Your money, your data, your call. ValueHalla connects via read-only Open Banking to analyse transactions. We can’t move money, and we’ll never sell your personal data.
Read-only access
We can look, not touch. Payments and transfers are out of scope.
Encryption in transit & at rest
TLS 1.2+ and AES‑256 (or equivalent) protect data on the wire and in storage.
You control connections
Connect specific accounts, revoke access anytime, and re‑consent as required.
How bank connections work
Authentication happens with your bank; we never see your password.
You authenticate directly with your bank through our Open Banking partner.
We receive a read‑only token that lets us fetch transactions and balances.
You can disconnect at any time from ValueHalla or your banking app/portal.
For security, banks typically require re‑consent periodically (often ~90 days in the UK).
Data we collect
Only what we need to provide insights—and nothing sensitive like your bank password.
From your bank (read‑only): transactions, merchant descriptors, amounts, balances, account metadata.
From you: email, preferences, optional feelings-tags and short notes about purchases.
We don’t collect: your online banking password or full card numbers.
What we use it for
To help you spend on what you value.
Categorising and analysing spend to surface patterns and trends.
Asking clarifying questions when a transaction’s meaning is ambiguous.
Generating insights, weekly digests, goals, and gentle recommendations.
Improving our models and features (you can opt out of model training in Settings).
Security practices
Defence in depth and least‑privilege by default.
Encryption in transit (TLS 1.2+) and at rest (AES‑256 or equivalent).
Strict access controls, audit logging, and minimal data access for staff.
Secrets stored in a secure vault; regular dependency patching and key rotation.
[Optional when true] Independent penetration tests; [ISO 27001 / SOC 2] once certified.
Privacy & control
Your data, on your terms.
Download, correct, or delete your data at any time in Settings.
Choose which accounts to connect; pause syncing whenever you like.
Transparent AI: see why an insight appears; re‑categorise or mute topics.
You can trigger account deletion from Settings → Privacy. We’ll queue a secure wipe of personal data and connected tokens (subject to legal retention where applicable). You’ll receive an email confirmation when deletion is complete.
Security & Privacy FAQs
Ready to try ValueHalla?
Start free. Connect a bank with read‑only access. Cancel anytime.