свод.ли / documentation
Download

Security

Svodly is built on the local-first principle: your finances live on your device, not on someone else's servers. The cloud is connected at your discretion and is used only for syncing devices and shared access. This page describes what is protected, and how.

Where your data is stored

On desktop and mobile, your book lives in a local database inside the app's internal storage. In the web version it lives in isolated browser storage: other sites and other users of the computer cannot access it.

Until the cloud is connected, your data never leaves the device. You control your backups yourself: export a book to a file (“Import & export”) and local backups on desktop and mobile.

Connection security

Every connection the app makes to the Svodly Cloud is encrypted (TLS) — the same class of protection your online bank uses. Data is never sent over the network in the clear.

What is stored in the cloud

If you have connected the Svodly Cloud, our servers hold:

Content encryption is not end-to-end: a book has no personal key without which it cannot be read. This is a deliberate decision — it lets us restore access if you lose your password (more in “FAQ”). Access to the servers is strictly limited; we do not view or analyse the contents of your books.

If you need the strictest possible model, work without the cloud. A local book does not pass through our infrastructure at all.

Account access

What we don't do

These commitments are set out in the Svodly manifesto and don't change between versions.

Anonymous telemetry

Telemetry is off by default — the app sends nothing. You can turn it on in Settings → About → Anonymous telemetry (desktop and web). Then once a day an anonymous report is sent: the app version, operating system and interface language. Book data, identifiers and IP addresses are not included in the report. The mobile app does not send telemetry.

If a device is lost

  1. From any other device, open Sync → Devices and close the session of the lost device.
  2. Change your account password — the other devices will be disconnected automatically.
  3. The local copy of the book stays on the device and is protected by the device's own means: screen lock and system encryption. Keep them turned on.

You can always take your data with you

The whole book exports to JSON, and transactions to CSV and Excel. The files can be read without our app — that's part of the manifesto: your data belongs to you.

Where to go next