Your money is yours.
We just watch the numbers.
Shelter is read-only by design. We can't move your money, sell your data, or show you ads. Every architectural decision starts with your privacy.
Read-only access
Shelter connects to your bank through Plaid using read-only credentials. We can see your balances and transactions, but we can never move money, make payments, or initiate transfers.
- Plaid read-only permissions only
- No ability to move money or make transfers
- No bank credentials stored on our servers
- Revoke access anytime from your bank or Shelter
Subscription-funded
Shelter is funded entirely by subscriptions. We never sell your data, show you third-party ads, or earn affiliate commissions. Our only incentive is to give you the best financial guidance possible.
- No data sales, ever
- No third-party ads or sponsored recommendations
- No affiliate commissions or kickbacks
- Your subscription is our only revenue
Encrypted end to end
Your financial data is encrypted at rest with AES-256 and in transit with TLS 1.2+. Authentication tokens are stored in your device’s secure enclave, never in plain text.
- AES-256 encryption at rest
- TLS 1.2+ for all data in transit
- Secure token storage via device enclave
- No plain-text credentials anywhere
Plaid: the same infrastructure trusted by Venmo, Robinhood, and thousands more
Shelter never sees your bank login. When you connect an account, you authenticate directly with your bank through Plaid's secure widget. Plaid returns a tokenized access key that lets us read balances and transactions—nothing more.
Every account is fully isolated. Your data is never pooled, aggregated, or shared across users.
Questions about security?
We're happy to answer anything about how Shelter handles your data.