes from American Express, Stripe, and Ramp. Companies where protecting sensitive financial data is table stakes. We’ve spent our careers building systems that handle billions of dollars in transactions, and we bring that same rigor to tinyCFO.
We never sell your data. We never share it with advertisers. We only use it to power your platform. Every piece of data we store exists for one reason: to give you a better picture of your finances. If it doesn’t power a feature you use, we don’t need it.
This page breaks down exactly what we store and maps each piece to the feature it enables. You can also read our full Privacy Policy for the legal details.
2.Account & Connection Data
When you connect a bank, brokerage, or credit card through our secure partner (Plaid), or add an account manually, we record enough information to display your accounts and keep them in sync.
| What we record | Why / what it powers |
|---|---|
| Account name & nickname | Display your accounts in the dashboard so you can tell them apart |
| Account type (checking, savings, credit card, investment, etc.) | Group accounts correctly as assets vs. liabilities for net worth calculations |
| Last 4 digits of account number | Help you identify which account is which when you have multiple at the same bank |
| Current & available balance | Show real-time balances on your dashboard and compute net worth |
| Credit limit, interest rate, loan terms | Display credit utilization, loan payoff timelines, and interest costs |
| Institution name & logo | Show recognizable bank names and logos in the UI |
| Connection status & last sync time | Alert you when a connection needs re-authentication so your data stays fresh |
| Currency (USD, EUR, BTC, etc.) | Support multi-currency accounts and convert everything to your home currency |
On the dashboard, you’ll see this data on the overview page, the assets page, and the liabilities page.
3.Transaction Data
Transactions are the backbone of most features. Every time your bank reports a purchase, deposit, or transfer, we store a normalized copy.
| What we record | Why / what it powers |
|---|---|
| Transaction description & cleaned merchant name | Show readable names instead of cryptic bank codes ("AMZN*MK2JR" becomes "Amazon") |
| Amount & currency | Display transaction amounts, compute spending totals, and detect recurring patterns |
| Date (posted & authorized) | Sort transactions chronologically and power date-range filters |
| Transaction type (debit, credit, transfer, payment, etc.) | Distinguish spending from income from internal transfers so your reports are accurate |
| Category (e.g., Food & Drink, Shopping, Transportation) | Power spending breakdowns, budgets, and the spending summary in your AI CFO |
| Status (pending vs. posted) | Show pending charges separately so you know what has cleared |
| User notes & tags | Let you annotate transactions with your own context ("business dinner", "reimbursable") |
You can browse, search, and filter all of your transactions on the transactions page. Your AI CFO also uses this data to answer questions like “How much did I spend on dining out last month?”
4.Investment & Crypto Holdings
If you connect a brokerage, retirement account, or crypto wallet, we track your positions so you can see your full portfolio in one place.
| What we record | Why / what it powers |
|---|---|
| Holding name & ticker symbol (e.g., "AAPL", "Bitcoin") | Display each position in your portfolio view |
| Quantity (shares, coins, units) | Calculate current market value and allocation percentages |
| Cost basis & current price | Show unrealized gain/loss so you can understand performance |
| Asset class (stock, ETF, crypto, bond, etc.) | Power asset allocation charts and diversification analysis |
| Wallet address & blockchain (crypto only) | Fetch on-chain balances for self-custody wallets |
Market and pricing data obtained through our brokerage connectivity partners is used solely to compute the values, allocations, and performance of your own holdings. We do not redistribute market data across users or to third parties.
This data powers the assets page on your dashboard and investment holdings features across your AI CFO tools.
5.Spending Insights & Categories
We maintain a category system so every transaction can be classified. This is what makes it possible to say “you spent $420 on groceries this month.”
| What we record | Why / what it powers |
|---|---|
| Category assignments (system or user-chosen) | Group transactions for spending breakdowns by category |
| Merchant name & normalization | Map messy bank descriptions to clean merchant names and auto-categorize future transactions |
| Category rules (your custom rules) | Automatically categorize future transactions the way you want ("all Costco → Groceries") |
Your AI CFO uses this data for spending summaries and cashflow analysis. On the dashboard, it powers the transaction categories and spending charts.
