Privacy Policy

Earnest John's YNAB Manager (“the App”) is a personal budgeting tool that connects to your YNAB (You Need A Budget) account via the YNAB API. This policy explains honestly and transparently how your data is accessed, used, stored, and protected.

When you connect your YNAB account, the App requests read and write access to your YNAB budget data, which may include:

• Budget names, categories, and category groups
• Account balances and account names
• Transactions (payees, amounts, dates, memos, flags)
• Scheduled transactions
• Month summaries and budgeted amounts

No data beyond what is necessary to operate the App is requested.

Your YNAB data is used solely to:

• Display your budgets, accounts, and transactions within the App
• Allow you to create, edit, and approve transactions
• Show spending summaries and budget progress

Your data is never used for advertising, profiling, or any purpose beyond the features you explicitly use.

OAuth access tokens are stored server-side in an encrypted session and are never exposed to the browser. Budget data fetched from the YNAB API is held only in memory for the duration of your request and is not persisted to any database or log. No copies of your financial data are stored beyond what is required to serve each page load.

Data in transit is protected by HTTPS/TLS. The App is hosted on Vercel, whose infrastructure security practices are described at vercel.com/security.

Because no financial data is persisted, there is nothing to retain or expire. OAuth tokens are invalidated when you disconnect the App from your YNAB account (via YNAB's Authorized Apps page) or when you request account deletion (see below).

Your YNAB data is never shared with any third party. The only external service the App communicates with is the YNAB API (api.ynab.com) to retrieve and update your data on your behalf. No analytics services, advertising networks, or other third parties receive your financial information.

You can disconnect the App and revoke its access to your YNAB data at any time from YNAB's Authorized Apps settings page.

To request deletion of any data we may hold about you, use the Delete My Account button on the settings page.

If the App begins accessing new YNAB data types or changes how existing data is used, this policy will be updated and you will be asked to review and consent to the changes before the App continues to access your data. The “Last updated” date at the top of this page reflects the most recent revision.