It’s a fair question, and you should ask it of any app that touches your money. Here’s exactly how Buoy connects to your accounts — no jargon.
Buoy never sees your bank password
When you link an account, you log in through Plaid, the same connection layer that thousands of banks and finance apps already use. Your bank credentials go to your bank, not to Buoy. We never see them, and we never store them.
The connection is read-only
This is the part most people don’t realize: the link is read-only. Buoy can see your transactions and balances so it can categorize spending and run your count-up budgets — but it cannot move money, make payments, or change anything in your accounts. There is no pathway for Buoy to touch a dollar.
Your data is encrypted
Account data is encrypted both in transit (on its way to and from your bank) and at rest (while it’s stored). You can disconnect an institution at any time, which cuts off Buoy’s access immediately.
What Buoy does with the data
One thing only: help you understand and grow your money. Transactions are categorized, subscriptions are surfaced, and your daily allowances update. We don’t sell your financial data — see our Privacy Policy for the specifics.
Linking a bank should feel safe because it is safe when it’s done right. That’s the bar we hold ourselves to.