6.Subscriptions & Recurring Charges
We analyze your transaction history to detect recurring patterns: subscriptions, memberships, bills, and regular income.
| What we record | Why / what it powers |
|---|---|
| Recurring transaction name & merchant | Show you every subscription and recurring charge in one place |
| Estimated amount & frequency (weekly, monthly, annual, etc.) | Calculate your total recurring spend and predict upcoming charges |
| Next expected date | Alert you before charges hit so there are no surprises |
| Whether it's a subscription vs. regular bill | Distinguish cancellable subscriptions from essential bills like rent and utilities |
This powers the subscriptions page and the get_recurring_transactions tool your AI CFO uses when you ask about recurring charges.
7.Net Worth History
We periodically take snapshots of your total assets and liabilities so you can track your net worth over time.
| What we record | Why / what it powers |
|---|---|
| Total assets, total liabilities, net worth at a point in time | Power the net worth chart on your dashboard and trend analysis |
| Per-account balance snapshots | Show how individual account balances change over time |
| Per-holding snapshots (investment accounts) | Track portfolio value and individual position history |
This is the data behind the net worth chart on your dashboard overview and the get_net_worth_history tool in your AI CFO.
8.Your AI CFO (MCP Server)
tinyCFO includes an AI-powered personal CFO that lets you query your finances using natural language. “What’s my savings rate this quarter?”, “Show me all transactions over $500”, “What subscriptions am I paying for?”
This is powered by our MCP (Model Context Protocol) server, which exposes a set of read-only tools that AI clients (like Claude, ChatGPT, or Cursor) can use to answer your financial questions. The tools include:
- Account listing and details: see all your connected accounts
- Balance and net worth summary: current snapshot of your financial position
- Transaction browsing, search, and filtering: find any transaction by name, date, amount, or category
- Spending summary: breakdown by category, merchant, or account over any date range
- Cashflow analysis: income vs. spending, net cash flow, and savings rate
- Recurring transaction detection: subscriptions, bills, and regular income
- Net worth history: track your wealth over time
- Investment holdings: portfolio summary, allocation, and performance
To support audit trails and prevent abuse, we log which tools are called and when. We store:
| What we record | Why / what it powers |
|---|---|
| Tool name and timestamp | Audit logging so you know when your data was queried |
| Response time and status (success/error) | Monitor performance and debug issues |
We do not store the content of your natural language queries in our database. Query processing happens in-memory and is not persisted.
How It Works: The Data Flow
Here’s the full picture of how your data moves through the system:
- 1You connect your bank accounts via Plaid — the same industry-standard service used by Venmo, Rocket Money, and Copilot. You can also manually add holdings (like stock ticker and number of shares) for accounts you prefer not to link.
- 2tinyCFO stores a read-only copy of your financial data (balances, transactions, holdings) so you can see everything in one dashboard.
- 3You authorize an AI client via OAuth. This gives the AI read-only permission to query your data through our MCP server.
- 4When you ask your AI a financial question, it calls our MCP tools to fetch the relevant data, and then answers your question.
- 5All of this is read-only. No AI client can modify, or delete your data. You can revoke access at any time.
9.Supported AI Integrations
tinyCFO works with any AI client that supports the Model Context Protocol (MCP). Each connects to our MCP server via OAuth for read-only access. Your bank connections are handled separately and are not affected by which AI you use. Below are a few popular options:
Poke.com
An AI assistant that works in iMessage and other messaging platforms. Poke is nota banking platform or open-banking provider — it is the messaging interface through which you interact with your authorized tinyCFO data. Think of it as texting your financial assistant.
Claude Desktop (Anthropic)
Connect directly to tinyCFO’s MCP server from Claude Desktop or Claude projects. Claude calls our read-only tools to answer your financial questions.
ChatGPT (OpenAI)
Connect via compatible ChatGPT instances that support MCP tool calling. Same read-only access, same OAuth authorization.
