Treziqo Treziqo
Sign up arrow_forward
verified_user

Your data, your rules

Treziqo takes the privacy and security of your financial data seriously. We don't sell your data to advertising partners and don't use it for marketing profiling. We transparently show what data we store, where it's stored, and how it's protected.

public

EU hosting (Hetzner DE)

Server runs in Hetzner datacenter in Germany — under EU jurisdiction and GDPR. No US Cloud Act, no foreign subpoenas. Your data never leaves European legal protection.

Specifically: Hetzner Online GmbH, Falkenstein/Vogtland, ISO 27001 certified.

lock

HTTPS, hashed passwords, 2FA

All browser-to-server traffic uses HTTPS (Let's Encrypt, auto-renew). Passwords are never stored in plaintext — bcrypt hashing on every registration. Sensitive config (SMTP password) is field-level AES-256 encrypted via APP_KEY. **Transaction notes encryption is opt-in** in /settings → Security — once enabled, no one with DB dump read access can read them. Trade-off: it disables full-text search in note text (amount, date, category and account stay searchable). You can enable two-factor authentication (TOTP) in /settings.

Note encryption is optional — default after sign-up is off, so full-text search works. Enabling it (anytime) trades note text search for protection against DB leaks.

backup

Daily backups

Database is backed up daily via Laravel Forge — snapshot to isolated storage for fast recovery after hardware failure, mistake, or migration. We retain the last 14 days of backups.

Backups never leave the EU; only the project author has access.

block

No tracking, no ads

No Google Analytics. No Facebook Pixel. No third-party cookies. Your expenses are never seen by Meta or any ad-tech. The cookies banner only shows technically essential cookies — no „accept all" theatre.

Verify yourself: open DevTools → Network → you'll only see treziqo.com and paypal.com (subscribe flow).

how_to_reg

Your data, your export, your deletion

Anytime in /settings you download a ZIP with everything we have on you — JSON files with accounts, transactions, categories, budgets, payments. Same anytime you delete your account in one click (with confirmation) and everything is gone. No „give us 30 days notice", no retention on our side.

No part of our business depends on holding data against your will — Treziqo is paid by subscription, not by lock-in.

support_agent

Responsible disclosure

Found a security issue? Email security@treziqo.com with details and reproduction steps. I promise a response within 72 hours and a fair approach — no legal threats over good-faith disclosure. We publish known incidents.

Goal is cooperative networks, not an adversarial relationship with researchers.

public
EU hosting + GDPR
Hetzner DE, ISO 27001
backup
Daily backups
Encrypted, 14 days
block
No trackers
No GA, no Pixel
cloud_download
Export anytime
JSON ZIP, full data
mail

Questions, concerns, suggestions?

If something is missing from our transparency, let us know. Treziqo is a tiny company — the project author replies directly. No 5-tier ticketing system.

mail security@treziqo.com
See also: Privacy Policy · Terms of Service · Cookies