Privacy, Security, and Your Data

3 min readUpdated July 13, 2026

Most finance apps ask you to trust them with your bank login and then work hard to be worthy of it. Wealth Mutant's answer is structural: we never ask. What follows is the full picture of what we hold, what we can't see, and what you control.

No bank linking, by design

Every transaction in your account exists because you typed it. That's the product philosophy — awareness through recording — but it's also the security model: there is no aggregator token, no scraped credential, no third party holding a key to your bank on our behalf. The most sensitive thing we store is what you chose to write down.

Payments

Purchases run through Razorpay (PCI DSS SAQ A) with 3-D Secure/OTP verification. Card numbers go from you to them; Wealth Mutant never sees or stores them. Details: Pricing, trial, and refunds.

AI features

AI Chat sends your financial context to the provider only when you send a message, only for that conversation, and it isn't used to train models. If you bring your own API key it's encrypted at rest (AES-256), never logged, never shown again after saving. Full detail: Using AI Chat.

Support access — granted by you, or not at all

Support staff cannot open your account. If a support issue ever needs eyes on your data, you create a grant in Settings → Data Access — scoped, time-limited, and revocable by you at any moment:

The Data Access settings screen where a user can grant and revoke time-limited support access
No grant, no access — and every grant shows here until you revoke it.

Exit rights

  • Export everything, anytime — transactions as CSV or your complete data as a ZIP: Export your data.
  • Delete your account — Settings → Delete Account removes your data. The export button sits right next to it; take your archive first.

More in Billing & Account

New to Wealth Mutant? See how it works — track your money in an app you own forever.