Important: Third-Party AI Data Practices
Once your financial data reaches a Third-Party AI Client in response to a tool call, tinyCFO does not control how that provider processes, stores, or retains it. You should be aware that:
- Consumer-tier AI services may log your queries and the data returned, and may use it for model training
- Enterprise and team plans from AI providers typically offer stronger data retention controls and may disable model training on your inputs
We recommend:
- Review your AI provider's privacy policy before connecting
- Consider using enterprise or team plans with data retention controls
- Prefer asking summarized questions over pulling raw transaction lists with sensitive details
- Remember: once data reaches your AI, we cannot retrieve or delete it from their systems
10.Revoking Access
You have full control over who can access your data and can revoke access at any time. There are two separate types of access to manage:
Revoking AI Access
Delete the API key you issued in your tinyCFO account settings. This immediately invalidates the key and stops all MCP tool calls from any client using it. However, data already sent to an AI provider is subject to their retention policies — tinyCFO cannot delete data from third-party systems.
Disconnecting Bank Accounts
Disconnect via your tinyCFO settings or directly through Plaid. Data sync stops immediately. This is separate from AI access — disconnecting a bank account does not revoke AI authorization, and vice versa. Existing data can be deleted on request.
11.What We Never Store
There are categories of data we will never record, period.
- Your bank login credentials, passwords, or security questions. We use Plaid's secure token exchange and never see your passwords
- Full account numbers or routing numbers. We only store the last 4 digits for display
- Social Security numbers or government IDs
- Physical documents (tax returns, pay stubs, etc.)
- Biometric data
- Data from institutions you haven't explicitly connected
When you connect a bank through Plaid, you authenticate directly with your institution. Plaid gives us a secure, encrypted access token. We never see the username or password you entered.
12.Encryption & Security
We apply multiple layers of protection to your financial data:
- All data is encrypted in transit (TLS)
- Sensitive credentials (like Plaid access tokens) are encrypted with AES-256-GCM field-level encryption. Even if someone accessed our database, these values would be unreadable
- Encryption keys are versioned and rotatable without downtime
- Authentication is handled by Clerk, an enterprise-grade identity provider. We never store or manage your passwords
- All API endpoints require authentication. There are no unauthenticated paths to your financial data
- The MCP server exposes only read-only tools. AI clients can query your data but cannot modify it
For more on our security practices, see Section 5 of our Privacy Policy.
13.Consumer-Directed Data Sharing
You have the right to access your own financial data and share it with services you choose. This principle — known as consumer-directed data sharing — is at the heart of the CFPB’s Section 1033 rulemaking and the broader open-banking movement.
tinyCFO facilitates this right. When you connect your bank accounts and authorize an AI client, you are exercising your right to access your financial data and direct it to a service of your choosing for your personal analysis.
- You decide which accounts to connect and which AI clients to authorize
- All access is strictly read-only — no one can move money or make changes through tinyCFO
- You can revoke any authorization at any time, instantly
- We never share your data with anyone you haven't explicitly authorized
14.Our Security Commitments
We treat your financial data with the same care as the companies we came from: American Express, Stripe, and Ramp. Here’s what that means in plain language:
- We maintain a written information security program with administrative, technical, and physical safeguards, aligned with industry-standard frameworks including the AICPA Trust Services Criteria (SOC 2) and applicable state data security requirements
- Sensitive credentials are encrypted with AES-256-GCM. Even if someone breached our database, these values would be unreadable without the encryption keys
- Your bank passwords, full account numbers, and Social Security numbers are never transmitted to or stored by tinyCFO. You authenticate directly with your bank through Plaid — we never see those credentials
- Every API endpoint requires authentication. There are no backdoors to your financial data
- We log which MCP tools are called and when, so there is always an audit trail
- All data is encrypted in transit (TLS)
For the full technical details, see Section 5 of our Privacy Policy.
15.You Own Your Data
Your financial data belongs to you. Here’s what that means in practice:
- Disconnect any institution at any time. We stop syncing immediately
- Revoke AI access at any time. MCP tool calls stop instantly
- Request deletion of your account and all associated data
- Export your data in a portable format
- Hide accounts from your dashboard without deleting the underlying data
- Override any automatic categorization. Your manual edits always take priority
If you delete your account, we remove your personal and financial data from our active systems. Some data may be retained in de-identified form for a limited period as described in our Privacy Policy.
16.Questions?
If anything on this page is unclear, or if you want to know more about how a specific piece of data is used, reach out. We’re real people, and we’re happy to explain.
Email: support@tinycfo.ai