Security and Safety
Flousi is designed as a local-first finance tracker. This page explains the security model and user responsibilities.
Local-first storage
The review-safe version stores app data on your device or browser by default. Protect your device, browser profile, and device passcode because local app data may be accessible to anyone who can access your device session.
PIN lock
If you enable the app PIN, it helps reduce casual access inside the app. It is not a replacement for your device passcode, biometric lock, password manager, or bank security controls.
Optional sync status
Flousi keeps money records on your device by default and gives profile controls for sign-in, export, and deletion where available. Flousi should not ask for your bank login password, card PIN, or one-time banking codes.
Diagnostic reports
Client diagnostics are disabled by default. If enabled after privacy review, diagnostic reports are scrubbed before storage or forwarding and should not include balances, transaction details, account names, asset names, notes, imports, or finance records.
External services
Optional providers such as OCR, exchange rates, or market data should be used only when configured. If a provider is unavailable, Flousi should show a clear unavailable state instead of inventing data.
Responsible reports
Send security reports to [email protected]. Please do not include passwords, card PINs, or full card numbers in reports.