How Sorted handles
your money data.

Plaid for the link.

Your bank credentials never touch our servers. When you tap “Connect bank”, Sorted hands you off to Plaid — the same network Venmo, Robinhood, Coinbase, Wise, and most of the U.S. fintech industry use.

You log into your bank inside Plaid's sandbox, Plaid issues us a one-way token to read your transactions, and that's it. We never see your username, password, or one-time codes.

Encrypted everywhere.

Transaction data is encrypted at rest with AES-256, in transit with TLS 1.3. Database backups are encrypted with separate keys held by AWS KMS. The Plaid access token itself is encrypted with a per-user envelope key — even a full database leak couldn't be used to re-fetch your transactions.

We don't.

We don't sell your data. We don't share it with advertisers. We don't train AI models on your transactions. The Coach uses an anonymized prompt — your merchant names and amounts go to our AI provider under a zero-retention agreement, your identity stays with us.

We do not have a “monetize the data later” pivot waiting in the wings. The product makes money when you subscribe.

Two taps. Irreversible.

Settings → Account → Delete. Confirm twice. Within 24 hours, every record we have about you — transactions, goals, postcards, Coach history — is permanently destroyed. Plaid token revoked. Stripe customer record deleted. Email purged from our mailing list.

There's no “soft delete”, no recovery window, no manual export step. We chose irreversibility because it forces us to never need your data more than you do.

SOC 2 Type II in progress.

We're in the audit window for SOC 2 Type II via Vanta. Estimated completion Q4 2026. The full report is available under NDA — email security@sorted.money to request.

We follow CIS Benchmarks for our AWS workloads, run dependency scanning weekly via Dependabot + Snyk, and have a public bug bounty (see below).