Last updated: February 22, 2026
We don't sell your data. Basin is local-first by default: your budget data is stored on your device first, and optional services like bank sync or platform subscriptions only come into play when you enable them.
Basin stores your budget data locally on your device. On the web, local browser storage should be treated like other browser data on that device. Device-level app protection still depends on your phone or browser's own security settings.
If you choose to link your bank account, Basin uses Plaid for account authentication. Basin does not receive your bank login credentials, but linked transactions and access tokens are processed by the Plaid integration used for syncing. Bank linking is optional.
Basin does not use ad trackers or session-replay tools. Operational logs and limited diagnostics may still exist to keep the product running and debug issues, but the goal is to minimize what leaves the device.
Basin is designed to work locally first. If a release enables backup or sync through a platform or partner service, that workflow should be treated as separate from purely local storage and reviewed before you turn it on.
Services like Plaid, RevenueCat, Apple, and email providers may process the narrow slice of data needed for their feature to work. They are not meant to become a general-purpose source of your full financial history.
If you enable Face ID or Touch ID, Basin asks the operating system to verify it's you before unlocking the app. Biometric data itself never leaves your device and Basin never sees or stores it.
Daily reminders are scheduled locally on your device by the operating system. Basin does not send remote push notifications in the current beta, so the reminder content is not transmitted off-device.
If you ask for launch updates on our marketing site, we store your email with our email provider so we can let you know when Basin is available. You can unsubscribe at any time and ask us to remove your address.
Deleting the app clears locally stored app data on that device. Data held by external providers for optional services, such as subscriptions or bank-link infrastructure, follows that provider's retention and deletion process.